SUCATREG.EXE trying to access the Internet
From: Donut (none@none.com)
Date: 04/16/03
- Next message: Art Kopp: "Re: SUCATREG.EXE trying to access the Internet"
- Previous message: Colonel Flagg: "Re: does https secure the whole transmission?"
- Next in thread: Art Kopp: "Re: SUCATREG.EXE trying to access the Internet"
- Reply: Art Kopp: "Re: SUCATREG.EXE trying to access the Internet"
- Reply: David: "Re: SUCATREG.EXE trying to access the Internet"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Donut <none@none.com> Date: 16 Apr 2003 20:25:49 GMT
I saw this in my firewall log for the first time today - about a dozen
instances of C:\Windows\System\SUCATREG.EXE attempting to access the
Internet.
I did a Google search and was alarmed to see this activity associated with
the Win32Magistr-A virus. The virus definition page at sophos.com did
mention that this file can be present on non infected systems.
A complete virus scan revealed nothing. I haven't received any emails with
attachments.
My question now is - does anybody know what the purpose of this file is?
>From it's name, I would guess some kind of automatic update or registration
phone home. But I never saw it before, and I don't have anything on my
system now I didn't always have.
Suspects could be MusicMatch Jukebox, SpyBlocker, or MS Works auto updater.
Is there any kind of utility that can examine files and trace their origin,
use and activity? How handy would THAT be!
- Next message: Art Kopp: "Re: SUCATREG.EXE trying to access the Internet"
- Previous message: Colonel Flagg: "Re: does https secure the whole transmission?"
- Next in thread: Art Kopp: "Re: SUCATREG.EXE trying to access the Internet"
- Reply: Art Kopp: "Re: SUCATREG.EXE trying to access the Internet"
- Reply: David: "Re: SUCATREG.EXE trying to access the Internet"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
