Security Incidents mailing list archives

RE: winad.exe and winad-update.exe

From: PNIXON () ci somerville ma us
Date: Thu, 25 Oct 2001 15:24:23 -0400

I saw these this morning.  McAfee caught them as WinAd.A and WinAd.B

No information available through their site.

Patrick Nixon
Network Engineer
City of Somerville
Information Technology
pnixon @ ci . somerville . ma . us

-----Original Message-----
From: Mike Shaw [mailto:mshaw () wwisp com]
Sent: Thursday, October 25, 2001 2:45 PM
To: INCIDENTS () securityfocus com
Subject: winad.exe and winad-update.exe


Anyone ever heard of these?  Norton is calling them "backdoor.trojan" and 
quarantining them.  They don't appear to be coming in via email.

-Mike


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

winad.exe and winad-update.exe Mike Shaw (Oct 25)
- <Possible follow-ups>
- RE: winad.exe and winad-update.exe PNIXON (Oct 25)
  - RE: winad.exe and winad-update.exe Jensenne Roculan (Oct 25)