我用netstat查看了这个情况谁帮我分析一下我中了什么木马情况
由于360和卡巴都不能完全删除这些木马具体的木马情况我帖在这里了:
http://bbs.360safe.com/viewthread.php?tid=358072&extra=page%3D1
大家帮我看下啊。
还有请大家帮我分析一下下面的情况:
FIN_WAIT_1
CLOSE_WAIT 竟然有这么多?
是什么东西来的啊?
C:\Documents and Settings\user>netstat -an
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:21 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1110 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1026 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1110 127.0.0.1:1354 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1356 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1360 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1364 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1367 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1369 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1377 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1378 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1383 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1390 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1392 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1394 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1397 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1399 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1402 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1404 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1406 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1456 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1458 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1461 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1465 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1467 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1473 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1479 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1483 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1485 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1489 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1490 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1493 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1495 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1497 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1499 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1511 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1512 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1515 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1517 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1519 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1525 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1529 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1531 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1533 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1557 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1566 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1575 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1587 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1595 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1605 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1623 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1626 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1655 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1657 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1659 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1663 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1676 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1677 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1679 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1682 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1689 TIME_WAIT
TCP 127.0.0.1:1110 127.0.0.1:1692 TIME_WAIT
TCP 127.0.0.1:1375 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1388 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1462 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1475 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1487 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1501 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1506 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1521 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1607 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1674 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1684 127.0.0.1:1110 TIME_WAIT
TCP 127.0.0.1:1687 127.0.0.1:1110 TIME_WAIT
TCP 192.168.1.20:139 0.0.0.0:0 LISTENING
TCP 192.168.1.20:1118 61.152.167.51:80 TIME_WAIT
TCP 192.168.1.20:1389 220.181.18.166:80 TIME_WAIT
TCP 192.168.1.20:1477 211.100.26.75:80 TIME_WAIT
TCP 192.168.1.20:1509 211.100.26.81:80 TIME_WAIT
TCP 192.168.1.20:1561 222.77.178.213:80 FIN_WAIT_1
TCP 192.168.1.20:1563 222.77.178.213:80 FIN_WAIT_1
TCP 192.168.1.20:1565 222.77.178.213:80 FIN_WAIT_1
TCP 192.168.1.20:1570 202.104.231.118:80 FIN_WAIT_1
TCP 192.168.1.20:1572 202.104.231.118:80 FIN_WAIT_1
TCP 192.168.1.20:1598 211.147.251.136:80 FIN_WAIT_1
TCP 192.168.1.20:1601 211.147.251.136:80 TIME_WAIT
TCP 192.168.1.20:1603 211.147.251.136:80 FIN_WAIT_1
TCP 192.168.1.20:1611 60.191.55.54:80 FIN_WAIT_1
TCP 192.168.1.20:1612 60.191.55.54:80 FIN_WAIT_1
TCP 192.168.1.20:1614 211.147.251.136:80 TIME_WAIT
TCP 192.168.1.20:1616 211.147.251.136:80 TIME_WAIT
TCP 192.168.1.20:1651 202.104.231.118:80 FIN_WAIT_1
TCP 192.168.1.20:1654 58.215.87.17:80 FIN_WAIT_1
TCP 192.168.1.20:1666 122.224.146.54:80 FIN_WAIT_1
TCP 192.168.1.20:1668 122.224.146.11:80 FIN_WAIT_1
TCP 192.168.1.20:1670 122.224.146.110:80 FIN_WAIT_1
TCP 192.168.1.20:2145 219.133.60.243:8000 CLOSE_WAIT
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1029 *:*
UDP 0.0.0.0:1176 *:*
UDP 0.0.0.0:1177 *:*
UDP 0.0.0.0:1178 *:*
UDP 0.0.0.0:3456 *:*
UDP 0.0.0.0:4000 *:*
UDP 0.0.0.0:4001 *:*
UDP 0.0.0.0:4002 *:*
UDP 0.0.0.0:4003 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:6000 *:*
UDP 0.0.0.0:6001 *:*
UDP 0.0.0.0:6002 *:*
UDP 0.0.0.0:6003 *:*
UDP 0.0.0.0:6004 *:*
UDP 0.0.0.0:6005 *:*
UDP 0.0.0.0:6006 *:*
UDP 0.0.0.0:6007 *:*
UDP 0.0.0.0:6008 *:*
UDP 0.0.0.0:6009 *:*
UDP 0.0.0.0:6010 *:*
UDP 0.0.0.0:6011 *:*
UDP 0.0.0.0:6012 *:*
UDP 0.0.0.0:6013 *:*
UDP 0.0.0.0:6014 *:*
UDP 0.0.0.0:6015 *:*
UDP 0.0.0.0:6016 *:*
UDP 0.0.0.0:6017 *:*
UDP 0.0.0.0:6018 *:*
UDP 0.0.0.0:6019 *:*
UDP 0.0.0.0:6020 *:*
UDP 0.0.0.0:6021 *:*
UDP 0.0.0.0:6022 *:*
UDP 0.0.0.0:6023 *:*
UDP 0.0.0.0:6024 *:*
UDP 0.0.0.0:6025 *:*
UDP 0.0.0.0:6026 *:*
UDP 0.0.0.0:6027 *:*
UDP 0.0.0.0:6028 *:*
UDP 0.0.0.0:6029 *:*
UDP 0.0.0.0:6030 *:*
UDP 0.0.0.0:6031 *:*
UDP 0.0.0.0:6032 *:*
UDP 0.0.0.0:6033 *:*
UDP 127.0.0.1:123 *:*
UDP 127.0.0.1:1028 *:*
UDP 127.0.0.1:2126 *:*
UDP 127.0.0.1:2135 *:*
UDP 127.0.0.1:2146 *:*
UDP 127.0.0.1:2168 *:*
UDP 127.0.0.1:2234 *:*
UDP 127.0.0.1:2428 *:*
UDP 192.168.1.20:123 *:*
UDP 192.168.1.20:137 *:*
UDP 192.168.1.20:138 *:*
C:\Documents and Settings\user>
Processed in 0.037214 second(s), 6 queries
, Gzip enabled
