新病毒_ewin2k
hlost 2005-05-12 10:45:31 本人安装ewin2k pro打好全部补丁
但只要开启 sqlserver 和 iis 就会有msconfig,systemService等不明线程访问互联网
最近又总是自动通过ftp访问外部
在防火墙日志中出现:
Description Packet sent from 61.10.16.94 (TCP Port 4998) to 221.216.168.48 (TCP Port 4899) was blocked
Rating Medium
Date / Time 2005/05/12 09:14:18+8:00 GMT
Type Firewall
Protocol TCP (flags:S)
Program
Source IP 61.10.16.94:4998
Destination IP 221.216.168.48:4899
Direction Incoming
Action Taken Blocked
Count 1
Source DNS cm61-10-16-94.hkcable.com.hk
Destination DNS TOWERNB
但我一直没查出是什么病毒,木马,通过什么漏洞
请各位高手帮忙为谢!