ibexsystems
asked on
cant access server shares after being hacked
looks like one of my servers was hacked and has been used to mine bit coins..
this has all been cleaned up but the problem Im having is I cant \\servername or \\ipaddress to the server shares on the sbs2011 server.
(I can \\servername on the server itself and it works fine )
when I try from a windows 7 pc I get windows cannot access \\servername when I do the diagnostics the problem found says the remote device or resource won't accept the connection.
on the windows 7 pc I can ping the server fine with either the server name or the ip address.
anyone got any ideas???
Thanks in advance
this has all been cleaned up but the problem Im having is I cant \\servername or \\ipaddress to the server shares on the sbs2011 server.
(I can \\servername on the server itself and it works fine )
when I try from a windows 7 pc I get windows cannot access \\servername when I do the diagnostics the problem found says the remote device or resource won't accept the connection.
on the windows 7 pc I can ping the server fine with either the server name or the ip address.
anyone got any ideas???
Thanks in advance
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Good catch.
Thanks for letting us know.
Thanks for letting us know.
ASKER
checked the batch files and vb scripts before removing them deleted the registry entries that the vb script and batch files made..
deleted the users that where created and transposed the rdp port to make it a little more difficult to access
also changed all passwords on the server...
all the automatic services seem to be starting fine so does the share and security permissions.
as I said above the server can access to shares on itself.
*** looks like it was a problem with Sophos and the built in firewall has gone crazy re rolled out the Sophos client and it working fine now..