Napadi po mreži ?
Objavljeno: 12. Okt 2010 ob 19:52
Danes sem pustil PC za nekaj uric in ko sem se vrnil, je bilo čudno.
Detajli:
- laufa Windows XP, Skype in uTorrent (oba minimizirana)
- zaklenem (torej kaže welcome screen, z mojo ikono ("Logged on") in še drugi uporabnik)
- mine nekaj uric
- pridem nazaj, slika še ista
- se prijavim
1.) Ne duha ne sluha o Skype in uTorrent.
2.) V Event logu nekaj sumljivih vnosov:
- Event ID 4226, Tcpip "TCP/IP has reached the security limit imposed on the number of concurrent (incomplete) TCP connect attempts."
- čez 15 minut še enkrat 4226
- čez 3 minute : Event ID 1006 , TermService "The terminal server received large number of incomplete connections. The system may be under attack"."
- čez 25 minut : Event ID 4226
- čez 60 minut : Event ID 4226
- čez 6 minut : Event ID 4201, Tcpip (tale je Info, ni error ali warning) "adapter was connected to network..."
- čez 30 minut : Event ID 6009, EventLog - zapisi o bootanju, zgleda, da se je restartal
- čez 70 minut : Event ID 1006 , TermService "The terminal server received large number of incomplete connections. The system may be under attack"."
Restart je sumljiv. Priklopljeno imam namreč preko USB zunanji disk, kar zelo zmede BIOS med boot-om.
Preprosto povedano: če je ta disk priklopljen, BIOS zmrzne med (pred) boot-om.
Help!?
Detajli:
- laufa Windows XP, Skype in uTorrent (oba minimizirana)
- zaklenem (torej kaže welcome screen, z mojo ikono ("Logged on") in še drugi uporabnik)
- mine nekaj uric
- pridem nazaj, slika še ista
- se prijavim
1.) Ne duha ne sluha o Skype in uTorrent.
2.) V Event logu nekaj sumljivih vnosov:
- Event ID 4226, Tcpip "TCP/IP has reached the security limit imposed on the number of concurrent (incomplete) TCP connect attempts."
- čez 15 minut še enkrat 4226
- čez 3 minute : Event ID 1006 , TermService "The terminal server received large number of incomplete connections. The system may be under attack"."
- čez 25 minut : Event ID 4226
- čez 60 minut : Event ID 4226
- čez 6 minut : Event ID 4201, Tcpip (tale je Info, ni error ali warning) "adapter was connected to network..."
- čez 30 minut : Event ID 6009, EventLog - zapisi o bootanju, zgleda, da se je restartal
- čez 70 minut : Event ID 1006 , TermService "The terminal server received large number of incomplete connections. The system may be under attack"."
Restart je sumljiv. Priklopljeno imam namreč preko USB zunanji disk, kar zelo zmede BIOS med boot-om.
Preprosto povedano: če je ta disk priklopljen, BIOS zmrzne med (pred) boot-om.
Help!?