|
-
June 28th, 2007, 03:07 PM
#11
@Nokia: Thanks a lot for the info. I was about to search about the '%comspec%' variable. The reason being: I mistyped %comspec% as %compsec%. Anyway thanks a lot for the detailed analysis of the command (and thus the situation).
Last edited by jockey0109; October 14th, 2007 at 07:46 AM.
"Everything should be made as simple as possible, but not simpler."
- Albert Einstein
-
June 28th, 2007, 03:22 PM
#12
The thing that has me so mad is, How did the command get run in the first place?
Is this still a matter of social engineering the user to run it, or is it a drive-by?
I came in to the world with nothing. I still have most of it.
-
June 28th, 2007, 03:28 PM
#13
May I predict the use of an ActiveX control?
The second could be of course 'physical access'? Or may be that it is something done by another program which got into the machine (again, the question remains though) just to issue that command?
Last edited by jockey0109; October 14th, 2007 at 07:47 AM.
"Everything should be made as simple as possible, but not simpler."
- Albert Einstein
Similar Threads
-
By gore in forum Operating Systems
Replies: 2
Last Post: February 25th, 2005, 08:12 AM
-
By mohaughn in forum Microsoft Security Discussions
Replies: 2
Last Post: October 13th, 2004, 04:31 AM
-
By rajunpl in forum Operating Systems
Replies: 43
Last Post: July 1st, 2004, 07:30 AM
-
By Cybr1d in forum Miscellaneous Security Discussions
Replies: 11
Last Post: June 10th, 2004, 12:09 AM
-
By warl0ck7 in forum Microsoft Security Discussions
Replies: 7
Last Post: August 14th, 2003, 12:23 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote