reply to post by boondock-saint
Just to put this out there, I've never encountered the exact process name you posted, but I do use a lot of image mounting tools. To work, these
tools have to make windows believe an image is actually a drive with a disk in it, or in some cases, a harddrive itself.
It's not used as a remote intrusion tool, it has no ability to navigate your network, or open ports on your network. It is an imaging tool used to
mount logical images as physical (not really) drives. All of these tools create virtual drives, virtual SCSI drives as this allows for faster
transfer rates (as they aren't limited to a physical trace on the motherboard, they are in fact all digital.) because SCSI drives offer wider data
If you ever installed any software capable of this like alcohol, daemon tools, or various others, you'll have this process running. As this software
enables this process, and requires it, it sets the process to start at windows boot. This is mainly for easy of use, so if you left an image mounted
before rebooting, it will still be mounted and work. Without the process starting with windows, you'd have to wait maybe 30 seconds for the process
to start before your image drive is accessible.
That said. If you are sure no one has ever installed that software, start some deep scans. Process Port Linker (google it) is a free tool that will
give you a detailed list of processes running as well as the ports in use, this is important to track questionable processes.
From the same programmer you can also grab "nettools" I have version 4, but it might be higher now. There are plenty of scanning and security tools
to help identify any potential problems.
Anyways..... Unless you know what you are doing, and no offense intended but you clearly don't, do not start messing around with services.msc. yes,
windows xp and windows 7 do load plenty of services that you might not need. But, unless you've taken the time to learn about these, you don't
actually know which are co-dependent.
Do NOT mess around with your windows services unless you enjoy having to repair install. Killing required processes from the task manager is also a
waste of time as they will reappear. do not attempt to adjust the process priority or affinity, again, unless you enjoy repair installs.
If you are running vanilla windows, there are plenty of places you get can lists, including Microsoft itself, as to which processes should be running
and what they do.
The instant you install additional software, this list becomes incomplete as software adds it's own processes. Update processes, update checkers,
device checkers, the list goes on and on. And if you bought a dell or hp or whatever branded machine, and used the windows installed provided with
it, you've probably got 50+ processes all added by their bloatware.
mild paranoia relating to computer security is good, but keep it in check.
Also note that only an idiot would allow their malware to appear in the task list or process list. It's insanely easy to hide stuff from windows.
Here's a few examples.
Any keylogging software, will run in what they call "stealth" mode. No process, no task nothing associated with the program will be visible from
anywhere inside the os unless you are the person who installed it. The best case scenario is they tell the logger software to upload images and txt
to a sever, and you see this traffic on your router. because you actually were looking for it.
"Dream pack" for windows xp & 7
For windows xp, dream pack allows me, as long as the device lets me boot USB or CD, to install into windows a fancy little box that appears at the
logon window, before you log on, that lets you crack passwords, run command lines, install software, and my personal fav:
Lets you log into the computer as a "system account" and run software as "system" all without even attempting to enter a password.
Keep it in check, check your router traffic logs
edit on 20-6-2011 by phishyblankwaters because: (no reason given)