MA_1960 писал(а):
82665226
Igor661 писал(а):
82663755Скорее всего в сборке троян, который дает удаленный доступ к компьютеру. Заходит уродский хакер и запускает вирус шифровальщик и потом вымогает деньги.
ты головёнку свою лечить не пробовал?
Неужели ты за 9 с лишним лет нахождения на сайте "бесплатных" (т.е. взломанных) программ не понял, что антивирусные программы все активаторы считают вирусами?
Я это знаю, что активаторы антивирусы считают вирусами.
Кто - то ломился с моего компьютера 192.168.1.105 в сеть, вирус шифровальщик скачивал пакеты данных скорее всего.
Ломанули сразу после установки. За все время такое произошло первый раз.
Логи с роутера.
[I] Jan 25 01:11:35 telnetd: a new connection from ::ffff:192.168.1.105 accepted.
[I] Jan 25 01:11:35 telnetd: ::ffff:192.168.1.105 client disconnected.
[E] Jan 25 01:11:36 ndnproxy: unable to extract domain from request.
[E] Jan 25 01:11:51 mtkiappd: received a short request (0 <= 6) from 192.168.1.105.
[E] Jan 25 01:11:51 mtkiappd: received a short request (4 <= 6) from 192.168.1.105.
[E] Jan 25 01:11:51 mtkiappd: received a request with an unknown IAPP version 157 from 192.168.1.105.
[E] Jan 25 01:11:51 mtkiappd: received a request with an unknown IAPP version 189 from 192.168.1.105.
[E] Jan 25 01:11:51 mtkiappd: received a request with an unknown IAPP version 26 from 192.168.1.105.
[I] Jan 25 01:22:14 telnetd: a new connection from ::ffff:192.168.1.105 accepted.
[I] Jan 25 01:22:14 telnetd: ::ffff:192.168.1.105 client disconnected.
[E] Jan 25 01:22:15 ndnproxy: unable to extract domain from request.
[E] Jan 25 01:22:30 mtkiappd: received a short request (0 <= 6) from 192.168.1.105.
[E] Jan 25 01:22:30 mtkiappd: received a short request (4 <= 6) from 192.168.1.105.
[E] Jan 25 01:22:30 mtkiappd: received a request with an unknown IAPP version 157 from 192.168.1.105.
[E] Jan 25 01:22:30 mtkiappd: received a request with an unknown IAPP version 189 from 192.168.1.105.
[E] Jan 25 01:22:30 mtkiappd: received a request with an unknown IAPP version 26 from 192.168.1.105.
[I] Jan 25 01:35:50 telnetd: a new connection from ::ffff:192.168.1.106 accepted.
[I] Jan 25 01:35:50 telnetd: ::ffff:192.168.1.106 client disconnected.
[E] Jan 25 01:35:50 ndnproxy: unable to extract domain from request.
[I] Jan 25 02:05:56 ndm: UPnP::Manager: a new nat rule appended.
[I] Jan 25 02:05:56 ndm: UPnP::Manager: redirect rule added: tcp FastEthernet0/Vlan2:62285 -> 192.168.1.105:7070.
[I] Jan 25 02:05:56 ndm: UPnP::Manager: a filter rule replaced.
[I] Jan 25 02:05:56 ndm: UPnP::Manager: forward rule added: tcp FastEthernet0/Vlan2 -> 192.168.1.105:7070.
[I] Jan 25 02:46:54 ndhcps: DHCPREQUEST received (STATE_RENEWING) for 192.168.1.97 from 00:17:c8:c4:48:40.
[I] Jan 25 02:46:54 ndhcps: sending ACK of 192.168.1.97 to 00:17:c8:c4:48:40.
[I] Jan 25 05:24:36 ndhcps: DHCPREQUEST received (STATE_RENEWING) for 192.168.1.97 from 00:17:c8:c4:48:40.
[I] Jan 25 05:24:37 ndhcps: sending ACK of 192.168.1.97 to 00:17:c8:c4:48:40.
[I] Jan 25 08:31:30 ndm: Network::Interface::Switch: "FastEthernet0/1": switch link down at port 1.
[I] Jan 25 08:31:32 ndm: Network::Interface::Switch: "FastEthernet0/1": switch link up at port 1 (100FD/AN).
[I] Jan 25 08:53:11 ndhcps: DHCPREQUEST received (STATE_RENEWING) for 192.168.1.97 from 00:17:c8:c4:48:40.
[I] Jan 25 08:53:11 ndhcps: sending ACK of 192.168.1.97 to 00:17:c8:c4:48:40.
