Reply to post: Windows Slop Bucket

Revealed: Malware that skulks in memory, invisibly collecting sysadmins' passwords

Nolveys
Windows

Windows Slop Bucket

There are so many goofy services running by default under Windows that it makes it quite difficult to spot things that shouldn't be there. I ran into a machine the other week that was running out of memory because WinHttpAutoProxySvc has a memory leak. That's a service that runs by default and that automatically searches for proxies to connect to. Why in the name of dog would such a thing be running by default?

That's just considering the stuff that comes with the OS. Once other software gets installed you can be guaranteed to find WhoKnowsWhatThisCouldPossiblyDo.exe running through svchost.exe. You search the tubes for it find "That was installed by Adobe, nobody knows what it does."

I'm seeing the same thing creeping into Linux systems too. It wasn't that long ago that "ps aux" on a server would give a fairly short list of processes, each of which were well known.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021