Full Disclosure mailing list archives
Re: Microsoft Update Loader msrtwd.exe
From: Harlan Carvey <keydet89 () yahoo com>
Date: Wed, 1 Sep 2004 13:31:44 -0700 (PDT)
Recently discovered a trojan(? - possibly a virus) called msrtwd.exe. It's listed in the Registry as "Microsoft Update Loader" Does anyone know anything about this? Google doesnt offer much.
Where in the Registry did you find it? Which key(s)? What about this makes you think it's a Trojan? Did you run fport/openports and find it listening on a port? Where does the Registry entry point to within the file system? Since the file is an .exe file, did you check it for version information? Since filenames are the easiest thing about a file to change, is there any information other than simply the name that you can provide? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft Update Loader msrtwd.exe S.A. Birl (Sep 01)
- Re: Microsoft Update Loader msrtwd.exe James Tucker (Sep 01)
- Re: Microsoft Update Loader msrtwd.exe Jan Muenther (Sep 02)
- Re: Microsoft Update Loader msrtwd.exe Harlan Carvey (Sep 01)
- Re: Microsoft Update Loader msrtwd.exe joe smith (Sep 01)
- Re: Microsoft Update Loader msrtwd.exe Joe Stewart (Sep 02)
- <Possible follow-ups>
- RE: Microsoft Update Loader msrtwd.exe Todd Towles (Sep 01)
- Re: Microsoft Update Loader msrtwd.exe S.A. Birl (Sep 02)
- RE: Microsoft Update Loader msrtwd.exe Todd Towles (Sep 02)
- Re: Microsoft Update Loader msrtwd.exe James Tucker (Sep 01)