Unexpected activity

General Network security, firewalls, port filtering/forwarding, wireless security, anti-spyware, as well as spam control and privacy discussions.
Post Reply
alexf
Member
Posts: 43
Joined: Thu Apr 18, 2002 1:14 am
Location: California, USA

Unexpected activity

Post by alexf »

I noticed the following files added or changed for no apprent reason for two days in a row starting yesterday.
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\cdm.dll
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuapi.dll
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuaueng.dll
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wucltui.dll
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wups.dll
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wups2.dll
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuweb.dll
C:\WINDOWS\LastGood\system32\cdm.dll
cdm.dll->C:\WINDOWS\system32\cdm.dll.wusetup.287703.bak
cdm.dll.wusetup.287687.new->C:\WINDOWS\system32\cdm.dll
C:\WINDOWS\LastGood\system32\wuapi.dll
wuapi.dll->C:\WINDOWS\system32\wuapi.dll.wusetup.292375.bak
wuapi.dll.wusetup.292343.new->C:\WINDOWS\system32\wuapi.dll
C:\WINDOWS\LastGood\system32\wuauclt.exe
wuauclt.exe->C:\WINDOWS\system32\wuauclt.exe.wusetup.293140.bak
wuauclt.exe.wusetup.293125.new->C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllcache\cdm.dll
C:\WINDOWS\LastGood\system32\wuaueng.dll
wuaueng.dll->C:\WINDOWS\system32\wuaueng.dll.wusetup.293796.bak
wuaueng.dll.wusetup.293750.new->C:\WINDOWS\system32\wuaueng.dll
C:\WINDOWS\LastGood\system32\wucltui.dll
wucltui.dll->C:\WINDOWS\system32\wucltui.dll.wusetup.294031.bak
wucltui.dll.wusetup.294031.new->C:\WINDOWS\system32\wucltui.dll
C:\WINDOWS\LastGood\system32\wups.dll
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
C:\WINDOWS\LastGood\system32\wups2.dll
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784

\wups2.dll
C:\WINDOWS\LastGood\system32\wuweb.dll
wuweb.dll->C:\WINDOWS\system32\wuweb.dll.wusetup.295031.bak
wuweb.dll.wusetup.294984.new->C:\WINDOWS\system32\wuweb.dll
C:\WINDOWS\system32\dllcache\wuapi.dll
C:\WINDOWS\system32\dllcache\wuauclt.exe
C:\WINDOWS\system32\dllcache\wuaueng.dll
C:\WINDOWS\system32\dllcache\wucltui.dl

Something similar happenned to my computer at work the day before.
Does anybody observe a similar issue?
Looks like Microsoft, but my computers are set to download updates & not to install them
Thanks in advance for your response.
alexf
Top
User avatar
mnosteele52
Posts: 11913
Joined: Tue Jul 24, 2001 12:00 pm
Location: Chesapeake, VA

Post by mnosteele52 »

Read HERE.

:)
Top
alexf
Member
Posts: 43
Joined: Thu Apr 18, 2002 1:14 am
Location: California, USA

Post by alexf »

Thank you very much. It galls me that they will do that & concerns me; if Microsoft can do this, so can hackers.
alexf
Top
Post Reply

Return to “Network Security”