• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

what is msupdater.exe?

D

dbarton

Senior member

Just by chance i was poking around my startup diretcory today, and I saw a file called
msupdater.exe set to run the next time I rebooted.

The file date was today and the file time was about noon.

I did a google search and found NO mention of this file. Norton AV doesnt see it as any danger.

I moved it to be safe..

Anyone?

 
Have you recently run Windows or Office Updates and haven't since cleaned your internet cache?
 
Originally posted by: Nithin
Run it. 😀
Click to expand...

I know you were joking, but it's kinda careless to give out advice like that. Some people would take you seriously and actually run it.

I assume it's some kind of trojan that's just come out so too new to have any mentions yet..

To clarify, this was added by some process to my startup directory the other day, but not by me. I had been working on the start menu, went a few web sites, and just by chance noticed it has been added in the last hour or so.

It was NOT there before that.
 

I looked inside MSUPDATER with a sector editor and I see:

http://00hq.com/update/winshow.dll..

So, I have a feeling this got there thru a hole in Internet Explorer, and when I rebooted my machine it would have installed the 'Winshow.dll' browser hijack which would have taken me to ad pages.

Look out people.
 
It is absolutely a hijacker. New too. Winshow.dll is very very bad.
It is joined with the latest and badest hijacker called coolwwwsearch that keeps coming back and back unless you can delite this from the registry with Hijack This a program that has helped to id registry and starup issues and fixes them by deletion.
You were very clever in moving it and looking inside it.
Very very few people know about it outside this forum
http://forums.techguy.org/showthrea...97ba&threadid=142771&perpage=15&pagenumber=11
http://forums.techguy.org/showthread.php?s=&postid=1176554#post1176554
http://forums.techguy.org/t142771/s7d62720727a29c274e59acdf0d6ca801.html
Nothing seems to work except using HiJack This and looking at each line to see what needs to be removed.
It is hitting millions of people everyday who have no idea they have been taken over with the spyware/hijacker.
 
I wonder how it got into my system.

I think that it came thru a pop up window in IE, as I hadn't downloaded anything and have a firewall and Norton AV.

Seems like IE has a hole, maybe still the "objectdata vulenarbility" and it can easily be the big leak into our systems even if we think we are protected.

Anyone know how to fix IE to not allow this? Some settings I can change in there?
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top