I found something on my computer that I think
everyone here at ATS needs to be aware of.
I found a windows process running in the background
which I did not know I had and did not install it.
I found this actually by mistake while looking to kill
another process and saw this one running without
In Windows you have a Windows service by the name
of SCSI Service. You can either enable this service
or disable it. I have had mine disabled since I purchased
my PC. So imagine my surprise when I saw a SCSI Access
process running on my PC.
I highlighted end task and stopped it from running.
However, this did not stop it from re-booting at my next
start-up. So now I set out to find just what this lil
process was running on my PC without my consent.
I did an internet search for the process name which is:
And my search found this is a normal process linked
with a software program called Alcohol 120.
The problem is: I have never installed such a
program on my PC. Where did this process
come from and why does it auto start at boot-up if
I have all my scsi Windows services switched off ???
The windows task manager could not tell me who the
author of this program was. Under company name
was listed Unknown.
So I typed in msconfig and brought up the windows
start-up menu and found it listed and it was set by
Windows to run at start-up despite the fact that my
SCSI Services were shut off.
And once again, it was listed without an author or
a company name associated. So I unchecked the
box for it to start at Windows boot-up.
After re-booting I checked my task manager again
and it was not running. Thank God.
however, this opened up quite a few questions
1) How did it get on my machine ???
2) Who installed it ???
3) Who wrote the code and why ???
4) Was I a target for this hidden access ???
5) And why the HELL didn't my Norton Security
warn me or catch it as it just ran a full system scan
last evening ???
6) And where is my PC data going to that is
sent via this scsi access ???
Too many questions, too few answers.
So I decided to look up just what this lil
piece of code could do and found out
that it can be used to access your computer
remotely and it has it's own patent.
In computing, iSCSI (Listeni /aɪˈskʌzi/ eye-skuz-ee), is an abbreviation of Internet Small Computer System Interface, an Internet Protocol
(IP)-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks, iSCSI is used to facilitate
data transfers over intranets and to manage storage over long distances. iSCSI can be used to transmit data over local area networks (LANs), wide area
networks (WANs), or the Internet and can enable location-independent data storage and retrieval. The protocol allows clients (called initiators) to
send SCSI commands (CDBs) to SCSI storage devices (targets) on remote servers.
1. A storage networking device capable of communicating with a remote storage networking device, comprising:a controller configured to manage the
receipt of storage networking data and buffer locational data from a remote storage networking device, wherein the storage networking data includes at
least one command for at least partially controlling a device attached to a storage network and is transmitted using a protocol adapted for the
transmission of storage networking data; anda buffer memory configured to at least temporarily store at least part of the storage networking data at a
location within the buffer memory that is based at least in part on the locational data such that the storage networking device provides direct access
to the buffer memory.
So WHY the he!! was this on my PC and why was it running
in the background without my consent and who put it there ???
It clearly has the ability to access your PC remotely, even
from the internet.
Is this not a security risk from he!! here ???
I want everyone here at ATS to open their
windows task manager and see if they have
this process running on their PC ?????