Security Incidents mailing list archives
Re: strange software > winsupdater.exe
From: Jeremy Anderson <jeremy () angelar com>
Date: Wed, 16 Mar 2005 16:11:21 -0600
On Wed, 2005-03-16 at 12:53 +1300, Nick FitzGerald wrote:
Filenames are all but totally useless for diagnosing malware, spyware _AND_ the normal operation of a system.
Actually, I'd say they're fairly useful, if you plug them into google. Sites like iamnotageek.com have pretty good information repositories on what is legitimate and what is not. a filename is no substitute for actual forensic analysis, but it can give you a good leg up on many, many pieces of spyware and malware. -- Jeremy Anderson Author, MultiTool Linux http://www.angelar.com/~jeremy jeremy () angelar com http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?userid=UG0uEnaAUk&isbn=0201734206&itm=8
Current thread:
- strange software > winsupdater.exe SDA (Mar 15)
- Re: strange software > winsupdater.exe Nick FitzGerald (Mar 16)
- Re: strange software > winsupdater.exe Justin (Mar 16)
- Re: strange software > winsupdater.exe Jeremy Anderson (Mar 17)
- Re: strange software > winsupdater.exe Nick FitzGerald (Mar 28)
- Re: strange software > winsupdater.exe Paul Laudanski (Mar 28)
- Re: strange software > winsupdater.exe Justin (Mar 16)
- Pubstro rash David Gillett (Mar 17)
- Re: Pubstro rash Mark Coleman (Mar 17)
- RE: Pubstro rash Steve Drees (Mar 17)
- RE: Pubstro rash Alexandre Skyrme (Mar 17)
- Re: Pubstro rash Jeff Kell (Mar 18)
- RE: Pubstro rash David Gillett (Mar 18)
- Re: strange software > winsupdater.exe Nick FitzGerald (Mar 16)
- <Possible follow-ups>
- Re: strange software > winsupdater.exe Harlan Carvey (Mar 16)