Re: help please
From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 09/10/04
- Next message: anonymous_at_discussions.microsoft.com: "Re: Pass Word"
- Previous message: anonymous_at_discussions.microsoft.com: "Password"
- In reply to: mike leahy: "help please"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 10 Sep 2004 17:07:36 GMT
If you did a virus scan and found nothing and still experience to problem you need to
get at least a second opinion with another virus scan program and also a program that
is more geared to find trojans. The first two links below are for the free Trend
Micro Sysclean scan and removal tool and pattern file that will scan for many common
infections. Download and upzip both into the same folder and run from there.
http://www.trendmicro.com/download/dcs.asp
http://www.trendmicro.com/download/pattern.asp
http://tds.diamondcs.com.au/index.php?page=download -- free download for trojans.
http://www.microsoft.com/technet/security/guidance/avdind_0.mspx -- Microsoft
Antivirus Defense Guide'
There are several free tools from SysInternals that you can use to try and track down
what is going on. In particular TCPView, Process Explorer, Autoruns, and filemon.
TCPView will show what ports your computer is using and the related process. In the
process properties you can find the executable and path to it. Process Explorer gives
much more detailed info on processes. Autoruns displays startup programs on your
computer and filemon lets you monitor file access. See the link below on where to get
these tools and more info on them.
http://www.sysinternals.com/ntw2k/source/tcpview.shtml
Review the two links below. The first is Microsoft guidance on small business
security to help prevent this from happening again and the second is for why you
should consider rebuilding your server if it is found to be compromised. -- Steve
http://www.microsoft.com/smallbusiness/gtm/securityguidance/hub.mspx
http://www.microsoft.com/technet/community/columns/secmgmt/default.mspx
"mike leahy" <mleahy@ibs.ie> wrote in message
news:958a01c49712$567a7d10$a601280a@phx.gbl...
> hi , i am running win 2k small business server with sp 3.
> my hard disk is constantly losing space, i free up space
> only to find 1.5 gb eaten up at night time. my broadband
> company have informed me that there is high network
> activity going out of my network, i need to find out how
> to stop this space being eaten up every night,,,,, is it
> a hacker. my virus scan is up to date and its not that..
- Next message: anonymous_at_discussions.microsoft.com: "Re: Pass Word"
- Previous message: anonymous_at_discussions.microsoft.com: "Password"
- In reply to: mike leahy: "help please"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
