作者williamsydu (william)
看板NetSecurity
標題[問題] 是否中毒了
時間Sat Dec 20 18:35:43 2008
最近發現自己在學校的PC 莫名被開了port 並上傳封包
TCP 0.0.0.0:55877 220.132.59.28:22067 SYN_SENT
TCP 0.0.0.0:55878 140.112.44.107:26458 SYN_SENT
TCP 0.0.0.0:55879 218.173.129.107:40509 SYN_SENT
TCP 0.0.0.0:55880 59.112.172.115:60591 SYN_SENT
TCP 0.0.0.0:55881 61.62.56.189:33900 SYN_SENT
TCP 0.0.0.0:55882 203.64.38.175:34741 SYN_SENT
TCP 0.0.0.0:55883 218.174.131.37:7308 SYN_SENT
TCP 0.0.0.0:55888 220.132.59.28:https SYN_SENT
TCP 0.0.0.0:55889 140.112.44.107:https SYN_SENT
TCP 0.0.0.0:55890 218.173.129.107:https SYN_SENT
TCP 0.0.0.0:55891 59.112.172.115:https SYN_SENT
TCP 0.0.0.0:55892 61.62.56.189:https SYN_SENT
TCP 0.0.0.0:55893 203.64.38.175:https SYN_SENT
TCP 0.0.0.0:55894 218.174.131.37:https SYN_SENT
請教一下這是否為木馬 還是病毒? 周三也是同樣的問題 當天就重新安裝系統
沒想到今天又出現了.. 平常只有開pcman, skype, msn, kuro
不過在家裡的電腦 同樣有類似的port
TCP home:2955 61.220.57.48:19105 TIME_WAIT
TCP home:2956 61.220.57.113:5000 TIME_WAIT
TCP home:2957 61.220.57.48:19105 TIME_WAIT
TCP home:2958 61.220.57.48:19105 TIME_WAIT
TCP home:2959 61.220.57.48:19105 TIME_WAIT
謝謝~
--
※ 發信站: 批踢踢實業坊(ptt.cc)
◆ From: 125.231.131.247
1F:→ dennisxkimo:看看自己的執行緒有沒有不正常的程式, 03/12 22:35
2F:→ dennisxkimo:還有要更新windows安全性更新到最新, 03/12 22:36
3F:→ dennisxkimo:完全沒更新狀態,光是插上去很多電腦的區網就會中標了 03/12 22:37