Announcement

Collapse
No announcement yet.

Security problem in a computer network

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security problem in a computer network

    I have a problem in a computer network. I have windows server 2012 r2 instaled. in a network of 75 computers integrated into Active directory. Although all PCs have antivirus up to date, someone manages to connect to other computers without user knowledge network ...The person has administrator privileges and can change settings, delete files.
    I tried different antivirus software but I have not found anything. I think it is a kind of Trojan horse or something that I can not detect. In the past I have found Win64.Expiro......scanning with Virus Total.
    I do not know how I could detect network virus
    Thank you for your answers.

  • #2
    Re: Security problem in a computer network

    before antivirus do the following :
    review the Member of administrator group, enterprise admin group, domain administrators group if you find a user account is member of any of these groups so he it your enemy,
    other
    change all your administrators accounts Passwords may be some one captured you credential via key logger, make sure it is complex password

    Comment


    • #3
      Re: Security problem in a computer network

      Thank you very much for your prompt answer.....
      I review the Member of administrator group, enterprise admin group, domain administrators group but i do not found anything.....
      I think that that virus/trojan is modified and integrated into a system process.
      I check with virus total and right now I have not found anything...what alternative I would have ?

      Comment


      • #4
        Re: Security problem in a computer network

        If you feel the attack is serious, shut everything down then get a product like malwarebytes.

        Begin with switching on the DC and scanning fully until you are sure it is clean (change the domain admin password as suggested already)
        Then add other systems one by one, scanning each one as you add it. Change local admin passwords and review local group membership on each.
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Security problem in a computer network

          How do you know this is happening - what are the symptoms?
          A recent poll suggests that 6 out of 7 dwarfs are not happy

          Comment

          Working...
          X