|
| From: | Brad Campbell |
| Subject: | Re: [Qemu-devel] Win2k-SP3 |
| Date: | Mon, 21 Jun 2004 17:57:22 +0400 |
| User-agent: | Mozilla Thunderbird 0.6+ (X11/20040602) |
Piotr Krysik wrote:
Hi,You can use# od -t x1z edbXXXXX.log | lessIt seems to be transactions log of Jet database [1]. The log, I guess, is related to database C:\WINNT\Security\Database\secedit.sdb. The database stores Local Security Policy [2]. I noticed that contents of all the files (except edb.log, edb00001.log and res1.log), is identical if first 32 bytes (header?) are ignored.
Hey, thanks for that. I'll get into the other files and then I can make wild speculative guesses about what could possibly be causing the problem. I have not "done windows" since 1996 so I'm a bit behind what it does and does not do, besides knowing that it does cause havoc and mayhem when infected with blaster or its kin.
Regards, Brad
| [Prev in Thread] | Current Thread | [Next in Thread] |