Re: Unknown Windows Service suspected Worm/Virus
From: Qber_GuidoZ?= (uberguidoz_at_gmail.com)
Date: 09/09/04
- Previous message: Tommie Ashley: "Security Games"
- In reply to: Neil Verkland: "Unknown Windows Service suspected Worm/Virus"
- Next in thread: Prasanna M: "RE: Unknown Windows Service suspected Worm/Virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 9 Sep 2004 13:59:01 -0400 To: Neil Verkland <verklandn@macewan.ca>
Have you tried to get information from the file (EXE/DLL) starting
this service? It should be listed in the run command (Start -> Run ->
msconfig) somewhere. You may also check out the StartupCPL program
from Mike Lin (http://www.mlin.net/StartupCPL.shtml), the standalone
EXE version works beautifully.
Once you have located the file the service is run from, get the
properties of it and see what you can see. Open it in Notepad and see
what you can read. You may also try running it through
www.VirusTotal.com - it will be scanned with a handful of AV programs,
all with the latest virus definitions. This will usually solve the
problem as the heuristics will find stuff frequently.
Best of luck.
-- Peace. ~G On Wed, 08 Sep 2004 14:30:39 -0600, Neil Verkland <verklandn@macewan.ca> wrote: > I'm looking for information on the following windows XP service that was > found installed on various systems that have XP-SP2 installed and have > been virus scanned as clean. > > Servicio de Agenda de Alejandria > > If anyone can identify this windows service please respond. Systems > with this service seem to reboot automagically and terminal services is > started and I am unable to stop the service via the control panel. > Please also respond with the command line to stop a service. My windows > skill are not as prolific as Solaris. Thanks. > > Neil S. Verkland, B.Sc.C.S. > Manager, Learning and Information Systems > Grant MacEwan College --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
- Previous message: Tommie Ashley: "Security Games"
- In reply to: Neil Verkland: "Unknown Windows Service suspected Worm/Virus"
- Next in thread: Prasanna M: "RE: Unknown Windows Service suspected Worm/Virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
