瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 魔波用瑞星杀不掉啊
魔王的布布 - 2006-10-2 20:02:00
魔波用瑞星杀不掉啊~安全模式也不行~
专杀也无用~全盘格式也不行啊~!
究竟怎么杀才行啊?
高手救救~!
newcenturymoon - 2006-10-2 20:03:00
不可能巴  。。那玩意没有这么厉害 
再说你怎么知道是魔波
魔王的布布 - 2006-10-2 20:19:00
我出现了魔波的状况~那两个窗口和网上的一摸一样~
我现在怀疑是魔波的变种~!
newcenturymoon - 2006-10-2 20:21:00
把系统补丁打全
到http://forum.ikaka.com/topic.asp?board=28&artid=8105899
下载HijackThis
下载后运行HijackThis.rar,再运行HijackThis.exe
单机"扫描日志并保存日志"
把保存的日志复制粘贴上来.
魔王的布布 - 2006-10-2 20:34:00
HijackThis_815汉化版扫描日志 V1.99.1
保存于      20:22:48, 日期 2006-10-2
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
d:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
d:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Tencent\TT\TTraveler.exe
C:\WINDOWS\system32\wuauclt.exe
D:\HijackThis1991zww.exe

O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [RfwMain] "d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavScanBD] "D:\program files\rising\rfw\ScanBD.exe" /INST
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - 浏览器额外的按钮: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing)
O14 - IERESET.INF: START_PAGE_URL=about:blank
O17 - HKLM\System\CCS\Services\Tcpip\..\{21FE0BDD-1612-4A48-B579-AF3B6269F266}: NameServer = 202.96.128.166 202.96.128.86
O17 - HKLM\System\CS1\Services\Tcpip\..\{21FE0BDD-1612-4A48-B579-AF3B6269F266}: NameServer = 202.96.128.166 202.96.128.86
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
魔王的布布 - 2006-10-2 20:34:00
是这些么~?
newcenturymoon - 2006-10-2 20:36:00
把自动更新打开 把系统补丁打全
魔王的布布 - 2006-10-2 20:37:00
在下了~才3%~
魔王的布布 - 2006-10-2 20:39:00
用360安全卫士扫描漏洞来下载更新可以么?
newcenturymoon - 2006-10-2 20:41:00
魔王的布布 - 2006-10-2 20:47:00
在这段其间瑞星防火不断有提示说远程的一个地址不停的向我发送一个TCP数据包啊~
那个地址是我用防火墙封了的139,445端口~
天天泡泡 - 2006-10-2 20:52:00
把补丁打上了再说
魔王的布布 - 2006-10-2 20:53:00
ip包信息:
接受到TCP包,Flag=SYN
本地地址
对方地址:58.62.25.228:3616
魔王的布布 - 2006-10-2 20:57:00
HijackThis_815汉化版扫描日志 V1.99.1
保存于      20:46:48, 日期 2006-10-2
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
d:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
d:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Tencent\TT\TTraveler.exe
C:\WINDOWS\system32\wuauclt.exe
D:\HijackThis1991zww.exe

O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [RfwMain] "d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - 浏览器额外的按钮: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing)
O14 - IERESET.INF: START_PAGE_URL=about:blank
O17 - HKLM\System\CCS\Services\Tcpip\..\{21FE0BDD-1612-4A48-B579-AF3B6269F266}: NameServer = 202.96.128.166 202.96.128.86
O17 - HKLM\System\CS1\Services\Tcpip\..\{21FE0BDD-1612-4A48-B579-AF3B6269F266}: NameServer = 202.96.128.166 202.96.128.86
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe

魔王的布布 - 2006-10-2 20:58:00
打上了~日志在上面~
魔王的布布 - 2006-10-2 21:01:00
麻烦各位帮下手~我这几天被折腾得快疯了~!谢谢各位了~!
魔王的布布 - 2006-10-2 21:11:00
2006-10-02 20:55:22, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.163.51:4509 ;满足规则:MS06-040
2006-10-02 20:55:19, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.163.51:4509 ;满足规则:MS06-040
2006-10-02 20:52:27, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.151.252:1594 ;满足规则:MS06-040
2006-10-02 20:52:24, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.151.252:1594 ;满足规则:MS06-040
2006-10-02 20:51:55, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.234.36:1897 ;满足规则:MS06-040
2006-10-02 20:49:59, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.163.205:1739 ;满足规则:MS06-040
2006-10-02 20:49:56, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.163.205:1739 ;满足规则:MS06-040
2006-10-02 20:48:56, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.70.51:4880 ;满足规则:MS06-040
2006-10-02 20:47:15, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.188.155:2684 ;满足规则:MS06-040
2006-10-02 20:47:12, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.188.155:2684 ;满足规则:MS06-040
2006-10-02 20:42:47, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.61.208.158:3141 ;满足规则:MS06-040
2006-10-02 20:41:40, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.188.155:4182 ;满足规则:MS06-040
2006-10-02 20:41:37, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.188.155:4182 ;满足规则:MS06-040
2006-10-02 20:40:40, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.25.228:3616 ;满足规则:MS06-040
2006-10-02 20:40:38, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.25.228:3616 ;满足规则:MS06-040
2006-10-02 20:34:26, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.24.92:1935 ;满足规则:MS06-040
2006-10-02 20:34:23, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.24.92:1935 ;满足规则:MS06-040
2006-10-02 20:32:55, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.151.252:3462 ;满足规则:MS06-040
2006-10-02 20:32:52, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.151.252:3462 ;满足规则:MS06-040
2006-10-02 20:31:47, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.151.252:3884 ;满足规则:MS06-040
2006-10-02 20:31:44, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.151.252:3884 ;满足规则:MS06-040
2006-10-02 20:31:32, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.24.92:3777 ;满足规则:MS06-040
2006-10-02 20:30:34, 系统禁止接收TCP数据包;地址为:58.62.225.211:139[文件共享] <= 58.62.37.92:1607 ;满足规则:MS06-040
2006-10-02 20:30:27, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.116.13:3747 ;满足规则:MS06-040
2006-10-02 20:30:24, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.116.13:3747 ;满足规则:MS06-040
2006-10-02 20:27:05, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.163.51:2366 ;满足规则:MS06-040
2006-10-02 20:24:55, 系统禁止接收TCP数据包;地址为:58.62.225.211:139[文件共享] <= 58.62.48.41:4970 ;满足规则:MS06-040
2006-10-02 20:24:49, 系统禁止接收TCP数据包;地址为:58.62.225.211:139[文件共享] <= 58.62.48.41:4970 ;满足规则:MS06-040
2006-10-02 20:24:46, 系统禁止接收TCP数据包;地址为:58.62.225.211:139[文件共享] <= 58.62.48.41:4970 ;满足规则:MS06-040
2006-10-02 20:23:51, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.197.252:3314 ;满足规则:MS06-040
2006-10-02 20:23:48, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.197.252:3314 ;满足规则:MS06-040
2006-10-02 20:19:37, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.64.101:3926 ;满足规则:MS06-040
2006-10-02 20:19:34, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.64.101:3926 ;满足规则:MS06-040
2006-10-02 20:18:46, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:18:41, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:18:37, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 58.252.71.32 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:18:32, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 58.252.71.32 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:17:07, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:17:02, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:16:58, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 58.252.71.32 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:16:53, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 58.252.71.32 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:16:22, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:16:17, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:11:15, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.69.41:2491 ;满足规则:MS06-040
