troubleshooting Question

Have I been hacked?

Avatar of crp0499
crp0499Flag for United States of America asked on
SecurityWindows Server 2008
2 Comments1 Solution435 ViewsLast Modified:
so, all weekend, I've been using RDP to access this remote server.  my settings (domainname\username and password) are saved so that when I hit connect, I log right in.

when I log in, I get the local physical host, and i go to hyper-v to manage my virtual server.

so, this morning, I can't log in.  my local username/password combo, the one I've been using all weekend, doesn't work.

when my local tech attempts to log in, he only has two usernames to choose from.  one is administrator and the other if office$

the office$ is unknown to me.

so, I think I've been hacked.  the password for administrator would not have been difficult to guess.

so, I'm going to boot with the NT crack utility, reset the local administrator password, and then try again.

thoughts?

thanks

cliff
ASKER CERTIFIED SOLUTION
locomotiveDigital

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 2 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros