how do I work out who/what enabled a service
From: Bruce Baker (bruceb_at_newsgroups.nospam)
Date: 10/03/05
- Next message: Eric Denekamp: "Re: WIN2K3 SP1 for a web server I am deploying"
- Previous message: Ben: "Patch Management for Non-MS Products"
- Next in thread: Roger Abell [MVP]: "Re: how do I work out who/what enabled a service"
- Reply: Roger Abell [MVP]: "Re: how do I work out who/what enabled a service"
- Reply: Steven L Umbach: "Re: how do I work out who/what enabled a service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 3 Oct 2005 22:48:00 +1000
Hi
Got a client which has had a virus which installed serv-u ftp service.
Symantec and TrendMicro both give the machine a clean bill of health.
We disabled the above service but last night it got reenabled (got the GFI
network monitor on this server)
How do I work out which process would have done it ?
MBSA tells us we have all patches installed and no obvious risks. Somethings
up. Any ideas ?
All workstations inside the network also scan ok etc.
Thanks
- Next message: Eric Denekamp: "Re: WIN2K3 SP1 for a web server I am deploying"
- Previous message: Ben: "Patch Management for Non-MS Products"
- Next in thread: Roger Abell [MVP]: "Re: how do I work out who/what enabled a service"
- Reply: Roger Abell [MVP]: "Re: how do I work out who/what enabled a service"
- Reply: Steven L Umbach: "Re: how do I work out who/what enabled a service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
