lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040901203144.45640.qmail@web51505.mail.yahoo.com>
From: keydet89 at yahoo.com (Harlan Carvey)
Subject: Microsoft Update Loader  msrtwd.exe

> Recently discovered a trojan(? - possibly a virus)
> called msrtwd.exe.
> It's listed in the Registry as "Microsoft Update
> Loader"
> 
> Does anyone know anything about this?   Google
> doesnt offer much.

Where in the Registry did you find it?  Which key(s)? 
What about this makes you think it's a Trojan?  Did
you run fport/openports and find it listening on a
port?  Where does the Registry entry point to within
the file system?  Since the file is an .exe file, did
you check it for version information?

Since filenames are the easiest thing about a file to
change, is there any information other than simply the
name that you can provide?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