Jump to content

Howto detect and remove

Guest Milos Puchta

By Guest Milos Puchta
in Techno Babble

 Share

Recommended Posts

Guest Milos Puchta

Guest Milos Puchta

Posted
Posted

Hi

 

I have an W2K3( R2 SP2) Active Directory network

with ISA Server 2006 at the edge. Most computers

use Avast AV.

I have monitored attempts to connect from inside server

to foreign servers, in this case it is medical network in

California. I could not fully analyzed the process,as it

takes short time to appear. To give precise data,

unwanted process tried by robin like behaviour

connect several servers from network 64.54.89.0

Servers are 64bit operating system and I could not

use RootkitRevealer. Because of installation time

for ProcessExplorer with Symbols take more time

that the activity of that "beast", I have no trace...

 

What do you recommend to recover system back

to safe default?

 

TIA

Regards

Milos

  • Replies 1
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Peter Foldes

Guest Peter Foldes

Posted
Posted

Milos

 

You need to post this to the public.windows.server.security newsgroup.This is

public.security

 

Re-Post it here

 

news://msnews.microsoft.com/microsoft.publ...server.security

 

 

--

Peter

 

Please Reply to Newsgroup for the benefit of others

Requests for assistance by email can not and will not be acknowledged.

 

"Milos Puchta" <puchta@fel.cvut.cz> wrote in message

news:65B9544F-30C9-4665-9E0A-3D025574AEF5@microsoft.com...<span style="color:blue">

> Hi

>

> I have an W2K3( R2 SP2) Active Directory network with ISA Server 2006 at the edge.

> Most computers use Avast AV.

> I have monitored attempts to connect from inside server to foreign servers, in

> this case it is medical network in

> California. I could not fully analyzed the process,as it

> takes short time to appear. To give precise data,

> unwanted process tried by robin like behaviour connect several servers from

> network 64.54.89.0

> Servers are 64bit operating system and I could not

> use RootkitRevealer. Because of installation time

> for ProcessExplorer with Symbols take more time

> that the activity of that "beast", I have no trace...

>

> What do you recommend to recover system back to safe default?

> TIA

> Regards

> Milos </span>

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...