RE: [Full-Disclosure] Looking for a tool

["axid3j1al axid3j1al" <axid3j1al@xxxxxxxxxxx>]

I once had the same problem.

RUn msconfig and then boot with a minimal set of drivers.
Try safe mode?

Then try the sysinternal tools again.

e.g I could not see a exe in the task manager in normal mode (i.e. could
not kill it) but then in the restricted mode it did appear and then I could 
easily remove the offending process.

Have you tried the MS spy++ tool from visual studio? That will show all 
process and all threads. Howver one assumes that sys internals is just using 
the same API that spy++ uses.




> From: "Schmehl, Paul L" <pauls@xxxxxxxxxxxx>
> To: <full-disclosure@xxxxxxxxxxxxxxxx>
> Subject: [Full-Disclosure] Looking for a tool
> Date: Mon, 1 Mar 2004 16:37:41 -0600
>
> I ran into a situation today where neither Foundstone's Process Explorer
> nor Sysinternals' "pslist" would list the master process that was
> controlling some processes that I was trying to kill.  Does anyone on
> the list know of a better utility that will list *all* running processes
> on a Windows box?  (This was WinXP Pro if that matters.)
>
> Paul Schmehl (pauls@xxxxxxxxxxxx)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

_________________________________________________________________
SEEK: Now with over 50,000 dream jobs! Click here  
http://ninemsn.seek.com.au/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html