Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Rundll32.exe scanning my computer.
105 views
Skip to first unread message
Skybuck Flying
Oct 27, 2015, 7:42:07 AM10/27/15
to
Hello,
Yesterday I noticed how rundll32.exe was running on Windows 7 (64 bit
ultimate edition) while firewall was down (I stopped firewall myself
before).
I caught it with resource monitor scanning files, all kinds of executables.
This process started to run while the rest of the computer was inactive. I
noticed high harddisk activity.
I think I actually terminated the process, but then later it started running
again if I recall correctly.
Eventually there were multiple tcp connections to some ip's and ports, one
port was 80.
And it's IP was: 23.2.235.5
Running tracert shows:
Tracing route to a23-2-235-5.deploy.static.akamaitechnologies.com
[23.2.235.5]
over a maximum of 30 hops:
According to wikipedia:
"
Akamai Technologies, Inc. is a content delivery network or CDN and cloud
services provider headquartered in Cambridge, Massachusetts, in the United
States. Akamai's content delivery network is one of the world's largest
distributed computing platforms, responsible for serving between 15 and 30
percent of all web traffic.[7] The company operates a network of servers
around the world and rents capacity on these servers to customers who want
their websites to work faster by distributing content from locations close
to the user. Over the years their customers have included Apple, Facebook,
Bing, Twitter, eBay and healthcare.gov. When a user navigates to the URL of
an Akamai customer, their browser is redirected to one of Akamai’s copies of
this website, almost entirely invisible to the vast majority of its users.
"
Anyway possible conclusions:
1. Something is scanning my computer, possibly spyware.
2. Source of spyware is currently unknown is it windows itself scanning my
computer ? Or something else ?
What I want to do is "log" all activity of rundll32.exe.
What is launchinbg rundll32 ? What DLL is being run ?
Ofcourse I already tried to use process explorer to examine the running
instance of rundll32.exe. The strange/suspicious thing was process explorer
complained that it could not access the rundll32.exe information, some kind
of security error.
This made me extra suspicious and thus I terminated rundll32.exe from
running and taxing my harddisk.
My advice to USA is to stop building in backdoors and seize your spying
activity.
There is a clear trend going on in Russia, China and European Union for more
privacy.
Your USA products are in danger of being BANNED.
Bye,
Skybuck.
Yesterday I noticed how rundll32.exe was running on Windows 7 (64 bit
ultimate edition) while firewall was down (I stopped firewall myself
before).
I caught it with resource monitor scanning files, all kinds of executables.
This process started to run while the rest of the computer was inactive. I
noticed high harddisk activity.
I think I actually terminated the process, but then later it started running
again if I recall correctly.
Eventually there were multiple tcp connections to some ip's and ports, one
port was 80.
And it's IP was: 23.2.235.5
Running tracert shows:
Tracing route to a23-2-235-5.deploy.static.akamaitechnologies.com
[23.2.235.5]
over a maximum of 30 hops:
According to wikipedia:
"
Akamai Technologies, Inc. is a content delivery network or CDN and cloud
services provider headquartered in Cambridge, Massachusetts, in the United
States. Akamai's content delivery network is one of the world's largest
distributed computing platforms, responsible for serving between 15 and 30
percent of all web traffic.[7] The company operates a network of servers
around the world and rents capacity on these servers to customers who want
their websites to work faster by distributing content from locations close
to the user. Over the years their customers have included Apple, Facebook,
Bing, Twitter, eBay and healthcare.gov. When a user navigates to the URL of
an Akamai customer, their browser is redirected to one of Akamai’s copies of
this website, almost entirely invisible to the vast majority of its users.
"
Anyway possible conclusions:
1. Something is scanning my computer, possibly spyware.
2. Source of spyware is currently unknown is it windows itself scanning my
computer ? Or something else ?
What I want to do is "log" all activity of rundll32.exe.
What is launchinbg rundll32 ? What DLL is being run ?
Ofcourse I already tried to use process explorer to examine the running
instance of rundll32.exe. The strange/suspicious thing was process explorer
complained that it could not access the rundll32.exe information, some kind
of security error.
