Re: Kerb.exe a legitimate service?
- From: "Rooster" <roospam@xxxxxxxx>
- Date: 2 Dec 2005 10:57:42 -0800
Ended up deleting the kerb.exe file. Looks like the infection may have
come into our environment by unpatched Arcserve agents on our DMZ.
Thanks for the reply.
Joe Richards [MVP] wrote:
> Doesn't come from MS. I don't have it on my 2003 domain controller nor my XP client.
>
> --
> Joe Richards Microsoft MVP Windows Server Directory Services
> www.joeware.net
>
>
> Rooster wrote:
> > One of our Windows 2000 servers had a pop-up from Symantec 8 today
> > reporting that it was infected with Backdoor.Trojan found in file
> > kerb.exe. I have been searching around the net and I can't find much
> > on kerb.exe except that a few spyware sites suggest that it is a
> > legitimate service. Could anyone confirm that
> > c:\winnt\system32\kerb.exe is a legit service? I did not find it on
> > another Windows 2000 server that I compared it against.
> >
> > Regards
> >
.
- References:
- Re: Kerb.exe a legitimate service?
- From: Joe Richards [MVP]
- Re: Kerb.exe a legitimate service?
- Prev by Date: Re: Win2003 SP2 secuity problem
- Next by Date: Re: Smartcard logon and certification authority
- Previous by thread: Re: Kerb.exe a legitimate service?
- Next by thread: Security Tab missing (Win 2003 Server)
- Index(es):
Relevant Pages
|
Loading
