收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 国外杀毒软件 3更201806051543。QQprotect监控实录。持续更新,事实说 ...
123456789下一页
返回列表 发新帖
查看: 12435|回复: 80
收起左侧

[分享] 3更201806051543。QQprotect监控实录。持续更新,事实说话。

  [复制链接]
pal家族
发表于 2018-6-4 21:05:54 | 显示全部楼层 |阅读模式
本帖最后由 pal家族 于 2018-6-5 15:45 编辑

测试平台:
经过魔改已经被玩坏了的,MSI GE60 2OC。

配置:
i7-4800MQ+8Gx2 1600+gt750m 2g GDDR5+850pro 250g

系统:
windows10 Pro RS4 x64 17134.81

IP地址:每天会波动
223.11.190.90 山西省太原市 电信
(恕我无法特意跑到某3线城镇进行测试、、、taiyuan发达程度我感觉算是2线偏三线了。)






测试用软件:
卡巴斯基全方位安全软件
版本号:
KTS19.0.0.1088a

测试对象:
已经验明正身。

测试规则:

记录对关键文件的访问,比如:exe sys rar 7z jpg gif docx等。
记录注入行为(入侵其他程序)。
记录底层磁盘访问,底层文件系统访问。
记录联网行为。

诱饵弹:









昨天晚上装上最新版QQ
调试了一上午规则,从下午的记录开始算起。







  1. 04.06.2018 20.35.06        Application added to the Trusted group        QQ帐号保护-帐号保护        Application: QQ帐号保护-帐号保护        Reason: KSN information        Application path: C:\Users\xzz\AppData\Roaming\Tencent\QQ\QQAntiPhishing\AccountProtect.dll        Time: 04/06/2018 20:35
  2. 04.06.2018 20.30.04        Application added to the Trusted group        搜狗拼音输入法 更新工具        Application: 搜狗拼音输入法 更新工具        Reason: KSN information        Application path: C:\Program Files (x86)\SogouInput\8.9.0.2180\SGDownload.exe        Time: 04/06/2018 20:30
  3. 04.06.2018 20.17.11        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 58.250.11.124        Remote port: 8080        Local address: 192.168.0.249        Local port: 59818        Time: 04/06/2018 20:17
  4. 04.06.2018 20.17.11        Suspicious action was allowed        QQ安全防护更新进程        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护更新进程        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Time: 04/06/2018 20:17
  5. 04.06.2018 20.17.11        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 58.250.11.124        Remote port: 8080        Local address: 192.168.0.249        Local port: 59815        Time: 04/06/2018 20:17
  6. 04.06.2018 20.17.11        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 113.96.231.243        Remote port: 443        Local address: 192.168.0.249        Local port: 59814        Time: 04/06/2018 20:17
  7. 04.06.2018 20.17.11        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Perform code injection        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:17
  8. 04.06.2018 20.17.11        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Perform code injection        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:17
  9. 04.06.2018 20.17.11        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Perform code injection        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:17
  10. 04.06.2018 20.17.11        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:17
  11. 04.06.2018 20.17.11        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:17
  12. 04.06.2018 20.14.27        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.13        Remote port: 8000        Local address: 192.168.0.249        Local port: 60302        Time: 04/06/2018 20:14
  13. 04.06.2018 20.14.27        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 183.60.62.158        Remote port: 8000        Local address: 192.168.0.249        Local port: 60302        Time: 04/06/2018 20:14
  14. 04.06.2018 20.14.25        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.13        Remote port: 8000        Local address: 192.168.0.249        Local port: 60418        Time: 04/06/2018 20:14
  15. 04.06.2018 19.44.23        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.13        Remote port: 8000        Local address: 192.168.0.249        Local port: 60418        Time: 04/06/2018 19:44
  16. 04.06.2018 19.14.25        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.13        Remote port: 8000        Local address: 192.168.0.249        Local port: 60418        Time: 04/06/2018 19:14
  17. 04.06.2018 19.14.25        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 113.108.1.90        Remote port: 8000        Local address: 192.168.0.249        Local port: 60418        Time: 04/06/2018 19:14
  18. 04.06.2018 19.14.21        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.13        Remote port: 8000        Local address: 192.168.0.249        Local port: 53317        Time: 04/06/2018 19:14
  19. 04.06.2018 18.44.25        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.13        Remote port: 8000        Local address: 192.168.0.249        Local port: 53317        Time: 04/06/2018 18:44
