Re: strange software > winsupdater.exe
dave_mikesch_at_baxter.com
Date: 03/16/05
- Previous message: Harlan Carvey: "RE: strange software > winsupdater.exe"
- Maybe in reply to: SDA: "strange software > winsupdater.exe"
- Next in thread: Jim Harrison (ISA): "RE: strange software > winsupdater.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: SDA <sda-cr@racsa.co.cr> Date: Wed, 16 Mar 2005 11:18:22 -0600
Hi,
Though there is little (or no) info on the file, I would bet my last dollar
that it's a virus or other malware file. Here's why:
1) No info on the file through Google or webferret searches. If it was
legit, there would be info. Especially at Microsoft's site.
2) It shouldn't be in the Registry at startup locations.
3) It probably has a recent creation date, since it was recently placed on
your machine.
I would delete it in the Registry and in any folders.
Best Regards,
Dave Mikesch
|---------+---------------------------->
| | SDA |
| | <sda-cr@racsa.co.|
| | cr> |
| | Sent by: |
| | sda-cr@racsa.co.c|
| | r |
| | |
| | |
| | 03/15/2005 02:39 |
| | PM |
| | |
|---------+---------------------------->
>--------------------------------------------------------------------------------------------------------------|
| |
| To: incidents@securityfocus.com |
| cc: |
| Subject: strange software > winsupdater.exe |
>--------------------------------------------------------------------------------------------------------------|
Hi:
We are looking at an abnormal program named "winsupdater.exe" and we are
having trouble installing antispyware software on the infected computers,
and the antivirus is not detecting the malware.
We were able to disable it manual trough regedit, were it leaves a key
entry
in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run named
"Microsoft Window Updater", but anyone knows if this is a new virus or
spyware?
Esteban Lara
Director de IT
Soluciones Digitales de Almacenamiento S.A.
The information transmitted is intended only for the person(s)or entity
to which it is addressed and may contain confidential and/or legally
privileged material. Delivery of this message to any person other than
the intended recipient(s) is not intended in any way to waive privilege
or confidentiality. Any review, retransmission, dissemination or other
use of, or taking of any action in reliance upon, this information by
entities other than the intended recipient is prohibited. If you
receive this in error, please contact the sender and delete the
material from any computer.
For Translation:
http://www.baxter.com/email_disclaimer
- Previous message: Harlan Carvey: "RE: strange software > winsupdater.exe"
- Maybe in reply to: SDA: "strange software > winsupdater.exe"
- Next in thread: Jim Harrison (ISA): "RE: strange software > winsupdater.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
