Unknown services - Virus?
Hi,Silent Bruter.exewinntcrytserv.exeThese two unknown services is on the server. when the server is up, it has serious network activity receiving traffic. It looks bad. has anyone come across this ?...
View ArticleUnknown services - Virus?
You need to get those submitted to virustotal and get that thing off the network asap.
View ArticleUnknown services - Virus?
They don't seem to be listed as known malware (bitdefender) but it could be that they are malformed / badly written / incorrectly installed services for some sort of application written for use on...
View ArticleUnknown services - Virus?
Get Process Explorer on it and use the option it has to submit the hashes of any running process to Virus Total.Also get the physical path to those files.Run tcpview as it will give you an idea of the...
View ArticleUnknown services - Virus?
Considering that if you google those executables this is the only page that is returned... you have an issue....a serious one
View ArticleUnknown services - Virus?
I deleted all entries in registry. network activity look normal. proccess looks normal. It looks like a hack..Thanks guys for your replays..
View ArticleUnknown services - Virus?
If you submitted them to virustotal, please post the links to their scan page.
View ArticleUnknown services - Virus?
britv8 wrote:I'd still nuke the serverAbsolutely. Those are the 2 files that you know of. Given that this is a potential undetected piece of malware, you have no idea what else might still be lurking...
View ArticleUnknown services - Virus?
Lawrence Abrams wrote:If you submitted them to virustotal, please post the links to their scan page.https://www.virustotal.com/en/ip-address/37.1.195.158/information/ Opens a new windowIn last detected...
View ArticleUnknown services - Virus?
hutchingsp wrote:You need to get those submitted to virustotal and get that thing off the network asap.Absolutely right.In the meantime, get it off the LAN, check the logs and consider wiping it.
View ArticleUnknown services - Virus?
Anakha56 wrote:https://www.virustotal.com/en/ip-address/37.1.195.158/information/ Opens a new windowIn last detected URLS for that IP there is this:Text12/39 2013-05-20 11:15:20...
View Article