  20. 04.06.2018 18.14.19        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.13        Remote port: 8000        Local address: 192.168.0.249        Local port: 53317        Time: 04/06/2018 18:14
  21. 04.06.2018 18.14.19        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 123.151.43.51        Remote port: 8000        Local address: 192.168.0.249        Local port: 53317        Time: 04/06/2018 18:14
  22. 04.06.2018 18.14.19        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 112.90.142.139        Remote port: 8000        Local address: 192.168.0.249        Local port: 62566        Time: 04/06/2018 18:14
  23. 04.06.2018 17.44.19        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 112.90.142.139        Remote port: 8000        Local address: 192.168.0.249        Local port: 62566        Time: 04/06/2018 17:44
  24. 04.06.2018 17.33.02        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 17:33
  25. 04.06.2018 17.32.52        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 112.90.142.139        Remote port: 8000        Local address: 192.168.0.249        Local port: 62566        Time: 04/06/2018 17:32
  26. 04.06.2018 17.32.45        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 17:32
  27. 04.06.2018 17.32.44        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 17:32
  28. 04.06.2018 17.27.52        Selective Scan        No threats detected        Detected: 0        Deleted: 0        Not disinfected: 0        Release date of databases used for scan: 04/06/2018 05:48        Total duration: 0 seconds        Completion time: 04/06/2018 17:27
  29. 04.06.2018 17.14.17        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 112.90.142.139        Remote port: 8000        Local address: 192.168.0.249        Local port: 62566        Time: 04/06/2018 17:14
  30. 04.06.2018 17.14.17        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 123.151.43.51        Remote port: 8000        Local address: 192.168.0.249        Local port: 62566        Time: 04/06/2018 17:14
  31. 04.06.2018 17.14.17        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.126        Remote port: 8000        Local address: 192.168.0.249        Local port: 54199        Time: 04/06/2018 17:14
  32. 04.06.2018 16.44.16        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.126        Remote port: 8000        Local address: 192.168.0.249        Local port: 54199        Time: 04/06/2018 16:44
  33. 04.06.2018 16.14.15        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.126        Remote port: 8000        Local address: 192.168.0.249        Local port: 54199        Time: 04/06/2018 16:14
  34. 04.06.2018 16.14.15        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 123.151.43.51        Remote port: 8000        Local address: 192.168.0.249        Local port: 54199        Time: 04/06/2018 16:14
  35. 04.06.2018 16.14.14        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 14.215.154.153        Remote port: 8000        Local address: 192.168.0.249        Local port: 52425        Time: 04/06/2018 16:14
  36. 04.06.2018 16.12.04        Application added to the Trusted group        Windows System Assessment Tool        Application: Windows System Assessment Tool        Reason: analysis of digital signature        Application path: C:\Windows\System32\WinSAT.exe        Time: 04/06/2018 16:12
  37. 04.06.2018 15.44.14        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 14.215.154.153        Remote port: 8000        Local address: 192.168.0.249        Local port: 52425        Time: 04/06/2018 15:44
  38. 04.06.2018 15.26.28        Application added to the Trusted group        TimeZone Sync Task        Application: TimeZone Sync Task        Reason: analysis of digital signature        Application path: C:\Windows\System32\tzsync.exe        Time: 04/06/2018 15:26
  39. 04.06.2018 15.14.13        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 14.215.154.153        Remote port: 8000        Local address: 192.168.0.249        Local port: 52425        Time: 04/06/2018 15:14
  40. 04.06.2018 15.14.12        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 113.108.1.90        Remote port: 8000        Local address: 192.168.0.249        Local port: 52425        Time: 04/06/2018 15:14
