| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Jul 2004 11:28:24 +0200 From: Marco Monicelli <marco.monicelli@...cegaglia.com> To: bugtraq@...urityfocus.com Subject: Trend Micro Officescan for Win2k strange behaviour Hello List! I've noticed the following "weird" behaviour of the Trend Micro Officescan client vers. 5.58 update to pattern 1.936.00 Engine 7.100 for WinXP/2k/NT: The AV client is protected for unloading the Realtime Scan agent prompting for a password (which I don't know of course). Moreover I have NOT admin rights which allows me to perform a full system scan but not to unload the client and/or the realtime protection. Playing with the "net" command on a DOS prompt, I found out that the AV launches itself and the realtime prot as services automatically. Then I tried to stop the services with the simple command net stop "OfficeScanNT Listener" net stop "OfficeScanNT RealTime Scan" Guess what? The two services have been successfully stopped from my system. What do you guys think of this? Should I advise the AV Company of this or this is normal behaviour? Tnx for feedback. Ciao Marco Monicelli MARCEGAGLIA SPA Automotive Sales Department Stainless Steel Division Tel. +39 0376 685369 Fax. +39 0376 685625 email: marco.monicelli@...cegaglia.com
Powered by blists - more mailing lists