NewKidOnForum
New Member
Hi there,
Today one of mi servers reboot with no apparent reason, when I saw the windows logs I just find this event after the reboot:
"a service was installed in the system.
Service Name :HWiNFO32/64 Kernel Driver
Service Fiel N_ame: C:\Temp\HWiNFO64A.SYS
Service Type: kernel mode driver
service Start Type: demand start
Service account:
event ID 7045
I don't remenber to download this utility.
There is no unninstall on the control panel, nor a visible service on the Services admin tool.
I this a malware pretending to be a hwinfo utility?
My server have Kaspersky with the database updated. This server is on the intranet.
Windows 2008 r2 server, running and Oracle database.
I appreciate any advice on this issue.
Regards,
Today one of mi servers reboot with no apparent reason, when I saw the windows logs I just find this event after the reboot:
"a service was installed in the system.
Service Name :HWiNFO32/64 Kernel Driver
Service Fiel N_ame: C:\Temp\HWiNFO64A.SYS
Service Type: kernel mode driver
service Start Type: demand start
Service account:
event ID 7045
I don't remenber to download this utility.
There is no unninstall on the control panel, nor a visible service on the Services admin tool.
I this a malware pretending to be a hwinfo utility?
My server have Kaspersky with the database updated. This server is on the intranet.
Windows 2008 r2 server, running and Oracle database.
I appreciate any advice on this issue.
Regards,