This made me extra suspicious and thus I terminated rundll32.exe from
running and taxing my harddisk.
My advice to USA is to stop building in backdoors and seize your spying
activity.
There is a clear trend going on in Russia, China and European Union for more
privacy.
Your USA products are in danger of being BANNED.
Bye,
Skybuck.
Skybuck Flying
Oct 27, 2015, 8:01:29 AM10/27/15
to
Here is some further help at getting some information about rundll32.exe
instances:
http://www.howtogeek.com/howto/windows-vista/what-is-rundll32exe-and-why-is-it-running/
1.
"
Simply launch Process Explorer, and you’ll want to choose File \ Show
Details for All Processes to make sure that you’re seeing everything.
"
2.
"
Now when you hover over the rundll32.exe in the list, you’ll see a tooltip
with the details of what it actually is:
"
3.
"
Or you can right-click, choose Properties, and then take a look at the Image
tab to see the full pathname that is being launched, and you can even see
the Parent process, which in this case is the Windows shell (explorer.exe),
indicating that it was likely launched from a shortcut or startup item.
"
Tip 3 seems best, I am not sure if this tip would have worked, next time I
catch rundll32.exe running like this I will try out these tips.
If for some reason it's not possibly or information is missing then perhaps
I will video tape it for futher evidence of suspicious activity ! ;)
Bye,
Skybuck.
instances:
http://www.howtogeek.com/howto/windows-vista/what-is-rundll32exe-and-why-is-it-running/
1.
"
Simply launch Process Explorer, and you’ll want to choose File \ Show
Details for All Processes to make sure that you’re seeing everything.
"
2.
"
Now when you hover over the rundll32.exe in the list, you’ll see a tooltip
with the details of what it actually is:
"
3.
"
Or you can right-click, choose Properties, and then take a look at the Image
tab to see the full pathname that is being launched, and you can even see
the Parent process, which in this case is the Windows shell (explorer.exe),
indicating that it was likely launched from a shortcut or startup item.
"
Tip 3 seems best, I am not sure if this tip would have worked, next time I
catch rundll32.exe running like this I will try out these tips.
If for some reason it's not possibly or information is missing then perhaps
I will video tape it for futher evidence of suspicious activity ! ;)
Bye,
Skybuck.
Skybuck Flying
Oct 27, 2015, 8:06:37 AM10/27/15
to
Here is another trick to get more information about running rundll32.exe
process:
https://www.raymond.cc/blog/identify-loaded-rundll32exe-in-windows-task-list/
1.
"
Identify Loaded DLL Files through Command Prompt
Here is a manual way of identifying DLL files in rundll32.exe. Open a
Command Prompt by pressing WinKey+R and type cmd. Then type or paste the
command below into the prompt and hit Enter.
tasklist /m /fi "IMAGENAME eq rundll32.exe"
Do take note that by default, Windows XP Home edition does not have the
tasklist.exe utility, only Professional. It is built into all versions of
Windows Vista and 7. If you want the Tasklist tool for XP Home you can
download it from this link:
Download Tasklist.exe
https://www.raymond.cc/blog/download/did/1221/
The dll modules are displayed on the right side of the tasklist result. You’ll
probably see a lot of modules being displayed which are the internal Windows
dll’s and it takes a little knowledge from an experienced user to identify
any dangerous dll on the list. If you’re unsure, you can always do a search
in Google on the dll file name.
Read More:
https://www.raymond.cc/blog/identify-loaded-rundll32exe-in-windows-task-list/
"
Anyway when I run this right now:
tasklist /m /fi "IMAGENAME eq rundll32.exe"
it produces this:
INFO: No tasks are running which match the specified criteria.
rundll32.exe is currently not running so I will assume this is normal ?! ;)
Bye,
Skybuck.
process:
https://www.raymond.cc/blog/identify-loaded-rundll32exe-in-windows-task-list/
1.
