[49003] in Cypherpunks
Re: Active processes monitoring?
daemon@ATHENA.MIT.EDU (Ray Arachelian)
Fri Feb 2 14:04:40 1996
Date: Fri, 2 Feb 1996 13:59:25 -0500 (est)
From: Ray Arachelian <sunder@dorsai.dorsai.org>
To: Jean-Francois Avon <jf_avon@citenet.net>
Cc: cypherpunks@toad.com
In-Reply-To: <9602010555.AA19695@cti02.citenet.net>
On Thu, 1 Feb 1996, Jean-Francois Avon wrote:
> Hi!
>
> I'm running on a first generation 486 ISA 4meg ram Win 3.11
> I use realdeal /commercial and wipeswap.exe in an *.bat that launch Win3.11
> How can I detect if another process is running on my system?
> I use MEM /c in a dos window. But is that sufficient?
> Can a hidden process detect MEM loading and hide itself somehow?
>
> Are there others applications like MEM that are not as universal?
> (here, I guess that such stealth behaviour have to rely on identifying the
> program being loaded, thus, a less common program has less chance of
> being fooled)
Mem /C doesn't do squat under 95... don't know about 3.11.... since each
DOS box runs in its own space, MEM /C cannot see what processes are
running in Windoze.
==========================================================================
+ ^ + | Ray Arachelian |Emptiness is loneliness, and loneliness| _ |>
\|/ |sunder@dorsai.org|is cleanliness and cleanliness is god-| \ |
<--+-->| |liness and god is empty, just like me,| \|
/|\ | Just Say |intoxicated with the maddness, I'm in| <|\
+ v + | "No" to the NSA!|love with my sadness. (Pumpkins/Zero)| <| n
===================http://www.dorsai.org/~sunder/=========================
