Hi there , I was checking my windooze 2008 r2 event logs and foudn the following, very worrying. Looks like my server is making requests to some Romainian site
http://myIP/w00tw00t.at.blackhats.romanian.anti-sec:
and the mail events are crazy! I have a very strong RDP password.
windows logs
A potentially dangerous Request.Path value was detected from the client (. at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)
http://myIP/w00tw00t.at.blackhats.romanian.anti-sec:)
/w00tw00t.at.blackhats.romanian.anti-sec:)
The Windows logon process has unexpectedly terminated.
The VSS service is shutting down due to idle timeout.
Ending a Windows Installer transaction: C:\Windows\Installer\3cdefbb.msi. Client Process Id: 3448.
20000+ of
Attempt to start Spool Server generated: System.NullReferenceException: Object reference not set to an instance of an object.
at SmarterTools.SmarterMail.MailServer.#f2b()