hidden tasks

["Philipp, Roland" <Roland.Philipp () bknkids com>]

Hi all

On NT systems (or other windows systems) the task manager shows some running
tasks, Dr Watson shows all running tasks at the time the system snapshot was
taken.

Would it be possible that instead of the shown task a trojan is running on
the system?

The trojan has the name of a known MS program, the same version number, the
same manufacturer name, the same description and the same path/type like in
Dr Watson's tasklist. The size of the file is the same like the original MS
file.
Is it possible that there is a trojan running but we do not see it with a
virusscanner (because it is new), not in the task list (as it seams to be a
MS application) not in any autorun place (as it is started like a system
task), not with netstat or other sniffer(it makes the connections just one
time a month)?

Can anybody provide me with information/links about this?

any ideas?

cheers

Roland
 

---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------