![]() ![]() (services.exe ->) (MELAG Medizintechnik oHG -> MELAG Medizintechnik oHG) C:\Program Files (x86)\Melag\MELAG FTP Server\ (services.exe ->) (Firebird Project) C:\Program Files (x86)\Duerr\FBS\bin\fbserver.exe (services.exe ->) (Firebird Project) C:\Program Files (x86)\Duerr\FBS\bin\fbguard.exe (services.exe ->) (DUERR DENTAL AG) C:\Program Files (x86)\Duerr\Server\DBSSrv.exe (services.exe ->) (Apache Software Foundation) D:\DSSERVER\bin\httpd.exe > Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe (explorer.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos UI\Sophos UI.exe fuer Daten- und Textverarbeitung mbH -> Datext GmbH) C:\Datext\DeLaKom\DeLaKom.exe (explorer.exe ->) () C:\Program Files\rise-kim-clientmodul\rise-kim-clientmodul.exe (DUERR DENTAL AG) C:\Program Files (x86)\Duerr\LogServer\DBSLOG.EXE (Computer konkret AG -> Computer konkret AG) C:\Program Files (x86)\praxis-upgrade\Instances\CKTWHEALTH\DentalSoftware\STOMAWIN\STOMAWIN.EXE (C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNetFilter.exe (C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_圆4.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe > The Chromium Authors) C:\Program Files (x86)\praxis-upgrade\Instances\CKTWHEALTH\DentalSoftware\STOMAWIN\chromium\WindowsX86\chromium.exe (C:\Program Files (x86)\praxis-upgrade\Instances\CKTWHEALTH\DentalSoftware\STOMAWIN\STOMAWIN.EXE ->) (TEAMDEV LTD. (C:\Program Files (x86)\PAConceptsServer\procrun.exe ->) () C:\Program Files (x86)\PAConceptsServer\PAConceptsServer.exe > Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. (If an entry is included in the fixlist, the process will be closed. Platform: Microsoft Windows Server 2016 Standard Version 1607 14393.6167 (X64) Language: Deutsch (Deutschland) Loaded Profiles: Remote-MK & Administrator & MSSQL$MICROSOFT#WID & MSSQL$PDATA_SQLEXPRESS Ran by Administrator (administrator) on vm-rds (Microsoft Corporation Virtual Machine) (07-09-2023 13:23:45) Scan result of Farbar Recovery Scan Tool (FRST) (圆4) Version: 28-08-2023 Greetings and great to have support from you guys! The impact itself is now only a few minutes with the new server but i need to find the real problem. I would appreciate any help / steps i could do to rule out any infection as source of the problem. unfortunately i cannot find the error and am not a professional security analyst. Also i see a few strange login things in the security eventlog and that smb2/3 was deactived and tried to connect as anonymous to smb1. I now tried MSERT and the scanner finds some things. Scan with sophos scan and clean was clean, so at first i thought okay no malware issue probably. Via localhost they are working anytime as far as i can tell. But the shared network drives are not working anymore although they are shared from the own vm via dns name. When it is happening i still can access through teamviewer onto the vm. So hardware ist not the reason so far i can see. The already exchanged complete hardware and moved to another server. A restart of the vm helps for a couple of hours. The vm hosts the order redirection, without offline files, so it always has big impact. Sometimes (looks randomly) the clients in the network loose the network connection to the vm. I experience some strange issues i could not resolve yet with a VM on Server 2016 Std. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |