lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <e92364c304090113107157baa4@mail.gmail.com>
From: jftucker at gmail.com (James Tucker)
Subject: Microsoft Update Loader msrtwd.exe

google came back with a forum to do with sdbot; however, the file was
listed as "Morphine".

I saw a copy of one of the recent worms which had generated a very
large number of exe's which all had previously uncaptured names.

If it's not being picked up by your virus scanner, send it to their
team, get another and run a scan over the computer from a known clean
source, such as a BartPE bootdisk or a remote uncompromised box.

On Wed, 1 Sep 2004 15:08:56 -0400 (EDT), S.A. Birl <sbirl@...ple.edu> wrote:
> Hello all:
> 
> Recently discovered a trojan(? - possibly a virus) called msrtwd.exe.
> It's listed in the Registry as "Microsoft Update Loader"
> 
> Does anyone know anything about this?   Google doesnt offer much.
> 
> Thanks
> 
>  Scott Birl                              http://concept.temple.edu/sysadmin/
>  Senior Systems Administrator            Computer Services   Temple University
> ====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*====*
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