-
May 6th, 2011, 01:20 AM
#1
Mysterious user account
Hi,
I was updating a Windows XP SP3 box and happened to notice that I had a new user account in documents and settings, called "UpdatusUser".
It had shortcuts to Windows remote assistance and LG updater. The LG item is the DVD drive in this box.
I looked at user accounts in control panel and the account wasn't displayed there.
A bit of investigation revealed that it must have happened when I updated the nVidia management software and drivers for the GeForce 8400GS video card. I allowed the updater utility to be installed, as there was no warning that it would create a system account.
Apparently it will do the same thing in Vista and Windows 7.
I am no expert at malware authorship but it did occur to me that this could be a potential exploit vector?
I uninstalled the nVidia updater utility and noticed that this does not get rid of the phantom account.
I am still trying to figure out the LG DVD drive bit though, as I can't quite see the connection?
The driver was 270.61
Similar Threads
-
By steve.milner in forum IDS & Scanner Discussions
Replies: 5
Last Post: August 12th, 2004, 12:23 PM
-
By Nokia in forum Tips and Tricks
Replies: 4
Last Post: June 18th, 2004, 04:24 PM
-
By mrleachy in forum *nix Security Discussions
Replies: 4
Last Post: October 18th, 2002, 01:27 PM
-
By Joey_Batch_File in forum The Security Tutorials Forum
Replies: 10
Last Post: September 20th, 2002, 09:03 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|