"
Identify Loaded DLL Files through Command Prompt
Here is a manual way of identifying DLL files in rundll32.exe. Open a
Command Prompt by pressing WinKey+R and type cmd. Then type or paste the
command below into the prompt and hit Enter.
tasklist /m /fi "IMAGENAME eq rundll32.exe"
Do take note that by default, Windows XP Home edition does not have the
tasklist.exe utility, only Professional. It is built into all versions of
Windows Vista and 7. If you want the Tasklist tool for XP Home you can
download it from this link:
Download Tasklist.exe
https://www.raymond.cc/blog/download/did/1221/
The dll modules are displayed on the right side of the tasklist result. You’ll
probably see a lot of modules being displayed which are the internal Windows
dll’s and it takes a little knowledge from an experienced user to identify
any dangerous dll on the list. If you’re unsure, you can always do a search
in Google on the dll file name.
Read More:
https://www.raymond.cc/blog/identify-loaded-rundll32exe-in-windows-task-list/
"
Anyway when I run this right now:
tasklist /m /fi "IMAGENAME eq rundll32.exe"
it produces this:
INFO: No tasks are running which match the specified criteria.
rundll32.exe is currently not running so I will assume this is normal ?! ;)
Bye,
Skybuck.
DecadentLinuxUserNumeroUno
Oct 27, 2015, 9:36:54 AM10/27/15
to
On Tue, 27 Oct 2015 12:42:06 +0100, "Skybuck Flying"
<skybu...@hotmail.com> Gave us:
snipped utter stupidity...
You are a true idiot.
<skybu...@hotmail.com> Gave us:
snipped utter stupidity...
You are a true idiot.
Paul
Oct 27, 2015, 10:58:13 AM10/27/15
to
Skybuck Flying wrote:
> What is launchinbg rundll32 ? What DLL is being run ?
For Win7, in Task Manager you can add a column entry
> What is launchinbg rundll32 ? What DLL is being run ?
that shows the command line invocation. If the machine
absolutely refuses to run Task Manager, then you know
you are in trouble.
http://www.howtogeek.com/howto/windows-vista/what-is-rundll32exe-and-why-is-it-running/
http://cdn5.howtogeek.com/wp-content/uploads/2008/07/image178.png
Otherwise, download and run MBAM on-demand scanner (do not
tick "Trial", just use the free version which does not
provide real time protection).
(Orange Download button. You can download this on another computer,
if the suspect computer will not allow the browser to download this.
This program will download definitions, once it is installed.
It is for on-demand scanning only, for the free version.)
https://www.malwarebytes.org/
Paul
William Unruh
Oct 27, 2015, 1:12:32 PM10/27/15
to
On 2015-10-27, Skybuck Flying <skybu...@hotmail.com> wrote:
> Hello,
>
> Yesterday I noticed how rundll32.exe was running on Windows 7 (64 bit
> ultimate edition) while firewall was down (I stopped firewall myself
> before).
Why?
> Hello,
>
> Yesterday I noticed how rundll32.exe was running on Windows 7 (64 bit
> ultimate edition) while firewall was down (I stopped firewall myself
> before).
>
> I caught it with resource monitor scanning files, all kinds of executables.
>
> This process started to run while the rest of the computer was inactive. I
> noticed high harddisk activity.
that without protection, a Windows machine will last about 5 min without
catching a virus.
>
> I think I actually terminated the process, but then later it started running
> again if I recall correctly.
>
> Eventually there were multiple tcp connections to some ip's and ports, one
> port was 80.
Yes, you have been owned. Your computer will now be used to send
> Eventually there were multiple tcp connections to some ip's and ports, one
> port was 80.
spam/physhing email to others and be used to attack and infect other
machines. All of your email contacts will bet emails from you telling
them about some wonderful mcguffin you have found and advising them to
buy it/link to it/....
>
> And it's IP was: 23.2.235.5
>
> Running tracert shows:
>
> Tracing route to a23-2-235-5.deploy.static.akamaitechnologies.com
> [23.2.235.5]
> over a maximum of 30 hops:
other Windows user who decided it was a good idea to go onto the net
without a firewall of virus scanner.
