Jump to content

Fsnyder24

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. System Type - Server OS - Windows Server SBS 2008 (Service Pack 2) --Background Info-- This server (SCSERVER) shares were recently part of a mitigated and resolved ransomware attack. Terminal Services server (TSSERVER) on the network got hit by a Dharma2 variant. Worked with Proven Data Recovery to get back Data on both servers. This system has never exhibited signs of hosting the infection, the shares on the server did get encrypted. Those have been restored, nothing is being encrypted. This server is the Active Directory server, it is an SBS server, so it has SQL etc. I have already trimmed down the memory usage. I do have a windows image backup and complete file backup. ----------------------------------------------------------------------------------------------------------------------------- Now, to the Malwarebytes error. Malwarebytes will sit running in the tray or on the windows desktop just fine, as soon as I hit scan, about 3-4 minutes later I get this - Any help would be appreciated. I am trying to avoid the option of taking the company down for a whole day or three if I have to do a system image recovery.
  2. Same here. It's not only when I am trying to E-Mail from Adobe, it's also when I am trying to Print. Scanned with Trend Micro WFBS, SuperAntiSpyware, Malwarebytes - Nothing found Soon as I try to open a PDF, print a PDF, or anything else, this happens. I downloaded and ran ESET online scanner (free), it removed 4 items, since I removed those 4 items, operation has been returned to normal. TLDR; Scan with another anti virus scanner, remove infections. Done
  3. So, if I am wrong here, excuse me. But it seems like Trend Micro and others are being Hijacked by whatever infection is present on the machine?
  4. Have a weird incident with a clients network today. Something is opening up advertisement URL's and Trend Micro WFBS and Malware bytes, Norton, Eset all can't find it. Process Explorer and TCP view don't point to anything particular... But upon using Malware bytes Anti-Rootkit we did notice that it flagged Trend Micro's WFBS client registry entries as (Security.Hijack) Just though you guys would like to know, or maybe help me out if I am wrong. Thanks system-log.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.