1. Forum
  2. Usenet
  3. ALT.COMP.OS.WINDOWS-10

  • Ping Paul: Parsec ?

    From T@21:1/5 to All on Wed Dec 13 20:03:04 2023
    Hi Paul,

    I ran the RAT identifier program you sent me to on
    on a customer's computer. It kicked me out and it
    kicked out something called "Parsec"

    Looking at the Rat id program's source code, I find:

    [PSCustomObject]@{Name = "Parsec"; DisplayName = "Parsec"; ProcessName = "parsecd", "pservice"; ExecutablePath = "Parsec\parsecd.exe", "Parsec\pservice.exe" }

    I was unable to find those names or paths anywhere on
    his drive or in his registry. And no running program
    or service called that or similar.

    Hmmmmmmmm. Your take?

    -T

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Paul@21:1/5 to All on Thu Dec 14 03:33:21 2023
    On 12/13/2023 11:03 PM, T wrote:
    Hi Paul,

    I ran the RAT identifier program you sent me to on
    on a customer's computer.  It kicked me out and it
    kicked out something called "Parsec"

    Looking at the Rat id program's source code, I find:

    [PSCustomObject]@{Name = "Parsec"; DisplayName = "Parsec"; ProcessName = "parsecd", "pservice"; ExecutablePath = "Parsec\parsecd.exe", "Parsec\pservice.exe" }

    I was unable to find those names or paths anywhere on
    his drive or in his registry.  And no running program
    or service called that or similar.

    Hmmmmmmmm.   Your take?

    -T

    Could it be disguised ?

    https://en.wikipedia.org/wiki/Parsec_%28software%29

    "In January 2018, Parsec partnered with Hewlett-Packard to create OMEN Game Stream,
    a free game streaming service based on Parsec's technology designed specifically for HP Omen PCs."

    A RAT Hunter needs continuous maintenance, almost as
    badly as an AV needs malware definitions :-)

    Paul

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From T@21:1/5 to Paul on Thu Dec 14 13:01:02 2023
    On 12/14/23 00:33, Paul wrote:
    On 12/13/2023 11:03 PM, T wrote:
    Hi Paul,

    I ran the RAT identifier program you sent me to on
    on a customer's computer.  It kicked me out and it
    kicked out something called "Parsec"

    Looking at the Rat id program's source code, I find:

    [PSCustomObject]@{Name = "Parsec"; DisplayName = "Parsec"; ProcessName = "parsecd", "pservice"; ExecutablePath = "Parsec\parsecd.exe", "Parsec\pservice.exe" }

    I was unable to find those names or paths anywhere on
    his drive or in his registry.  And no running program
    or service called that or similar.

    Hmmmmmmmm.   Your take?

    -T

    Could it be disguised ?

    https://en.wikipedia.org/wiki/Parsec_%28software%29

    "In January 2018, Parsec partnered with Hewlett-Packard to create OMEN Game Stream,
    a free game streaming service based on Parsec's technology designed specifically for HP Omen PCs."

    A RAT Hunter needs continuous maintenance, almost as
    badly as an AV needs malware definitions :-)

    Paul




    No doubt! Be nice if that program would tattle on
    where it finds stuff

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)