怎么老提示445端口有人在连接?是不是中什么远程的毒?

瑞星报的  看图

日志也没什么饿,本人也没看出有毒

Logfile of HijackThis v1.99.1

Scan saved at 7:44:48, on 2007-08-31

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Rising\Rav\CCenter.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRAM FILES\RISING\RAV\RavStub.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\VM_STI.EXE

E:\我的文件\soft\挂QQ\TenyQQ.exe

C:\Program Files\Rising\Rav\RavTask.exe

C:\Program Files\Rising\Rav\Ravmon.exe

C:\WINDOWS\system32\ctfmon.exe

F:\soft\Tencent\QQ2006\QQ.exe

F:\soft\Tencent\TM2007\TMDlls\TIMPlatform.exe

C:\WINDOWS\system32\conime.exe

C:\Program Files\Internet Explorer\iexplore.exe

D:\装机人员工具\扫描专杀软件\ha_hijackthis_1991\HijackThis.exe

O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 301+

O4 - HKLM\..\Run: [77439B6E8B9E768128226F7D85E5B686] E:\我的文件\soft\挂QQ\TenyQQ.exe

O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system

O4 - HKLM\..\RunOnce: [RavStub] "C:\PROGRAM FILES\RISING\RAV\ravstub.exe" /RUNONCE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O15 - Trusted Zone: http://www.icbc.com.cn

O16 - DPF: {8DD9C2E0-50B6-46BC-BB00-2D252282BFCA} (HnCtrl Class) - http://ww2.hnnn.net/download/HnActivex.cab

O16 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab

O16 - DPF: {E4CF9B52-A94E-4A27-AD90-904A81D0643A} (QPicControl Control) - http://my.paipai.com/activex/qpic.cab

O16 - DPF: {EC53936E-6D4A-4307-9092-A2FC48EAFC56} (Web800 Control) - http://service.qq.com/web800.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{5B24BF55-436B-440A-B8B3-84AE8F35B82D}: NameServer = 60.191.134.204 60.191.134.197

O23 - Service: PeanuthullCore - 广东网域 - C:\Program Files\PeanutHull3\PhCore.exe

O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe

O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

Logo
DAMO开发者矩阵

DAMO开发者矩阵,由阿里巴巴达摩院和中国互联网协会联合发起,致力于探讨最前沿的技术趋势与应用成果,搭建高质量的交流与分享平台,推动技术创新与产业应用链接,围绕“人工智能与新型计算”构建开放共享的开发者生态。

更多推荐

cover

『医疗影像诊断的突破:AI 如何识别医生遗漏的病灶』

avatar DAMO开发者矩阵
cover

【值得收藏】深度解析AI智能体:从理论到实践,程序员必备的大模型应用指南

avatar DAMO开发者矩阵
cover

智平方场景真实应用广东调研考察-万祥军| 国科院研·科技成果转化

avatar DAMO开发者矩阵