2006-10-02 20:11:12, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.69.41:2491 ;满足规则:MS06-040
2006-10-02 20:09:25, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:1341 ;满足规则:MS06-040
2006-10-02 20:09:22, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:1341 ;满足规则:MS06-040
2006-10-02 20:04:55, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.187.10:1238 ;满足规则:MS06-040
2006-10-02 20:04:52, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.187.10:1238 ;满足规则:MS06-040
2006-10-02 20:03:20, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:3370 ;满足规则:MS06-040
2006-10-02 20:03:17, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:3370 ;满足规则:MS06-040
2006-10-02 19:57:45, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.197.252:4799 ;满足规则:MS06-040
2006-10-02 19:57:44, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.50.15:2811 ;满足规则:MS06-040
2006-10-02 19:57:42, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.197.252:4799 ;满足规则:MS06-040
2006-10-02 19:53:31, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.56.33:4460 ;满足规则:MS06-040
2006-10-02 19:53:28, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.56.33:4460 ;满足规则:MS06-040
2006-10-02 19:53:17, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:2707 ;满足规则:MS06-040
2006-10-02 19:53:14, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:2707 ;满足规则:MS06-040
2006-10-02 19:52:03, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.141.29:3063 ;满足规则:MS06-040
2006-10-02 19:50:24, 系统禁止接收TCP数据包;地址为:58.62.226.90:139[文件共享] <= 58.62.5.13:3375 ;满足规则:MS06-040
2006-10-02 19:50:08, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.56.33:3774 ;满足规则:MS06-040
2006-10-02 19:50:05, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.56.33:3774 ;满足规则:MS06-040
2006-10-02 19:47:35, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.157.94:3214 ;满足规则:MS06-040
2006-10-02 19:47:29, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.157.94:3214 ;满足规则:MS06-040
2006-10-02 19:47:26, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.157.94:3214 ;满足规则:MS06-040
2006-10-02 19:22:54, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.7.204:1300 ;满足规则:MS06-040
2006-10-02 19:22:54, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.7.204:1291 ;满足规则:MS06-040
2006-10-02 19:22:51, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.7.204:1300 ;满足规则:MS06-040
2006-10-02 19:22:51, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.7.204:1291 ;满足规则:MS06-040
2006-10-02 19:22:24, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.25.168:1938 ;满足规则:MS06-040
2006-10-02 19:22:21, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.25.168:1938 ;满足规则:MS06-040
2006-10-02 19:21:26, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.56.33:3800 ;满足规则:MS06-040
2006-10-02 19:21:23, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.56.33:3800 ;满足规则:MS06-040
2006-10-02 19:15:12, 系统禁止接收TCP数据包;地址为:58.62.226.241:445[SMB(交换服务器消息块)] <= 58.62.164.166:3818 ;满足规则:MS06-040
2006-10-02 19:15:09, 系统禁止接收TCP数据包;地址为:58.62.226.241:445[SMB(交换服务器消息块)] <= 58.62.164.166:3818 ;满足规则:MS06-040
2006-10-02 19:13:20, 系统禁止接收TCP数据包;地址为:58.62.226.225:445[SMB(交换服务器消息块)] <= 58.62.157.94:1255 ;满足规则:MS06-040
2006-10-02 19:13:14, 系统禁止接收TCP数据包;地址为:58.62.226.225:445[SMB(交换服务器消息块)] <= 58.62.157.94:1255 ;满足规则:MS06-040
2006-10-02 19:13:11, 系统禁止接收TCP数据包;地址为:58.62.226.225:445[SMB(交换服务器消息块)] <= 58.62.157.94:1255 ;满足规则:MS06-040
魔王的布布 - 2006-10-2 21:12:00
2006-10-02 20:55:22, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.163.51:4509 ;满足规则:MS06-040
2006-10-02 20:55:19, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.163.51:4509 ;满足规则:MS06-040