>
> According to wikipedia:
>
> "
> Akamai Technologies, Inc. is a content delivery network or CDN and cloud
> services provider headquartered in Cambridge, Massachusetts, in the United
> States. Akamai's content delivery network is one of the world's largest
> distributed computing platforms, responsible for serving between 15 and 30
> percent of all web traffic.[7] The company operates a network of servers
> around the world and rents capacity on these servers to customers who want
> their websites to work faster by distributing content from locations close
> to the user. Over the years their customers have included Apple, Facebook,
> Bing, Twitter, eBay and healthcare.gov. When a user navigates to the URL of
> this website, almost entirely invisible to the vast majority of its users.
> "
>
> Anyway possible conclusions:
>
> 1. Something is scanning my computer, possibly spyware.
Yes.
> "
>
> Anyway possible conclusions:
>
> 1. Something is scanning my computer, possibly spyware.
>
> 2. Source of spyware is currently unknown is it windows itself scanning my
> computer ? Or something else ?
>
> What I want to do is "log" all activity of rundll32.exe.
immediately put up a firewall and a good virus scanner.
>
> What is launchinbg rundll32 ? What DLL is being run ?
>
> Ofcourse I already tried to use process explorer to examine the running
> instance of rundll32.exe. The strange/suspicious thing was process explorer
> complained that it could not access the rundll32.exe information, some kind
> of security error.
>
> This made me extra suspicious and thus I terminated rundll32.exe from
> running and taxing my harddisk.
>
> My advice to USA is to stop building in backdoors and seize your spying
> activity.
USA, but one of the roughly 10,000,000 people out there from around te
world who want to use your machine to anonymize their nepharious
activity.
>
> There is a clear trend going on in Russia, China and European Union for more
> privacy.
So?
>
> There is a clear trend going on in Russia, China and European Union for more
> privacy.
>
> Your USA products are in danger of being BANNED.
Martin Riddle
Oct 27, 2015, 8:15:38 PM10/27/15
to
On Tue, 27 Oct 2015 10:58:12 -0400, Paul <nos...@needed.com> wrote:
>Skybuck Flying wrote:
>
>> What is launchinbg rundll32 ? What DLL is being run ?
>
>For Win7, in Task Manager you can add a column entry
>that shows the command line invocation. If the machine
>absolutely refuses to run Task Manager, then you know
>you are in trouble.
<snip>
>Skybuck Flying wrote:
>
>> What is launchinbg rundll32 ? What DLL is being run ?
>
>For Win7, in Task Manager you can add a column entry
>that shows the command line invocation. If the machine
>absolutely refuses to run Task Manager, then you know
>you are in trouble.
That's usefull, thanks for the tip.
Cheers
DecadentLinuxUserNumeroUno
Oct 27, 2015, 9:41:34 PM10/27/15
to
On Tue, 27 Oct 2015 20:15:30 -0400, Martin Riddle
<marti...@verizon.net> Gave us:
You spelled use-fool wrong.
<marti...@verizon.net> Gave us:
Skybuck Flying
Oct 28, 2015, 1:19:27 AM10/28/15
to
It's not a virus, if it were a virus it would be running every day.
I don't see it running at all.
It's something more special.
So your entire posting can be snipped away <snipped>
Bye,
Skybuck.
I don't see it running at all.
It's something more special.
So your entire posting can be snipped away <snipped>
Bye,
Skybuck.
Skybuck Flying
Oct 28, 2015, 1:22:33 AM10/28/15
to
Meanwhile I have noticed another oddity.
Perhaps it's nothing or perhaps it's something.
The tool RAMMap will sometimes show "tunngle" still as a process, while task
manager, show all processes does not show it, neither does process explorer.
Perhaps RAMMap sometimes will also show some other app.
It seems to be only one 4KB page.
Perhaps it's a residue, or a left over or some bug in windows or a bug in
RAMMap.
However it could also be something suspicious.
Some app suspects:
1. Firefox
2. Tunngle
3. Star Trek Online
4. World of Warships.
And the ofcourse:
Windows itself.
and lastly could also be something from long ago that only runs very rarely.
