瑞星卡卡安全论坛个人产品讨论区瑞星个人防火墙V16瑞星个人防火墙2011 为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?

12   1  /  2  页   跳转

[求助] 为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?

收藏
andycaihai
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2008-12-04
  • 来自:
发表于: 2008-12-04 22:42 | 只看楼主 短消息 资料
字号: 1楼

为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?

为什么我瑞星防火墙防范2003蠕虫王攻击(1434端口)后我的网络会变慢和拨不了号呀??

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Alexa Toolbar)
分享到:
gototop
 
过客2007
头像
版主
  • 帖子:16652
  • 注册: 2006-10-18
  • 来自:¤懒神↗之家£
年度优秀版主奖一帮一小组成员
发表于: 2008-12-04 22:54 | 短消息 资料
字号: 2楼

回复: 为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?



引用:
原帖由 andycaihai 于 2008-12-4 22:42:00 发表
为什么我瑞星防火墙防范2003蠕虫王攻击(1434端口)后我的网络会变慢和拨不了号呀??

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Alexa Toolbar)[/i......


楼主把提示的攻击IP添加到防火墙的黑名单中。

最好是使用防火墙扫描一遍漏洞,看看有没有补丁要打的。
传说在很远的古代,一个庙里,有一个大神与一个小鬼住在里面。天下了大雨,庙前的河里长了水。来了一个人,过不了河,就把庙里的大神搬了出去,丢在河里,然后他踏在大神的身上,飞跳了过河。等会又来了
gototop
 
andycaihai
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2008-12-04
  • 来自:
发表于: 2008-12-04 23:57 | 只看楼主 短消息 资料
字号: 3楼

回复:为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?

没什么补丁呀,攻击我的IP都是外省的...我又不是在局域网,怎么会这样??还有IP  PING我的电脑..被攻击后.会自动掉线,网速变慢,网页都打不开...数据只有接收,没有发送...
gototop
 
帅哥阿福
头像
雄霸杖朝狮
  • 帖子:21071
  • 注册: 2006-03-29
  • 来自:米兰
论坛8周年活动礼物祖国六十华诞09欢乐圣诞
发表于: 2008-12-05 09:25 | 短消息 资料
字号: 4楼

回复:为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?

建议使用卡卡助手的漏洞扫描功能检查是否存在漏洞,关于自动掉线的问题,楼主既然是单机上网,应该还是漏洞攻击的可能性比较大,确认所有的补丁都打全的前提下,将网卡驱动卸载重装一遍试试。
别忘了再将让瑞星升级到最新版本后,断网杀毒。
╭∩╮(︶︿︶)╭∩╮
gototop
 
andycaihai
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2008-12-04
  • 来自:
发表于: 2008-12-05 10:39 | 只看楼主 短消息 资料
字号: 5楼

回复:为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?

杀毒没发现有病毒.断线号连拨号都不能拨.把网线拉开一段时间.才可以拨号,,但要怎么样才能不让漏洞攻击呢?来来去去都是那几个IP攻击
gototop
 
帅哥阿福
头像
雄霸杖朝狮
  • 帖子:21071
  • 注册: 2006-03-29
  • 来自:米兰
论坛8周年活动礼物祖国六十华诞09欢乐圣诞
发表于: 2008-12-05 10:42 | 短消息 资料
字号: 6楼

回复:为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?

上网后,受到ip攻击是难免的,不过防火墙应该已经阻隔了,就像安装与大门,可以防止别人进入,但是不能阻止其他人敲门一个道理。
不过如果大门旁边有小缝,也有可能被趁虚而入,所以先确认所有系统补丁都打齐了,然后重装一遍网卡驱动,都做好了,如果还是有问题,估计可能就是病毒问题了,可扫SRENG日志发这论坛来
下载SRENG2.6版工具:http://www.kztechs.com/sreng/download.html
SRENG工具的扫描日志操作,看这贴2楼:http://bbs.ikaka.com/showtopic-8442813.aspx
╭∩╮(︶︿︶)╭∩╮
gototop
 
andycaihai
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2008-12-04
  • 来自:
发表于: 2008-12-05 13:07 | 只看楼主 短消息 资料
字号: 7楼

回复:为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?