2006-10-02 20:52:27, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.151.252:1594 ;满足规则:MS06-040
2006-10-02 20:52:24, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.151.252:1594 ;满足规则:MS06-040
2006-10-02 20:51:55, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.234.36:1897 ;满足规则:MS06-040
2006-10-02 20:49:59, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.163.205:1739 ;满足规则:MS06-040
2006-10-02 20:49:56, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.163.205:1739 ;满足规则:MS06-040
2006-10-02 20:48:56, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.70.51:4880 ;满足规则:MS06-040
2006-10-02 20:47:15, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.188.155:2684 ;满足规则:MS06-040
2006-10-02 20:47:12, 系统禁止接收TCP数据包;地址为:58.62.77.151:445[SMB(交换服务器消息块)] <= 58.62.188.155:2684 ;满足规则:MS06-040
2006-10-02 20:42:47, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.61.208.158:3141 ;满足规则:MS06-040
2006-10-02 20:41:40, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.188.155:4182 ;满足规则:MS06-040
2006-10-02 20:41:37, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.188.155:4182 ;满足规则:MS06-040
2006-10-02 20:40:40, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.25.228:3616 ;满足规则:MS06-040
2006-10-02 20:40:38, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.25.228:3616 ;满足规则:MS06-040
2006-10-02 20:34:26, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.24.92:1935 ;满足规则:MS06-040
2006-10-02 20:34:23, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.24.92:1935 ;满足规则:MS06-040
2006-10-02 20:32:55, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.151.252:3462 ;满足规则:MS06-040
2006-10-02 20:32:52, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.151.252:3462 ;满足规则:MS06-040
2006-10-02 20:31:47, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.151.252:3884 ;满足规则:MS06-040
2006-10-02 20:31:44, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.151.252:3884 ;满足规则:MS06-040
2006-10-02 20:31:32, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.24.92:3777 ;满足规则:MS06-040
2006-10-02 20:30:34, 系统禁止接收TCP数据包;地址为:58.62.225.211:139[文件共享] <= 58.62.37.92:1607 ;满足规则:MS06-040
2006-10-02 20:30:27, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.116.13:3747 ;满足规则:MS06-040
2006-10-02 20:30:24, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.116.13:3747 ;满足规则:MS06-040
2006-10-02 20:27:05, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.163.51:2366 ;满足规则:MS06-040
2006-10-02 20:24:55, 系统禁止接收TCP数据包;地址为:58.62.225.211:139[文件共享] <= 58.62.48.41:4970 ;满足规则:MS06-040
2006-10-02 20:24:49, 系统禁止接收TCP数据包;地址为:58.62.225.211:139[文件共享] <= 58.62.48.41:4970 ;满足规则:MS06-040
2006-10-02 20:24:46, 系统禁止接收TCP数据包;地址为:58.62.225.211:139[文件共享] <= 58.62.48.41:4970 ;满足规则:MS06-040
2006-10-02 20:23:51, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.197.252:3314 ;满足规则:MS06-040
2006-10-02 20:23:48, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.197.252:3314 ;满足规则:MS06-040
2006-10-02 20:19:37, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.64.101:3926 ;满足规则:MS06-040
2006-10-02 20:19:34, 系统禁止接收TCP数据包;地址为:58.62.225.211:445[SMB(交换服务器消息块)] <= 58.62.64.101:3926 ;满足规则:MS06-040
2006-10-02 20:18:46, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:18:41, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:18:37, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 58.252.71.32 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:18:32, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 58.252.71.32 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:17:07, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:17:02, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:16:58, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 58.252.71.32 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:16:53, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 58.252.71.32 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:16:22, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:16:17, 系统禁止接收ICMP数据包;地址为:58.62.225.211 <= 211.147.251.10 Code=0, Type=8 ;满足规则:禁止Ping入
