Russell, > There is a suspicious exe on the server in the c: > drive, mipckov.exe, and it > tried to access the Internet 1. Could you zip up a copy of the EXE and send it to me? 2. What was the full path to the exe on the system? 3. What port did the exe try to access? > We re-ran the mipckov > earlier this morning because > accounting was having a problem, What do you mean, "re-ran" it? You said it was suspicious...why would you then go back and run it? __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jun 28 2002 - 08:52:13 PDT