Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Server 2003 Security Zone


  • Please log in to reply
2 replies to this topic

#1 bleepingnetwork

bleepingnetwork

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Planet X
  • Local time:11:32 PM

Posted 15 September 2008 - 07:32 AM

On server 2003 in internet explorer>tools>security>trusted sites>sites. there is a URL that keeps comming back. When I remove it, it returns as soon as I open the trusted sites again. I even explictly added it to the restricted sites section and it still comes back. :huh:
I have investigated the site a little and it has a .uk attached to it. after doing a whois on them it says the site does not exist, but I was able to go to "central ops" and was able to trace it to denmark... copenhagen to be exact... it is a hacking site of sorts and a fairly interesting one at that. but I do not want this thing stuck on a server at work. "It almost feels as if it is saying... you have been hacked by (web.site.name.uk)" :thumbsup:
Virus scans show nothing about this issue, neigther does the "windows malicious software tool". I have only been running this network a short time and believe it came about before my tenure. Any thoughts on how to get rid of this and how to look into what they may have done would be more than appreciated.

The forest has control of the firewalls, I am not able to control them.

BleepingNetwork

BC AdBot (Login to Remove)

 


#2 bleepingnetwork

bleepingnetwork
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Planet X
  • Local time:11:32 PM

Posted 16 September 2008 - 03:41 AM

Hijack This detected it and I was able to Delete the URL, but it still leaves me wondering if there maybe something more to it.

#3 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:10:32 PM

Posted 16 September 2008 - 10:48 AM

Maybe you can post the hijackthis log in the appropriate place, and let the experts take a look at it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users