2006-10-02 20:11:15, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.69.41:2491 ;满足规则:MS06-040
2006-10-02 20:11:12, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.69.41:2491 ;满足规则:MS06-040
2006-10-02 20:09:25, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:1341 ;满足规则:MS06-040
2006-10-02 20:09:22, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:1341 ;满足规则:MS06-040
2006-10-02 20:04:55, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.187.10:1238 ;满足规则:MS06-040
2006-10-02 20:04:52, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.187.10:1238 ;满足规则:MS06-040
2006-10-02 20:03:20, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:3370 ;满足规则:MS06-040
2006-10-02 20:03:17, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:3370 ;满足规则:MS06-040
2006-10-02 19:57:45, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.197.252:4799 ;满足规则:MS06-040
2006-10-02 19:57:44, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.50.15:2811 ;满足规则:MS06-040
2006-10-02 19:57:42, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.197.252:4799 ;满足规则:MS06-040
2006-10-02 19:53:31, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.56.33:4460 ;满足规则:MS06-040
2006-10-02 19:53:28, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.56.33:4460 ;满足规则:MS06-040
2006-10-02 19:53:17, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:2707 ;满足规则:MS06-040
2006-10-02 19:53:14, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.65.34:2707 ;满足规则:MS06-040
2006-10-02 19:52:03, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.141.29:3063 ;满足规则:MS06-040
2006-10-02 19:50:24, 系统禁止接收TCP数据包;地址为:58.62.226.90:139[文件共享] <= 58.62.5.13:3375 ;满足规则:MS06-040
2006-10-02 19:50:08, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.56.33:3774 ;满足规则:MS06-040
2006-10-02 19:50:05, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.56.33:3774 ;满足规则:MS06-040
2006-10-02 19:47:35, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.157.94:3214 ;满足规则:MS06-040
2006-10-02 19:47:29, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.157.94:3214 ;满足规则:MS06-040
2006-10-02 19:47:26, 系统禁止接收TCP数据包;地址为:58.62.226.90:445[SMB(交换服务器消息块)] <= 58.62.157.94:3214 ;满足规则:MS06-040
2006-10-02 19:22:54, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.7.204:1300 ;满足规则:MS06-040
2006-10-02 19:22:54, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.7.204:1291 ;满足规则:MS06-040
2006-10-02 19:22:51, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.7.204:1300 ;满足规则:MS06-040
2006-10-02 19:22:51, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.7.204:1291 ;满足规则:MS06-040
2006-10-02 19:22:24, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.25.168:1938 ;满足规则:MS06-040
2006-10-02 19:22:21, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.25.168:1938 ;满足规则:MS06-040
2006-10-02 19:21:26, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.56.33:3800 ;满足规则:MS06-040
2006-10-02 19:21:23, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.56.33:3800 ;满足规则:MS06-040
2006-10-02 19:15:12, 系统禁止接收TCP数据包;地址为:58.62.226.241:445[SMB(交换服务器消息块)] <= 58.62.164.166:3818 ;满足规则:MS06-040
2006-10-02 19:15:09, 系统禁止接收TCP数据包;地址为:58.62.226.241:445[SMB(交换服务器消息块)] <= 58.62.164.166:3818 ;满足规则:MS06-040
2006-10-02 19:13:20, 系统禁止接收TCP数据包;地址为:58.62.226.225:445[SMB(交换服务器消息块)] <= 58.62.157.94:1255 ;满足规则:MS06-040
2006-10-02 19:13:14, 系统禁止接收TCP数据包;地址为:58.62.226.225:445[SMB(交换服务器消息块)] <= 58.62.157.94:1255 ;满足规则:MS06-040
2006-10-02 19:13:11, 系统禁止接收TCP数据包;地址为:58.62.226.225:445[SMB(交换服务器消息块)] <= 58.62.157.94:1255 ;满足规则:MS06-040
魔王的布布 - 2006-10-2 21:13:00
详细内容2006-10-02 19:21:23, 系统禁止接收TCP数据包;地址为:58.62.226.52:445[SMB(交换服务器消息块)] <= 58.62.56.33:3800 ;满足规则:MS06-040
魔王的布布 - 2006-10-2 21:23:00
高手们~你们怎么不回啊~救救我啊~!
魔王的布布 - 2006-10-2 21:45:00
没人懂么~那我怎么办?
魔王的布布 - 2006-10-2 21:58:00
详细内容2006-10-02 19:30:59, 系统禁止本地HelpSvc.exe连接网络的请求,地址为:TCP, 0.0.0.0:1546 => 131.107.115.28:80[WEB网页]程序名称为:C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
1
查看完整版本: 魔波用瑞星杀不掉啊
© 2000 - 2026 Rising Corp. Ltd.