Thursday, June 22, 2006

Windows is one giant root-kit

Why does lsass.exe write to my harddisk? Why does it have the file "C:\Windows\Debug\PASSWD.LOG" open? why is my Virus Scanner so quiet? And why does Process Explorer say that lsass.exe is verified to be published by Microsoft?

[Update] It seems like a part of Terminal Server, but is strange never the less...

No comments: