hacked by someone.....
Posted on 2005-04-27
I find that my Windows 2000 SP4, with Terminal Service is hacked by someone. The hacking who did is installed QQ, and created two user account with $ sign at the end, i.e : abcd$
And there have some files in the Administrator Desktop, e.g. r_server.exe, windowsattack.exe ...etc.
The server I installed SQL2000 & Terminal Service, I have to granted the port 1433 & 3389 to open to public.
How can I fix this problem? I've try to run fresh installation of Windows 2000, but the server attack again within 24 hrs...