Bye,
Skybuck.
Perhaps it's nothing or perhaps it's something.
The tool RAMMap will sometimes show "tunngle" still as a process, while task
manager, show all processes does not show it, neither does process explorer.
Perhaps RAMMap sometimes will also show some other app.
It seems to be only one 4KB page.
Perhaps it's a residue, or a left over or some bug in windows or a bug in
RAMMap.
However it could also be something suspicious.
Some app suspects:
1. Firefox
2. Tunngle
3. Star Trek Online
4. World of Warships.
And the ofcourse:
Windows itself.
and lastly could also be something from long ago that only runs very rarely.
Bye,
Skybuck.
Skybuck Flying
Oct 28, 2015, 1:26:16 AM10/28/15
to
> What is launchinbg rundll32 ? What DLL is being run ?
"
For Win7, in Task Manager you can add a column entry
that shows the command line invocation.
"
I had this running for the last few days, trying to learn why World of
"
For Win7, in Task Manager you can add a column entry
that shows the command line invocation.
"
Warships lags so much.
However at the time the rundll32 was running I already removed these
columns, somewhat unfortunately... it makes task manager lag a little bit ;)
I doubt it will show up in task manager.
I have also noticed this disk rattling when I stop using the computer for a
while.
Then usually when I move the mouse the rattling stops.
It's probably not prefetch and not super fetch cause I disabled those.
As far as I can remember defragmenter was also not running.
Windows update probably also not...
So something weird...
What I would like to know is how this thing managed to create a bug in
process explorer and thereby deny access. That's weird.
To me that's almost a clear sign that this is something from Microsoft
itself, or some really clever people ! ;)
Ofcourse could also be just a bug in process explorer, but I have a feeling
this is not just a bug... but was more by design to thart detection ;)
Bye,
Skybuck.
DecadentLinuxUserNumeroUno
Oct 28, 2015, 1:36:00 AM10/28/15
to
On Wed, 28 Oct 2015 06:22:36 +0100, "Skybuck Flying"
<skybu...@hotmail.com> Gave us:
>Perhaps it's a residue,
You are a residue from out of your slut mother's ass.
<skybu...@hotmail.com> Gave us:
>Perhaps it's a residue,
Skybuck Flying
Oct 28, 2015, 1:41:53 AM10/28/15
to
Also no spyware scanner or malware scanner can take on Microsoft Windows
itself.
I have seen what Windows does, how it runs many many many things without
actually informing the users.
A short list but not exhaustive list:
1. Windows Updates as biggest annoyance usually but not lately.
2. Prefetcher
3. Super Fetch
4. Defragmentor
5. .NET bullshit ngen and shit like that.
6. Probably other bs like windows defender though that disabled long ago.
7. Plug and play.
God knows what else.
I have became very unhappy, discontent and very wary/distrustfull/suspicious
if Microsoft, perhaps there was another word I was looking for but ok.
Windows 10 is even more crazy with crazy license terms.
The chance of me switching to something else is pretty large.
I do like the sys internal tools for a bit more insight... but it's mostly
to late, too little.
Also kernel mode is a total different world, and very few tools give insight
into that.
While nowadays many people know what goes on in there and can write virus
kernels/drivers as well.... so very little use to keep that seperated from
applications... apart from crashing and so forth.
I think the security model is brokenand thus hidden stuff in kernel mode
doesn't seem smart, reminds me of World Trade Center attacks, the real
problem was nobody could get back into the cockpit after the terrorists took
over.
Now after these spying scandals and seeing the ridicilious intrusive and
privacy violating features intel has build into computer chips I am pretty
much done with both companies.
Especially intel makes me sick to my stomach. I regret having bought a chip
of them in the past. Such treachery of these people makes me wonder if
Hitler was right and jews are a threat to humanity. I heard intel was
constructed by jews... well there ya go.
Einstein, probably biggest traitor of humanity by enabling the atomic bomb
was also a jew... Why spread such knowledge around ? Would you do that ? ;)
I was never a jew hater or anything like that but it's starting to make me
wonder.
