I have a unique problem.?? Vipre Antivirus missed some malware which "phones home" every minute and 40 seconds, and spike the CPU to 100% for 6-8 seconds on my Windows Server 2008 Entrerprise server.?? This server is virtualized in a VMWare environment, and runs all of our school district DHCP services.?? This is a big deal because if a device is looking for an IP during this 6-8 second period of high CPU utilization, it will just timeout, and assign a local APIPA IP causing our users to have no idea what the problem is...
?
I finally found the problem by installing Malwarebytes, and it is able to remove the malware, here are the pertinent lines from the log entry:
?
Windows Server 2008 Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
?
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Data: 1 -> Quarantined and deleted successfully.
?
However, the moment that I restart the server, it comes right back.
?
If this was a Windows 7 PC, the forums talk about using the Combofix.exe utility, but it doesn't run on a server.
?
I have looked in the Registry Run Once and Run keys, and found nothing...?? Does anyone know where this bugger might be hiding?
?
Any help would be much appreciated!
Source: http://www.bleepingcomputer.com/forums/topic487606.html
kim richards robert hegyes mary louise parker mary louise parker cher morgellons nhl all star draft
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.