Windows过滤平台filter已更改 – 文件和打印机共享

我的Windows 2008 R2服务器遭受了大量的login尝试。
我想有人正在进行蛮力攻击。
有趣的是，我们的MySQLconfiguration文件昨晚被删除，所以他们肯定已经得到了。 但同时我的事件日志完全是这些消息：

A Windows Filtering Platform filter has been changed. Subject: Security ID: LOCAL SERVICE Account Name: NT AUTHORITY\LOCAL SERVICE Process Information: Process ID: 1184 Provider Information: ID: {decc16ca-3f33-4346-be1e-8fb4ae0f3d62} Name: Microsoft Corporation Change Information: Change Type: Delete Filter Information: ID: {3798315c-c633-46ee-8421-89dab23673e9} Name: File and Printer Sharing (Spooler Service - RPC-EPMAP) Type: Not persistent Run-Time ID: 3444308 Layer Information: ID: {e1cd9fe7-f4b5-4273-96c0-592e487b8650} Name: ALE Receive/Accept v4 Layer Run-Time ID: 44 Callout Information: ID: {00000000-0000-0000-0000-000000000000} Name: - Additional Information: Weight: 10378404878664860156 Conditions: Condition ID: {af043a0a-b34d-4f86-979c-c90371af6e66} Match value: Equal to Condition value: O:SYG:SYD:(A;;CCRC;;;S-1-5-80-979556362-403687129-3954533659-2335141334-1547273080) Condition ID: {0c1ba1af-5765-453f-af22-a8f791ac775b} Match value: Equal to Condition value: 0x0087 Condition ID: {46ea1551-2255-492b-8019-aabeee349f40} Match value: Equal to Condition value: 0x00000003 Condition ID: {ab3033c9-c0e3-4759-937d-5758c65d4ae3} Match value: Equal to Condition value: 0x00000003 Condition ID: {3971ef2b-623e-4f9a-8cb1-6e79b806b9a7} Match value: Equal to Condition value: 0x06 Filter Action: Permit 

我的托pipe公司不幸的是没有反应，并没有很大的帮助。 他们唯一的回应是改变我的密码…任何人都知道他们的意思，他们来自哪里？ 我猜这是Windows防火墙规则。 但这是正常的还是什么意思？