Hopefully AMD will not repeat same mistake and keep their chips free from
privacy/intrusive technologies... like AMT crap.
I am hoping I will like ZEN in future so I might be able to upgrade to/buy
that.
Also I am starting to feel like the "closer source" era is over.
I see no more reason for software companies to keep their software closed
from their users.
1. First of all the software is so large, that just reading all the code
would take years... so little reason to think they gonna start their own
bussiness with it. But it does allow users to dive into those parts which
they find interesting or perhaps suspicious or want to fix bugs or add small
little features.
2. Second of all, selling source is still possible and could possibly be
protected as well if necessary.
Only thing Microsoft and other Software companies would have to worry about
is "other software companies". Well there are not that many. There's
Microsoft, there's Apple... maybe now google... and the rest is a bit
small... Would need a big software company to handle something like Windows
I see no reason why somebody would need to look what's on my computer...
what gives you the right ? No right I say. Respect my privacy or your
product might as well go out the window ;) :) It's a matter of ethics... I
find USA people have very low ethics when it comes to backdoors and stuff
like that... don't do it.. it can backfire.
I feel all this backdooring is someday going to be used by the enemy, and
not themselfes so it's quite stupid building such backdoors in as far as I
am concerned. I would never do this myself for just this reason.
For now there are plenty of bugs to potentially use, no need to build in
backdoors.
Eventually terrorism is not beaten with backdoors, but education of people.
Prevent brain washing.
When it comes to state-terrorism or war that is a different matter, but I
would also like my hardware and me to be safe from such a thing.
Bye,
Skybuck.
itself.
I have seen what Windows does, how it runs many many many things without
actually informing the users.
A short list but not exhaustive list:
1. Windows Updates as biggest annoyance usually but not lately.
2. Prefetcher
3. Super Fetch
4. Defragmentor
5. .NET bullshit ngen and shit like that.
6. Probably other bs like windows defender though that disabled long ago.
7. Plug and play.
God knows what else.
I have became very unhappy, discontent and very wary/distrustfull/suspicious
if Microsoft, perhaps there was another word I was looking for but ok.
Windows 10 is even more crazy with crazy license terms.
The chance of me switching to something else is pretty large.
I do like the sys internal tools for a bit more insight... but it's mostly
to late, too little.
Also kernel mode is a total different world, and very few tools give insight
into that.
While nowadays many people know what goes on in there and can write virus
kernels/drivers as well.... so very little use to keep that seperated from
applications... apart from crashing and so forth.
I think the security model is brokenand thus hidden stuff in kernel mode
doesn't seem smart, reminds me of World Trade Center attacks, the real
problem was nobody could get back into the cockpit after the terrorists took
over.
Now after these spying scandals and seeing the ridicilious intrusive and
privacy violating features intel has build into computer chips I am pretty
much done with both companies.
Especially intel makes me sick to my stomach. I regret having bought a chip
of them in the past. Such treachery of these people makes me wonder if
Hitler was right and jews are a threat to humanity. I heard intel was
constructed by jews... well there ya go.
Einstein, probably biggest traitor of humanity by enabling the atomic bomb
was also a jew... Why spread such knowledge around ? Would you do that ? ;)
I was never a jew hater or anything like that but it's starting to make me
wonder.
Hopefully AMD will not repeat same mistake and keep their chips free from
privacy/intrusive technologies... like AMT crap.
I am hoping I will like ZEN in future so I might be able to upgrade to/buy
that.
Also I am starting to feel like the "closer source" era is over.
I see no more reason for software companies to keep their software closed
from their users.
1. First of all the software is so large, that just reading all the code
would take years... so little reason to think they gonna start their own
bussiness with it. But it does allow users to dive into those parts which
they find interesting or perhaps suspicious or want to fix bugs or add small
little features.
2. Second of all, selling source is still possible and could possibly be
protected as well if necessary.
