Press Ctl+Alt+Del to begin?

  • 1 Replies
  • 3502 Views

0 Members and 1 Guest are viewing this topic.

*

Offline INCAA

  • Major Guru
  • **
  • 12
  • 0
Press Ctl+Alt+Del to begin?
« on: February 06, 2012, 05:52:00 PM »
After running fine, all of a sudden Windows Embedded seemingly locks itself and I lose connection to the screen from the server.  It was almost as if the SIM had an issue, restarted, and instead of immediately logging in (as it has every other time we've restarted the SIM) it wanted for someone to press ctl+alt+del, to get into Windows?

We have since used the remote to power off the screen and when it restarted it seemed to work normally.  However, I don't seem to have hardware management features as the device icon is the blue power ring with black background vs the orange gradient that means all features are working.

Any ideas as to what happened, or a way to restore hardware/device management? I've never seen this before.

Thanks

*

Offline INCAA

  • Major Guru
  • **
  • 12
  • 0
Re: Press Ctl+Alt+Del to begin?
« Reply #1 on: February 10, 2012, 06:32:53 PM »
Since I haven't gotten any responses, Ill update with some new information.

It turns out our computer had been compromised.  The firewall had been turned off, and several unauthorized IP addresses were shown to be connected to the screen after running netstat. 

We are still experiencing the issue of windows workstation logging off after idle time.  Perhaps one of the windows files has been replaced with a Trojan file (which was removed by anti malware, but the registry damage is probably still there), as I know that the SIM units aren't set to have idle timers.  The screen is performing like it has been set to operate on a domain. 

I'm pretty sure the gross number of attempts to connect to the screen was causing the system to lock, and I think whoever placed the Trojan file set the workstation to lock after they logged off.

I need to figure out how to remotely install an additional firewall, that wont immediately disconnect my remote connection.

Any one have any other thoughts?