[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Looking for a tool
- To: "Harlan Carvey" <keydet89@xxxxxxxxx>, "Tim" <tim-security@xxxxxxxxxxxxxxxxxxx>, "Schmehl, Paul L" <pauls@xxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] Looking for a tool
- From: "Aditya, ALD [Aditya Lalit Deshmukh]" <aditya.deshmukh@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 4 Mar 2004 23:35:16 +0530
> -----Original Message-----
> From: full-disclosure-admin@xxxxxxxxxxxxxxxx
> [mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx]On Behalf Of Harlan
> Carvey
> Sent: Thursday, March 04, 2004 12:23 AM
> To: ald2003@xxxxxxxxxxxxxxxxxxxxx; Tim; Schmehl, Paul L
> Cc: full-disclosure@xxxxxxxxxxxxxxxx
> Subject: RE: [Full-Disclosure] Looking for a tool
>
>
> Just out of curiosity, would it be ok to not
> speculate? Speculation turns IR activities to crap
> very, very quickly...
ok i was not speculating, this proecess is a win32 service. these types of
images cannot be stopped by a admin from the process manager, they have to be
stopped from the serives mmc under the admininstative tools in contol panel.
since this is exactly what the first post described i said it was a service.
if it has been a kernel theread then it would not had shown up in the task
manager as a seperate process, another thing pointed out in the original post
"it appers as another process"
-aditya
________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html