Only thing Microsoft and other Software companies would have to worry about
is "other software companies". Well there are not that many. There's
Microsoft, there's Apple... maybe now google... and the rest is a bit
small... Would need a big software company to handle something like Windows
I see no reason why somebody would need to look what's on my computer...
what gives you the right ? No right I say. Respect my privacy or your
product might as well go out the window ;) :) It's a matter of ethics... I
find USA people have very low ethics when it comes to backdoors and stuff
like that... don't do it.. it can backfire.
I feel all this backdooring is someday going to be used by the enemy, and
not themselfes so it's quite stupid building such backdoors in as far as I
am concerned. I would never do this myself for just this reason.
For now there are plenty of bugs to potentially use, no need to build in
backdoors.
Eventually terrorism is not beaten with backdoors, but education of people.
Prevent brain washing.
When it comes to state-terrorism or war that is a different matter, but I
would also like my hardware and me to be safe from such a thing.
Bye,
Skybuck.
Paul
Oct 28, 2015, 1:51:32 AM10/28/15
to
https://plus.google.com/+tunngle#+tunngle/about
VPNs involved "trust". You could be allowing a third
party access to whatever is carried.
http://www.techradar.com/downloads/tunngle
Paul
Skybuck Flying
Oct 28, 2015, 2:23:43 AM10/28/15
to
"
Why would you put this on your machine ?
"
It's a tool to play computer games over LOCAL AREA NETWORK.
Why would you put this on your machine ?
"
"
VPNs involved "trust". You could be allowing a third
party access to whatever is carried.
"
I did have printer spooler running in an attempt to prevent virtual
harddisks from delaying "eject medium" from "remove hardware safely".
I once conversated with this kid, which I was doing VPN experiments with...
and this kid said he could see my network printer or something.
And perhaps he could fok around with the printer pipe.
Currently I don't have a printer installed... just that virtual printer
thing XPS writer from Microsoft.
If somebody did come into my computer I would not be surprised if it was via
the printer spooler service running.
This is why I always kept it on disabled.
Perhaps I should set it back to disabled... just for safety...
I did notice the booting was twice not freezed, but last time it was
freezed.
It doesn't really help at "defreezing" the safely remove hardware thing.
Perhaps the advice that was giving on the website to run the printer spooler
was from a hacker that actually knows that this service is vunerable.
I will disable printer spooler from now on though.
http://www.techradar.com/downloads/tunngle
Bye,
Skybuck.
M Philbrook
Oct 28, 2015, 5:45:07 PM10/28/15
to
In article <0kn03btkt7l4qgf5u...@4ax.com>, DLU1
@DecadentLinuxUser.org says...
Getting kind of close to his mother, are you?
I bet your nose is brown by now.
Jamie
@DecadentLinuxUser.org says...
I bet your nose is brown by now.
Jamie
DecadentLinuxUserNumeroUno
Oct 28, 2015, 6:55:06 PM10/28/15
to
On Wed, 28 Oct 2015 17:52:38 -0500, M Philbrook
<jamie_...@charter.net> Gave us:
Your jabs have all the wit of the bacteria in the residue coming out
of his slut mother's ass.
Bwuahahahahaahaha!
<jamie_...@charter.net> Gave us:
of his slut mother's ass.
Bwuahahahahaahaha!
gray_wolf
Oct 28, 2015, 6:57:59 PM10/28/15
to
It may tell you what the Rundll32 is associated with.
It was a big help to me when I was tracking down the CPU sucking svchost
problem. It turned out to have been caused by a windows update. Had something to
do with the windows update process itself IIRC. My Win7 x64 install is working
fine so I think I'll forgo any future updates.
Pomegranate Bastard
Oct 29, 2015, 6:22:26 AM10/29/15
to
Show some respect for your elders and betters.
JW
Oct 29, 2015, 7:54:29 AM10/29/15
to
On Wed, 28 Oct 2015 17:52:38 -0500 M Philbrook <jamie_...@charter.net>
wrote in Message id:
<MPG.309b1bc1c...@news.eternal-september.org>:
I'm thinking he's a human fly.
wrote in Message id:
<MPG.309b1bc1c...@news.eternal-september.org>:
0 new messages