L
lepokez
Hi, at around 04:18 AM my computer shutdown. I immediately powered it back on and nothing suspicious since then, but checking Windows Event Viewer, things look pretty weird.
Things happened sort of in this order, posting chronologically and what I found relevant:
Event ID: 10001 The following application attempted to veto the shutdown: CoreSync.exe.
Event ID: 10010 The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Event ID: 42 The system is entering sleep. Sleep Reason: Application API
Event ID: 4648 A logon was attempted using explicit credentials.
Event ID: 4672 Special privileges assigned to new logon.
Event ID: 4798 A user's local group membership was enumerated.
I don't know, what can I check exactly to see if anyone might have infiltrated my computer? The fact that I have so many log on attempts at exactly the time of the shut down is really weird to me. All the events attached are before the ID 42, when the PC went to sleep which was at 04:18:19.
Continue reading...
Things happened sort of in this order, posting chronologically and what I found relevant:
Event ID: 10001 The following application attempted to veto the shutdown: CoreSync.exe.
Event ID: 10010 The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Event ID: 42 The system is entering sleep. Sleep Reason: Application API
Event ID: 4648 A logon was attempted using explicit credentials.
Event ID: 4672 Special privileges assigned to new logon.
Event ID: 4798 A user's local group membership was enumerated.
I don't know, what can I check exactly to see if anyone might have infiltrated my computer? The fact that I have so many log on attempts at exactly the time of the shut down is really weird to me. All the events attached are before the ID 42, when the PC went to sleep which was at 04:18:19.
Continue reading...