S
Sergei Shelukhin
Hi.
I have a following problem. Due to mishandling my computer running
Windows XP Pro was exposed to Internet without a firewall or antivirus
for about 7 hours yesterday. Checking the logs, I noticed many
portscans and 3 hour long (unsuccessful) brute force dictionary attack
against SQL Server.
I have immediately booted into safe mode, and ran Spybot S&D, AdAware
and ClamWin antivirus scans with all the latest databases - nothing
was found. Later I also tried exhaustive disk check w/checkdisc after
booting to recovery console suspecting I have a HD issue however it
found nothing and problem persisted.
The problem was that after a random amount of time (15mins to 4 hours)
after booting system would run out of some invisible resources that is
needed to do everything (handles?) - program will refuse to write
files, sound won't play and USB sticks won't mount, icons would
randomly disappear or change to generic in taskbar and on desktop,
many programs would not be able to write or read files, and fonts in
many programs (FIrefox, Winamp, VS 2005, putty) would change to some
generic font, background would disappear from XP Shutdown dialog etc
The strangest thing is that it happens at random, say if I save 5
files in VS 2005, 2 will save and 4 will not in no particular order,
same with icons disappearing etc).
Previous uptimes for the system were in the range of weeks or months
so it used to be very stable.
ProcessExplorer shows no strange (either by any counters or by their
mere presence) processes.
According to selective process killing and poking around I am starting
to suspect that ctfmon "CTF Loader" process is to blame. I remember
that it was around long ago so it seems to be ok by itself.
What is this process? What do I do to diagnose or solve this problem?
0_o
I have a following problem. Due to mishandling my computer running
Windows XP Pro was exposed to Internet without a firewall or antivirus
for about 7 hours yesterday. Checking the logs, I noticed many
portscans and 3 hour long (unsuccessful) brute force dictionary attack
against SQL Server.
I have immediately booted into safe mode, and ran Spybot S&D, AdAware
and ClamWin antivirus scans with all the latest databases - nothing
was found. Later I also tried exhaustive disk check w/checkdisc after
booting to recovery console suspecting I have a HD issue however it
found nothing and problem persisted.
The problem was that after a random amount of time (15mins to 4 hours)
after booting system would run out of some invisible resources that is
needed to do everything (handles?) - program will refuse to write
files, sound won't play and USB sticks won't mount, icons would
randomly disappear or change to generic in taskbar and on desktop,
many programs would not be able to write or read files, and fonts in
many programs (FIrefox, Winamp, VS 2005, putty) would change to some
generic font, background would disappear from XP Shutdown dialog etc
The strangest thing is that it happens at random, say if I save 5
files in VS 2005, 2 will save and 4 will not in no particular order,
same with icons disappearing etc).
Previous uptimes for the system were in the range of weeks or months
so it used to be very stable.
ProcessExplorer shows no strange (either by any counters or by their
mere presence) processes.
According to selective process killing and poking around I am starting
to suspect that ctfmon "CTF Loader" process is to blame. I remember
that it was around long ago so it seems to be ok by itself.
What is this process? What do I do to diagnose or solve this problem?
0_o
)