  41. 04.06.2018 15.14.12        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.126        Remote port: 8000        Local address: 192.168.0.249        Local port: 60063        Time: 04/06/2018 15:14
  42. 04.06.2018 14.56.25        Selective Scan        No threats detected        Detected: 0        Deleted: 0        Not disinfected: 0        Release date of databases used for scan: 04/06/2018 05:48        Total duration: 0 seconds        Completion time: 04/06/2018 14:56
  43. 04.06.2018 14.44.12        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.126        Remote port: 8000        Local address: 192.168.0.249        Local port: 60063        Time: 04/06/2018 14:44
  44. 04.06.2018 14.36.06        PC Cleaner has finished a scheduled analysis of objects                Time: 04/06/2018 14:36
  45. 04.06.2018 14.34.28        Task started        Web Anti-Virus        Time: 04/06/2018 14:34
  46. 04.06.2018 14.34.28        Task started        System Watcher        Time: 04/06/2018 14:34
  47. 04.06.2018 14.34.28        Task started        Mail Anti-Virus        Time: 04/06/2018 14:34
  48. 04.06.2018 14.34.28        Task started        IM Anti-Virus        Time: 04/06/2018 14:34
  49. 04.06.2018 14.34.28        Task started        Application Control        Time: 04/06/2018 14:34
  50. 04.06.2018 14.34.28        Task started        Network Attack Blocker        Time: 04/06/2018 14:34
  51. 04.06.2018 14.34.28        Task started        Firewall        Time: 04/06/2018 14:34
  52. 04.06.2018 14.34.28        Task started        File Anti-Virus        Time: 04/06/2018 14:34
  53. 04.06.2018 14.32.42        Task stopped        Firewall        Time: 04/06/2018 14:32
  54. 04.06.2018 14.32.42        Task stopped        Web Anti-Virus        Time: 04/06/2018 14:32
  55. 04.06.2018 14.32.42        Task stopped        Application Control        Time: 04/06/2018 14:32
  56. 04.06.2018 14.32.42        Task stopped        File Anti-Virus        Time: 04/06/2018 14:32
  57. 04.06.2018 14.32.42        Task stopped        Network Attack Blocker        Time: 04/06/2018 14:32
  58. 04.06.2018 14.32.42        Task stopped        System Watcher        Time: 04/06/2018 14:32
  59. 04.06.2018 14.32.42        Task stopped        Mail Anti-Virus        Time: 04/06/2018 14:32
  60. 04.06.2018 14.32.42        Task stopped        IM Anti-Virus        Time: 04/06/2018 14:32
  61. 04.06.2018 14.17.30        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Perform low-level access to disk        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 14:17
  62. 04.06.2018 14.17.11        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 14.17.33.13        Remote port: 8080        Local address: 192.168.0.249        Local port: 50480        Time: 04/06/2018 14:17
  63. 04.06.2018 14.17.11        Suspicious action was allowed        QQ安全防护更新进程        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护更新进程        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Time: 04/06/2018 14:17
  64. 04.06.2018 14.17.10        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 14.17.33.13        Remote port: 8080        Local address: 192.168.0.249        Local port: 50478        Time: 04/06/2018 14:17
  65. 04.06.2018 14.17.10        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 113.96.231.253        Remote port: 443        Local address: 192.168.0.249        Local port: 50477        Time: 04/06/2018 14:17
  66. 04.06.2018 14.17.10        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Perform code injection        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 14:17
  67. 04.06.2018 14.17.10        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Perform code injection        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 14:17
  68. 04.06.2018 14.17.10        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Perform code injection        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 14:17
  69. 04.06.2018 14.17.10        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 14:17
  70. 04.06.2018 14.17.10        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 14:17
  71. 04.06.2018 14.16.17        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 14:16
  72. 04.06.2018 14.15.59        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 14:15
  73. 04.06.2018 14.15.59        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 14:15
复制代码


今日更新到这里
明日此时有时间再更新。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 7人气 +7 收起 理由
dongwenqi + 1 版区有你更精彩: )
4毛5的诺顿 + 1 版区有你更精彩: )
popu111 + 1 这下…vm见了
海洋饼干 + 1 版区有你更精彩: )
HEMM + 1 看不懂!请重写一遍~

查看全部评分

回复

举报

pal家族
 楼主| 发表于 2018-6-5 15:45:49 | 显示全部楼层


  1. 05.06.2018 15.22.58        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 183.60.62.158        Remote port: 8000        Local address: 192.168.0.249        Local port: 49999        Time: 05/06/2018 15:22
  2. 05.06.2018 15.22.58        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 49998        Time: 05/06/2018 15:22
  3. 05.06.2018 15.22.58        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 62778        Time: 05/06/2018 15:22
  4. 05.06.2018 14.52.58        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 62778        Time: 05/06/2018 14:52
  5. 05.06.2018 14.22.56        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 62778        Time: 05/06/2018 14:22
  6. 05.06.2018 14.22.56        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 183.60.62.158        Remote port: 8000        Local address: 192.168.0.249        Local port: 62779        Time: 05/06/2018 14:22
  7. 05.06.2018 14.22.56        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 53199        Time: 05/06/2018 14:22
  8. 05.06.2018 13.52.56        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 53199        Time: 05/06/2018 13:52
  9. 05.06.2018 13.22.54        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 53199        Time: 05/06/2018 13:22
  10. 05.06.2018 13.22.54        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 113.108.1.90        Remote port: 8000        Local address: 192.168.0.249        Local port: 53200        Time: 05/06/2018 13:22
  11. 05.06.2018 13.22.54        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 50930        Time: 05/06/2018 13:22
  12. 05.06.2018 12.52.54        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 50930        Time: 05/06/2018 12:52
  13. 05.06.2018 12.46.31        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 12:46
  14. 05.06.2018 12.46.21        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 50930        Time: 05/06/2018 12:46
  15. 05.06.2018 12.46.14        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 12:46
  16. 05.06.2018 12.46.13        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 12:46
  17. 05.06.2018 12.25.39        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 112.90.138.231        Remote port: 8080        Local address: 192.168.0.249        Local port: 59587        Time: 05/06/2018 12:25
  18. 05.06.2018 12.25.39        Suspicious action was allowed        QQ安全防护更新进程        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护更新进程        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Time: 05/06/2018 12:25
  19. 05.06.2018 12.25.38        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 112.90.138.231        Remote port: 8080        Local address: 192.168.0.249        Local port: 59586        Time: 05/06/2018 12:25
  20. 05.06.2018 12.25.38        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 113.96.231.253        Remote port: 443        Local address: 192.168.0.249        Local port: 59585        Time: 05/06/2018 12:25
  21. 05.06.2018 12.25.38        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 12:25
  22. 05.06.2018 12.25.38        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 12:25
  23. 05.06.2018 12.22.52        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 50930        Time: 05/06/2018 12:22
  24. 05.06.2018 12.22.52        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 183.60.62.158        Remote port: 8000        Local address: 192.168.0.249        Local port: 50931        Time: 05/06/2018 12:22
  25. 05.06.2018 12.22.52        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 55213        Time: 05/06/2018 12:22
  26. 05.06.2018 11.52.52        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 55213        Time: 05/06/2018 11:52
  27. 05.06.2018 11.22.50        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 55213        Time: 05/06/2018 11:22
  28. 05.06.2018 11.22.50        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 113.108.1.90        Remote port: 8000        Local address: 192.168.0.249        Local port: 55214        Time: 05/06/2018 11:22
  29. 05.06.2018 11.22.50        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 64909        Time: 05/06/2018 11:22
  30. 05.06.2018 10.52.50        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 64909        Time: 05/06/2018 10:52
  31. 05.06.2018 10.22.48        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 64909        Time: 05/06/2018 10:22
  32. 05.06.2018 10.22.48        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 123.151.43.51        Remote port: 8000        Local address: 192.168.0.249        Local port: 64910        Time: 05/06/2018 10:22
  33. 05.06.2018 10.22.48        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 50801        Time: 05/06/2018 10:22
  34. 05.06.2018 09.52.48        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 50801        Time: 05/06/2018 09:52
  35. 05.06.2018 09.22.46        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 50801        Time: 05/06/2018 09:22
  36. 05.06.2018 09.22.46        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 123.151.43.51        Remote port: 8000        Local address: 192.168.0.249        Local port: 50802        Time: 05/06/2018 09:22
  37. 05.06.2018 09.22.46        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 54152        Time: 05/06/2018 09:22
  38. 05.06.2018 08.52.46        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 54152        Time: 05/06/2018 08:52
  39. 05.06.2018 08.22.44        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 54152        Time: 05/06/2018 08:22
  40. 05.06.2018 08.22.44        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 123.151.43.51        Remote port: 8000        Local address: 192.168.0.249        Local port: 54153        Time: 05/06/2018 08:22
  41. 05.06.2018 08.22.44        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 55241        Time: 05/06/2018 08:22
  42. 05.06.2018 07.52.44        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 55241        Time: 05/06/2018 07:52
  43. 05.06.2018 07.28.20        Application added to the Trusted group        Dism Host Servicing Process        Application: Dism Host Servicing Process        Reason: KSN information        Application path: C:\Users\xzz\AppData\Local\Temp\B4EB689C-91EF-472E-8DE8-C377A68AD38B\DismHost.exe        Time: 05/06/2018 07:28
  44. 05.06.2018 07.22.42        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 55241        Time: 05/06/2018 07:22
  45. 05.06.2018 07.22.42        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 123.151.43.51        Remote port: 8000        Local address: 192.168.0.249        Local port: 55242        Time: 05/06/2018 07:22
  46. 05.06.2018 07.22.42        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 49668        Time: 05/06/2018 07:22
  47. 05.06.2018 07.01.56        Selective Scan        No threats detected        Detected: 0        Deleted: 0        Not disinfected: 0        Release date of databases used for scan: 04/06/2018 05:48        Total duration: 0 seconds        Completion time: 05/06/2018 07:01
  48. 05.06.2018 06.53.45        PC Cleaner has finished a scheduled analysis of objects                Time: 05/06/2018 06:53
  49. 05.06.2018 06.52.42        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 49668        Time: 05/06/2018 06:52
  50. 05.06.2018 06.27.38        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 49668        Time: 05/06/2018 06:27
  51. 05.06.2018 06.25.58        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Perform low-level access to disk        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:25
  52. 05.06.2018 06.25.39        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 112.90.142.154        Remote port: 8080        Local address: 192.168.0.249        Local port: 49839        Time: 05/06/2018 06:25
  53. 05.06.2018 06.25.39        Suspicious action was allowed        QQ安全防护更新进程        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护更新进程        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Time: 05/06/2018 06:25
  54. 05.06.2018 06.25.38        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 112.90.142.154        Remote port: 8080        Local address: 192.168.0.249        Local port: 49838        Time: 05/06/2018 06:25
  55. 05.06.2018 06.25.38        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 113.96.231.243        Remote port: 443        Local address: 192.168.0.249        Local port: 49837        Time: 05/06/2018 06:25
  56. 05.06.2018 06.25.38        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:25
  57. 05.06.2018 06.25.38        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:25
  58. 05.06.2018 06.24.11        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:24
  59. 05.06.2018 06.23.52        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:23
  60. 05.06.2018 06.23.52        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:23
  61. 05.06.2018 06.22.48        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:22
  62. 05.06.2018 06.22.43        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:22
  63. 05.06.2018 06.22.42        Task started        System Watcher        Time: 05/06/2018 06:22
  64. 05.06.2018 06.22.42        Task started        IM Anti-Virus        Time: 05/06/2018 06:22
  65. 05.06.2018 06.22.42        Task started        Web Anti-Virus        Time: 05/06/2018 06:22
  66. 05.06.2018 06.22.42        Task started        Mail Anti-Virus        Time: 05/06/2018 06:22
  67. 05.06.2018 06.22.42        Task started        Network Attack Blocker        Time: 05/06/2018 06:22
  68. 05.06.2018 06.22.42        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 111.161.83.217        Remote port: 8000        Local address: 192.168.0.249        Local port: 49668        Time: 05/06/2018 06:22
  69. 05.06.2018 06.22.38        Task started        Application Control        Time: 05/06/2018 06:22
  70. 05.06.2018 06.22.38        Task started        Firewall        Time: 05/06/2018 06:22
  71. 05.06.2018 06.22.38        Task started        File Anti-Virus        Time: 05/06/2018 06:22
  72. 05.06.2018 06.22.18        Task stopped        System Watcher        Time: 05/06/2018 06:22
  73. 05.06.2018 06.22.11        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:22
  74. 05.06.2018 06.21.53        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:21
  75. 05.06.2018 06.21.53        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 05/06/2018 06:21
  76. 05.06.2018 06.21.52        Application added to the Trusted group        腾讯QQ        Application: 腾讯QQ        Reason: KSN information        Application path: C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Time: 05/06/2018 06:21
  77. 05.06.2018 06.21.40        Task started        Web Anti-Virus        Time: 05/06/2018 06:21
  78. 05.06.2018 06.21.40        Task started        System Watcher        Time: 05/06/2018 06:21
  79. 05.06.2018 06.21.40        Task started        Mail Anti-Virus        Time: 05/06/2018 06:21
  80. 05.06.2018 06.21.40        Task started        Network Attack Blocker        Time: 05/06/2018 06:21
  81. 05.06.2018 06.21.40        Task started        IM Anti-Virus        Time: 05/06/2018 06:21
  82. 05.06.2018 06.21.38        Task started        Application Control        Time: 05/06/2018 06:21
  83. 05.06.2018 06.21.38        Task started        Firewall        Time: 05/06/2018 06:21
  84. 05.06.2018 06.21.38        Task started        File Anti-Virus        Time: 05/06/2018 06:21
复制代码


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
dongwenqi + 1 版区有你更精彩: )

查看全部评分

回复

举报

pal家族
 楼主| 发表于 2018-6-4 21:06:16 | 显示全部楼层
本帖最后由 pal家族 于 2018-6-4 23:08 编辑


截止201806042305


  1. 04.06.2018 23.00.28        Application added to the Trusted group        Autostart program viewer        Application: Autostart program viewer        Reason: analysis of digital signature        Application path: C:\Users\xzz\Documents\autoruns\Autoruns64.exe        Time: 04/06/2018 23:00
  2. 04.06.2018 22.40.32        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 112.90.140.46        Remote port: 8000        Local address: 192.168.0.249        Local port: 56904        Time: 04/06/2018 22:40
  3. 04.06.2018 22.40.32        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 183.60.62.158        Remote port: 8000        Local address: 192.168.0.249        Local port: 56904        Time: 04/06/2018 22:40
  4. 04.06.2018 22.40.32        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.125        Remote port: 8000        Local address: 192.168.0.249        Local port: 63509        Time: 04/06/2018 22:40
  5. 04.06.2018 22.10.32        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.125        Remote port: 8000        Local address: 192.168.0.249        Local port: 63509        Time: 04/06/2018 22:10
  6. 04.06.2018 21.40.30        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 58.250.11.125        Remote port: 8000        Local address: 192.168.0.249        Local port: 63509        Time: 04/06/2018 21:40
  7. 04.06.2018 21.40.30        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 119.147.32.175        Remote port: 8000        Local address: 192.168.0.249        Local port: 63508        Time: 04/06/2018 21:40
  8. 04.06.2018 21.40.30        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 123.151.43.51        Remote port: 8000        Local address: 192.168.0.249        Local port: 63509        Time: 04/06/2018 21:40
  9. 04.06.2018 21.40.30        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 119.147.32.175        Remote port: 8000        Local address: 192.168.0.249        Local port: 49665        Time: 04/06/2018 21:40
  10. 04.06.2018 21.33.58        Application added to the Trusted group        Notepad        Application: Notepad        Reason: KSN information        Application path: C:\Windows\SysWOW64\notepad.exe        Time: 04/06/2018 21:33
  11. 04.06.2018 21.33.50        Application added to the Trusted group        C:\Users\xzz\Documents\PanDownload\PanData\aria2c.exe        Application: C:\Users\xzz\Documents\PanDownload\PanData\aria2c.exe        Reason: KSN information        Application path: C:\Users\xzz\Documents\PanDownload\PanData\aria2c.exe        Time: 04/06/2018 21:33
  12. 04.06.2018 21.33.50        Application added to the Low Restricted group        网盘下载器        Application: 网盘下载器        Reason: default        Application path: C:\Users\xzz\Documents\PanDownload\PanDownload.exe        Time: 04/06/2018 21:33
  13. 04.06.2018 21.30.26        Application added to the Trusted group        搜狗拼音输入法 网络更新程序        Application: 搜狗拼音输入法 网络更新程序        Reason: KSN information        Application path: C:\Program Files (x86)\SogouInput\8.9.0.2180\PinyinUp.exe        Time: 04/06/2018 21:30
  14. 04.06.2018 21.11.31        PC Cleaner has finished a scheduled analysis of objects                Time: 04/06/2018 21:11
  15. 04.06.2018 21.10.29        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 119.147.32.175        Remote port: 8000        Local address: 192.168.0.249        Local port: 49665        Time: 04/06/2018 21:10
  16. 04.06.2018 20.49.36        Application added to the Trusted group        Location Notification        Application: Location Notification        Reason: analysis of digital signature        Application path: C:\Windows\System32\LocationNotificationWindows.exe        Time: 04/06/2018 20:49
  17. 04.06.2018 20.49.35        Application is allowed to receive audio stream        Speech Runtime Executable        Application: Speech Runtime Executable        Application path: C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe        Time: 04/06/2018 20:49
  18. 04.06.2018 20.49.35        Application is allowed to receive audio stream        Speech Runtime Executable        Application: Speech Runtime Executable        Application path: C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe        Time: 04/06/2018 20:49
  19. 04.06.2018 20.49.35        Application is allowed to receive audio stream        Speech Runtime Executable        Application: Speech Runtime Executable        Application path: C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe        Time: 04/06/2018 20:49
  20. 04.06.2018 20.49.35        Application is allowed to receive audio stream        Speech Runtime Executable        Application: Speech Runtime Executable        Application path: C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe        Time: 04/06/2018 20:49
  21. 04.06.2018 20.44.00        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:44
  22. 04.06.2018 20.43.45        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Perform low-level access to disk        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:43
  23. 04.06.2018 20.43.42        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:43
  24. 04.06.2018 20.43.42        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:43
  25. 04.06.2018 20.43.35        Outbound network activity allowed        QQ安全防护进程(Q盾)        Application: QQ安全防护进程(Q盾)        Protocol: UDP        Remote address: 119.147.32.175        Remote port: 8000        Local address: 192.168.0.249        Local port: 49665        Time: 04/06/2018 20:43
  26. 04.06.2018 20.43.26        Suspicious action was allowed        QQ安全防护更新进程        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护更新进程        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Time: 04/06/2018 20:43
  27. 04.06.2018 20.43.26        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 14.17.33.13        Remote port: 8080        Local address: 192.168.0.249        Local port: 49692        Time: 04/06/2018 20:43
  28. 04.06.2018 20.43.25        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 113.96.231.243        Remote port: 443        Local address: 192.168.0.249        Local port: 49687        Time: 04/06/2018 20:43
  29. 04.06.2018 20.43.25        Outbound network connection allowed        QQ安全防护更新进程        Application: QQ安全防护更新进程        Protocol: TCP        Remote address: 14.17.33.13        Remote port: 8080        Local address: 192.168.0.249        Local port: 49688        Time: 04/06/2018 20:43
  30. 04.06.2018 20.43.25        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:43
  31. 04.06.2018 20.43.25        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtectUpd.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:43
  32. 04.06.2018 20.40.35        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:40
  33. 04.06.2018 20.40.30        Suspicious action was allowed        QQ安全防护进程(Q盾)        Action: Read C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe        Application: QQ安全防护进程(Q盾)        Application path: C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe        Time: 04/06/2018 20:40
  34. 04.06.2018 20.40.29        Task started        Web Anti-Virus        Time: 04/06/2018 20:40
  35. 04.06.2018 20.40.29        Task started        Mail Anti-Virus        Time: 04/06/2018 20:40
  36. 04.06.2018 20.40.29        Task started        System Watcher        Time: 04/06/2018 20:40
  37. 04.06.2018 20.40.29        Task started        Network Attack Blocker        Time: 04/06/2018 20:40
  38. 04.06.2018 20.40.29        Task started        IM Anti-Virus        Time: 04/06/2018 20:40
  39. 04.06.2018 20.40.25        Task started        File Anti-Virus        Time: 04/06/2018 20:40
  40. 04.06.2018 20.40.25        Task started        Firewall        Time: 04/06/2018 20:40
  41. 04.06.2018 20.40.25        Task started        Application Control        Time: 04/06/2018 20:40
复制代码


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
4毛5的诺顿 + 1 版区有你更精彩: )

查看全部评分

回复

举报

飞碟1234
头像被屏蔽
发表于 2018-6-4 21:10:58 | 显示全部楼层
小心洗地党大军已经饥渴难耐了
回复

举报

pal家族
 楼主| 发表于 2018-6-4 21:14:33 | 显示全部楼层
飞碟1234 发表于 2018-6-4 21:10
小心洗地党大军已经饥渴难耐了

爱莉别闹,这万一结果显示我就是洗涤的咋办啊。。。。。。
回复

举报

聆听落雨
发表于 2018-6-4 21:28:39 | 显示全部楼层
大家都明白的
回复

举报

飞碟1234
头像被屏蔽
发表于 2018-6-4 21:33:04 | 显示全部楼层
pal家族 发表于 2018-6-4 21:14
爱莉别闹,这万一结果显示我就是洗涤的咋办啊。。。。。。

没事的这种反转的故事最好看了
回复

举报

derQiQ
发表于 2018-6-4 21:38:46 | 显示全部楼层
混安全论坛有一定年限的都知道企鹅是什么      
回复

举报

pal家族
 楼主| 发表于 2018-6-4 21:39:31 | 显示全部楼层
derQiQ 发表于 2018-6-4 21:38
混安全论坛有一定年限的都知道企鹅是什么      

你这个刮刮乐,把纸都刮烂了都看不到
回复

举报

784696777
发表于 2018-6-4 21:42:16 | 显示全部楼层
pal家族 发表于 2018-6-4 21:39
你这个刮刮乐,把纸都刮烂了都看不到

应该是把屏幕刮花了也看不见
回复

举报

derQiQ
发表于 2018-6-4 21:44:06 | 显示全部楼层
不是刮刮乐,各随主便,自行想像,金主各种意义上惹不起
回复

举报

下一页 »
123456789下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-5 11:21 , Processed in 0.142171 second(s), 20 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表