Re: Anyone know what "piiserviceO" is?
From: Frank Knobbe (fknobbe@knobbeits.com)Date: 09/03/02
- Previous message: Mike Coppins: "Re: IUSR_machinename"
- In reply to: Amer Karim: "Anyone know what "piiserviceO" is?"
- Next in thread: Amer Karim: "RE: Anyone know what "piiserviceO" is?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Frank Knobbe <fknobbe@knobbeits.com> To: Amer Karim <amerk@telus.net> Date: 03 Sep 2002 12:21:11 -0500
Smells like a trojan/backdoor. Have you run STRINGS over the binary to
see what it contains? Also, use FPORT to find out what port(s) it is
listening on and connect to it to see what kind of header you get (if
one at all).
Regards,
Frank
On Mon, 2002-09-02 at 13:11, Amer Karim wrote:
> Hi All,
>
> I was just doing some cleaning up on my home system (W2K Pro SP3) and I
> noticed this “piiserviceO” in the processes list. I found it in the
> registry under “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run”, but I
> can’t find any info on it either at MSKB or via google searches. I’ve
> deleted the key and haven’t noticed any change in the systems behaviour, but
> I’d like to know what it is (or was)…
>
> I can’t find any files on the system named ‘piiserviceO’, or any variation
> thereof, and google gave me zero returns (a first) except for something
> called ‘psiservice’.
>
> TIA.
>
> Regards,
> Amer Karim
> Nautilis Information Systems
> e-mail: amerk@telus.net, mamerk@hotmail.com
>
>
>
- Previous message: Mike Coppins: "Re: IUSR_machinename"
- In reply to: Amer Karim: "Anyone know what "piiserviceO" is?"
- Next in thread: Amer Karim: "RE: Anyone know what "piiserviceO" is?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
