wmiapsrv.exe

April 14, 2009 2:00:00 AM CEST

Microsoft Windows WMI Service Isolation Local Privilege Escalation Vulnerability – Type: Vulnerability. Microsoft Windows is prone to a privilege-escalation vulnerability; fixes are available.

May 27, 2010 9:07:28 AM CEST

Windows WMI Abused for Malware Operations – TrendLabsSM recently handled a client case last March wherein two peculiar malware leveraged a Windows service—Windows Management Instrumentation (WMI)—to execute their malicious routines. WMI lets users access and retrieve information about their OSs. It is particularly useful for administrators, especially in enterprise environments, as it manages applications found on systems connected to a network using any [...]Post from: TrendLabs | Malware Blog - by Trend MicroWindows WMI Abused for Malware Operations

November 16, 2009 9:10:24 PM CET

What a performance! –  We came across an interesting test report at http://www.passmark.com/ftp/antivirus_10-performance-testing-ed2.pdf. Symantec commissioned a comparative performance test from Passmark. That is, a test measuring performance in terms of speed and resource usage rather than looking at detection rates. Not surprisingly, Symantec came out very well overall, and deserves congratulations for demonstrating how far it's gone in addressing its [...]

May 13, 2010 1:27:40 PM CEST

New Papers (1): Performance Testing – The methodology and categories used in performance testing of anti-malware products and their impact on the computer remains a contentious area. While there’s plenty of information, some of it actually useful, on detection testing, there is very little on performance testing. Yet, while the issues are different, sound performance testing is at least as challenging, in its own way, as detection testing. Performance testing based on assumptions that ‘one size [or methodology] fits all’, or that reflects an incomplete understanding of the technicalities of performance evaluation, can be as misleading as a badly-implemented detection test.

August 2, 2010 7:02:00 AM CEST

Famous Violinist Joshua Bell Plays At Metro Station – Email forward claims that virtuoso violinist Joshua Bell performed incognito at a metro station in Washington DC playing on a violin worth millions of dollars but his performance received very little interest from passersby.

December 21, 2009 4:07:04 PM CET

Microsoft Virus Scanning Recommendations Bring Risks – We have recently received queries from customers about the official exclusion list recommendations from Microsoft. It seems that they have published a Knowledge Base entry that lists down recommendations to improve performance in Windows when running antivirus scanners. This list recommends customers to exclude certain extensions and folders from antivirus scanning. Now, although it actually makes [...]Post from: TrendLabs | Malware Blog - by Trend MicroMicrosoft Virus Scanning Recommendations Bring Risks

January 27, 2009 8:58:00 AM CET

not-a-virus:PSWTool.Win32.RAS.g – This hacker tool is designed to restore activation codes for Windows XP and Microsoft Office 2003. It is a Windows PE EXE file. It is 272357 bytes in size. It is packed using UPX. The unpacked file...

December 26, 2009 6:37:00 PM CET

A Thought or Two about Testing – The Hype-free blog at http://hype-free.blogspot.com/2009/12/congratulation-to-av-comparatives.html yesterday mentioned the latest AV-Comparatives round of test reports, including: The whole product dynamic test at http://www.av-comparatives.org/comparativesreviews/dynamic-tests The December 2009 performance test at http://www.av-comparatives.org/comparativesreviews/performance-tests The summary reports at http://www.av-comparatives.org/comparativesreviews/main-tests/summary-reports I have a pretty jaundiced view of testing organizations in general: after all, I see some pretty awful tests proclaimed by the testers and others as [...]

April 15, 2009 10:17:00 AM CEST

Trojan-Dropper.Win32.Agent.albv – This Trojan has a malicious payload. It is a Windows PE EXE file. It is 23552 bytes in size. Installation The Trojan copies its executable file as follows: %WinDir%\system\svhost.exe In order to...

September 25, 2009 1:51:00 PM CEST

Backdoor.Win32.Clampi.a – This Trojan spy program is designed to steal confidential user data and remotely manage the victim machine. It is a Windows PE EXE file. It is 470 bytes in size. Installation When launched, the Trojan creates the following file: %AppData%\.exe

» The Latest Computer Security News