Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Question: Need Suggestions
From: "Sektek Sektek" <sektek () gmail com>
Date: Wed, 19 Apr 2006 14:58:01 -0500

Process auditing has been available in Windows since at least NT 4.0. 
Once you turn it on (via local or group security policy) process
creation and terminations are logged in the Security event log.

On 4/17/06, y0himba <y0himba () technolounge org> wrote:
Hi.

I lurk on this list not posting much and watching, learning from those of
you who do.  I am in need of s suggestion.

I run WinXP SP2.  I am a sounds freak, so I have my system configured to
play a small sound when a program opens, and another when it closes.  Over
the past week, I have noticed something starting and ending almost
instantaneously when I start certain programs, for instance, Skype.
Normally, I can use Dtaskmanager, Autoruns, and a few other process managers
to watch and figure out what is running, but whatever this process is
happens so fast I cannot catch it.

What I would like to find is some type of Windows software that will log
processes starting and ending to a text file so I can review it and figure
out what exactly is going on.

I have run multiple online virus and spyware scans, multiple local virus and
spyware scans, I have run rootkit revealer, HiJack this, and a few others.
They find nothing, so it is probably innocuous, but it is making me nuts
trying to figure out what ended up on this system.  I am very obsessive
about keeping it clean and organized, and running great.

Any serious help is welcome.  I can do without the "run Linux" and Windows
sucks statements.

Thanks for any and all constructive replies.



-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCM/GIT/GO d- s: a C++++$ UL++++ P++++ L++++ E++++ W++++ N+++++ o++++  K++ w
O- M- V-- PS+ PE Y++ PGP++ t+ 5-- X+++++ R* tv++ b+++++ DI++ D++++ G++ e
h---- r+++ y++++
------END GEEK CODE BLOCK------
Get Your Geek Code:  http://www.geekcode.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]