Sign up with Googlestormwalkerza
Senior Member
- Joined
- Jun 10, 2005
- Messages
- 521
I keep getting files posted to my open shares on my lan
Finally found a nifty app to monitor who/how it got here
******GUEST (41.0.18.246 (Computer: ) ) CONNECTED at 1/20/2010 2:13:08 PM
-- GUEST(41.0.18.246) Opened at 1/20/2010 2:13:28 PM for:C:\Downloads\renamer\xpoxlk.exe(WRITING,0 locks)
-- GUEST(41.0.18.246) Opened at 1/20/2010 2:14:25 PM for:C:\Downloads\renamer\xpoxlk.exe(READ,0 locks)
Heres the scan info
http://www.virustotal.com/analisis/...46a2dc6517db60708c8354543fcbad27a5-1263659816
Anyone know what valnerability it is exploiting ?
Unforunalty i have to have a share open, but obv dont want inet things being downloaded all the time.
Scanned all the local pc's as i thought it was being copied from an infected machine, but now i see its being done from the net, and want to close the hole
Storm
Finally found a nifty app to monitor who/how it got here
******GUEST (41.0.18.246 (Computer: ) ) CONNECTED at 1/20/2010 2:13:08 PM
-- GUEST(41.0.18.246) Opened at 1/20/2010 2:13:28 PM for:C:\Downloads\renamer\xpoxlk.exe(WRITING,0 locks)
-- GUEST(41.0.18.246) Opened at 1/20/2010 2:14:25 PM for:C:\Downloads\renamer\xpoxlk.exe(READ,0 locks)
Heres the scan info
http://www.virustotal.com/analisis/...46a2dc6517db60708c8354543fcbad27a5-1263659816
Anyone know what valnerability it is exploiting ?
Unforunalty i have to have a share open, but obv dont want inet things being downloaded all the time.
Scanned all the local pc's as i thought it was being copied from an infected machine, but now i see its being done from the net, and want to close the hole
Storm
