[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Active processes monitoring?

To: Jean-Francois Avon <[email protected]>
Subject: Re: Active processes monitoring?
From: Ray Arachelian <[email protected]>
Date: Fri, 2 Feb 1996 13:59:25 -0500 (est)
Cc: [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

On Thu, 1 Feb 1996, Jean-Francois Avon wrote:

> Hi!
> 
> I'm running on a first generation 486 ISA 4meg ram Win 3.11
> I use realdeal /commercial  and wipeswap.exe in an *.bat that launch Win3.11
> How can I detect if another process is running on my system?
> I use MEM /c in a dos window.  But is that sufficient?
> Can a hidden process detect MEM loading and hide itself somehow?
> 
> Are there others applications like MEM that are not as universal?
> (here, I guess that such stealth behaviour have to rely on identifying the
> program being loaded, thus, a less common program has less chance of 
> being fooled)

Mem /C doesn't do squat under 95... don't know about 3.11.... since each 
DOS box runs in its own space, MEM /C cannot see what processes are 
running in Windoze.

==========================================================================
 + ^ + |  Ray Arachelian |Emptiness is loneliness, and loneliness|  _ |>
  \|/  |[email protected]|is cleanliness  and cleanliness is god-|  \ |
<--+-->|                 |liness and god is empty,  just like me,|   \|
  /|\  |    Just Say     |intoxicated  with the maddness,  I'm in|   <|\
 + v + | "No" to the NSA!|love with my sadness.   (Pumpkins/Zero)|   <| n
===================http://www.dorsai.org/~sunder/=========================

References:
- Active processes monitoring?
  - From: [email protected] (Jean-Francois Avon (JFA Technologies, QC, Canada))

Prev by Date: Re: Espionage-enabled Greed
Next by Date: Re: Anti-Nazi Authentication [Was: Tim's paranoid rant about Declan...]
Prev by thread: Active processes monitoring?
Next by thread: Re: Active processes monitoring?
Index(es):
- Date
- Thread