[复制到剪贴板]
CODE:
2008-12-05,13:05:17

System Repair Engineer 2.7.0.1210
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Creative Service for CDROM Access / Creative Service for CDROM Access][Stopped/Boot Start]
  <\SystemRoot\C:\WINDOWS\system32\CTsvcCDA.EXE><(File is missing)>
[Help and Support / helpsvc][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
  <><(File is missing)>
[PlugServerD / PlugServer][Running/Auto Start]
  <C:\Program Files\StarSec\PlugServer.exe><GDChina>
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
  <C:\Program Files\Rising\Rfw\rfwProxy.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <C:\Program Files\Rising\Rfw\rfwsrv.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Information Technology Co., Ltd.>

==================================
驱动程序
[2310_00 / 2310_00][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\2310_00.sys><HighPoint Technologies, Inc.>
[aec6280 / aec6280][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[aec67160 / aec67160][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec67160.sys><ACARD Technology Corp.>
[AEC671X / AEC671X][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\AEC671X.sys><ACARD Technology Corp.>
[AEC6880 / AEC6880][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\AEC6880.sys><ACARD Technology Corp.>
[aec6897 / aec6897][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec6897.sys><ACARD Technology Corp.>
[aec68x5 / aec68x5][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>
[ahciati / ahciati][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ahciati.sys><ATI Technologies Inc.>
[ahcix86 / ahcix86][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ahcix86.sys><AMD Technologies Inc.>
[AliIde / AliIde][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[amdbusdr / amdbusdr][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\amdbusdr.sys><AMD>
[AMD EIDE 驱动程衼E / amdeide][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\AmdEide.sys><AMD>
[AMD Processor Driver / AmdK8][Running/System Start]
  <system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[AMD Special Tools Driver / AmdTools][Running/Manual Start]
  <system32\DRIVERS\AmdTools.sys><AMD, Inc.>
[asc / asc][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[ATI Function Driver for HDMI Service / AtiHdmiService][Running/Manual Start]
  <system32\drivers\AtiHdmi.sys><ATI Research Inc.>
[atiide / atiide][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\atiide.sys><ATI Technologies Inc.>
[CmdIde / CmdIde][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[Creative AC3 Software Decoder / ctac32k][Running/Manual Start]
  <System32\drivers\ctac32k.sys><Creative Technology Ltd>
[Creative Audio Driver (WDM) / ctaud2k][Running/Manual Start]
  <system32\drivers\ctaud2k.sys><Creative Technology Ltd>
[Creative DVD-Audio Device Driver / ctdvda2k][Stopped/Manual Start]
  <System32\drivers\ctdvda2k.sys><N/A>
[Creative SBLive! Gameport / ctljystk][Stopped/Manual Start]
  <system32\DRIVERS\ctljystk.sys><Creative Technology Ltd.>
[Creative Proxy Driver / ctprxy2k][Running/Manual Start]
  <System32\drivers\ctprxy2k.sys><Creative Technology Ltd>
[Creative SoundFont Management Device Driver / ctsfm2k][Running/Manual Start]
  <System32\drivers\ctsfm2k.sys><Creative Technology Ltd>
[dac2w2k / dac2w2k][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[DC21x4 Based Network Adapter Driver / DC21x4][Stopped/Manual Start]
  <system32\DRIVERS\dc21x4.sys><Intel Corporation.>
[Creative SB Live! (WDM) / emu10k][Stopped/Manual Start]
  <system32\drivers\emu10k1m.sys><Creative Technology Ltd.>
[Creative Interface Manager Driver (WDM) / emu10k1][Stopped/Manual Start]
  <system32\drivers\ctlfacem.sys><Creative Technology Ltd.>
[E-mu Plug-in Architecture Driver / emupia][Running/Manual Start]
  <System32\drivers\emupia2k.sys><Creative Technology Ltd>
[Creative Hardware Abstract Layer Driver / ha10kx2k][Running/Manual Start]
  <system32\drivers\ha10kx2k.sys><Creative Technology Ltd>
[Creative P16V HAL Driver / hap16v2k][Stopped/Manual Start]
  <System32\drivers\hap16v2k.sys><Creative Technology Ltd>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Information Technology Co., Ltd.>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Information Technology Co., Ltd.>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Information Technology Co., Ltd.>
[hpt374 / hpt374][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[hptmv / hptmv][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.>
[hptmv6 / hptmv6][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\hptmv6.sys><HighPoint Technologies, Inc.>
[Intel RAID Controller V5.5.0.1035 / iaStor5][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iaStor5.sys><Intel Corporation>
[Intel RAID Controller V7.0.0.1020 / iaStor7][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iaStor7.sys><Intel Corporation>
[Intel RAID Controller V8.2.3.1001 / iaStor8][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iaStor8.sys><Intel Corporation>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[JRAID / JRAID][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\jraid.sys><JMicron Technology Corp.>
[m5228 / m5228][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5281.sys><ALi Corporation>
[m5287 / m5287][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5287.sys><ULi Electronics Inc.>
[m5288 / m5288][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5288.sys><ULi Electronics Inc.>
[m5289 / m5289][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5289.sys><ULi Electronics Inc.>
[mraid35x / mraid35x][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[nvbus1 / nvbus1][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvbus1.sys><NVIDIA Corporation>
[nvbus2 / nvbus2][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvbus2.sys><NVIDIA Corporation>
[nvgts / nvgts][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvgts.sys><NVIDIA Corporation>
[NVIDIA nForce(tm) RAID Class Driver / nvraid1][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvraid1.sys><NVIDIA Corporation>
[NVIDIA nForce RAID Driver / nvrd32][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
[oreans32 / oreans32][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Creative OS Services Driver / ossrv][Running/Manual Start]
  <system32\drivers\ctoss2k.sys><Creative Technology Ltd.>
[PfModNT / PfModNT][Running/Auto Start]
  <\??\C:\WINDOWS\system32\PfModNT.sys><Creative Technology Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[ql12160 / ql12160][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[raidsrc / raidsrc][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\raidsrc.sys><Intel>
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
  <System32\DRIVERS\rfwbase.SYS><Beijing Rising Information Technology Co., Ltd.>
[rr172x / rr172x][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr172x.sys><HighPoint Technologies, Inc.>
[rr174x / rr174x][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr174x.sys><HighPoint Technologies, Inc.>
[rr232x / rr232x][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr232x.sys><HighPoint Technologies, Inc.>
[rr2340 / rr2340][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr2340.sys><HighPoint Technologies, Inc.>
[RsFwDrv / RsFwDrv][Running/System Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Creative SoundFont Manager Driver (WDM) / sfman][Stopped/Manual Start]
  <system32\drivers\sfmanm.sys><Creative Technology Ltd.>
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiSRaid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sisraid4.sys><Silicon Integrated Systems>
[Sparrow / Sparrow][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[symc810 / symc810][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[ultra / ultra][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[viamraid / viamraid][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.>
[viasraid / viasraid][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\viasraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\vmscsi.sys><VMware, Inc.>
[VIMICRO USB PC Camera (ZC030X) / ZSMC303][Running/Manual Start]
  <System32\Drivers\usbVM303.sys><VM>
计划任务
N/A

==================================
API HOOK
入口点错误:CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x00DF1FFD)
入口点错误:CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x00DF20E5)

==================================
隐藏进程
N/A

==================================
gototop
 
taylor05771
头像
社区嘉宾
  • 帖子:7232
  • 注册: 2003-12-24
  • 来自:
发表于: 2008-12-05 15:00 | 短消息 资料
字号: 8楼

回复:为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?

有些恶意攻击会引发本地数据流异常  出现断网 网速减慢等现象
gototop
 
andycaihai
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2008-12-04
  • 来自:
发表于: 2008-12-05 21:30 | 只看楼主 短消息 资料
字号: 9楼

回复:为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?

那要怎么样防范.怎么避免问题经常发生...
gototop
 
古梦潭
头像
飘泊而立狮
  • 帖子:657
  • 注册: 2008-08-26
  • 来自:洛杉矶湖人
论坛8周年活动礼物
发表于: 2008-12-05 21:49 | 短消息 资料
字号: 10楼

回复:为什么我让2003蠕虫王攻击后我的网络会变慢和拨不了号?

你的日志也不全啊,请看反病毒区置顶帖中SREng的使用
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT