1. 如附件[ 用 Tcpview 監看的].
2. 一連線沒多久, svchost:1344 [重新連線就不一定1344] 就一直增加外侵者. 有時會一直重送郵件.
3. 用 norton 掃描無發現病毒. 用其他線上掃毒依然掃不到病毒.
4. 請高手幫忙
5. 附件內容如下:
用 Tcpview 監看如下:
Process-------------- Protocl-----Local Address---Remote Address-------------state
[System Process]:0 TCP y00x:6811 eztexting.com:3034 TIME_WAIT
[System Process]:0 TCP y00x:6811 52.e3.344a.static.theplanet.com:4532 TIME_WAIT
[System Process]:0 TCP y00x:1032 localhost:2428 TIME_WAIT
CCAPP.EXE:3480 TCP y00x:2436 mta5.grp.scd.yahoo.com:smtp ESTABLISHED
svchost.exe:1344 TCP y00x:6811 y00x:0 LISTENING
svchost.exe:1344 TCP y00x:2004 pwfwd-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2008 ev1s-209-62-20-192.ev1servers.net:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2009 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2010 64.8.20.50:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2251 212.150.164.19:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2252 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2253 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2254 leapcash.com:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:1813 localhost:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2255 localhost:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2256 localhost:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2368 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2415 parkwebwin-v02.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2417 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2422 mars.getpaidsolutions.com:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2427 217.174.104.187:http CLOSE_WAIT
svchost.exe:1344 TCP y00x:2435 :1032 FIN_WAIT2
svchost.exe:1344 TCP y00x:2442 mail.ol7.com:http CLOSE_WAIT
Thanks
書籤