【回复“花落花又开”的帖子】湖北地区应该没有

引用:

【叶·幽思的贴子】【回复“花落花又开”的帖子】湖北地区应该没有 ...........................

这个大概是因人而异。

哦!

下面的自己看,我自己看不大懂
____________________________
http://bf.welcome.vnet.cn/ is a URL.
Domain Dossier will continue with bf.welcome.vnet.cn.

Address lookup
canonical name bf.welcome.vnet.cn.
aliases 
addresses 221.238.193.98


Domain Whois record
Queried whois.cnnic.net.cn with "vnet.cn"...

Domain Name: vnet.cn
ROID: 20030312s10001s00054089-cn
Domain Status: clientTransferProhibited
Registrant Organization: 中国电信集团公司
Registrant Name: 中国电信集团公司互联网与增值业务事业部
Administrative Email: lqing@chinatelecom.com.cn
Sponsoring Registrar: 厦门精通科技实业有限公司
Name Server:ns2.chinavnet.com
Name Server:ns1.chinavnet.com
Registration Date: 2003-03-17 12:20
Expiration Date: 2007-03-17 12:48

Network Whois record
Queried whois.apnic.net with "221.238.193.98"...

% [whois.apnic.net node-2]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

inetnum:      221.238.0.0 - 221.239.127.255
netname:      CHINATELECOM-TJ
descr:        CHINANET TIANJIN PROVINCE NETWORK
descr:        Tianjin Telecom Corporation
descr:        NO.11 LIUJING ROAD,HEDONG DISTRICT,TIANJIN
country:      CN
admin-c:      CH543-AP
tech-c:      CSA3-AP
mnt-by:      APNIC-HM
mnt-lower:    MAINT-CHINATELECOM-TJ
mnt-routes:  MAINT-CHINATELECOM-TJ
remarks:      This object can only modify by APNIC hostmaster
remarks:      If you wish to modify this object details please
remarks:      send email to hostmaster@apnic.net with your
remarks:      organisation account name in the subject line.
changed:      hm-changed@apnic.net 20030930
status:      ALLOCATED PORTABLE
source:      APNIC

person:      CHINATELECOM-TJ Hostmaster
address:      No.11 Liujing Road,Hedong District
address:      Tianjin 300012
country:      CN
phone:        +86-22-85580951
fax-no:      +86-22-24222740
e-mail:      ipadmin@tjtele.com
nic-hdl:      CH543-AP
mnt-by:      MAINT-NEW
changed:      hm-changed@apnic.net 20030801
changed:      hm-changed@apnic.net 20030801
source:      APNIC

person:      CHINATELECOM-TJ Security Administrater
address:      No.11 Liujing Road,Hedong District
address:      Tianjin 300012
country:      CN
phone:        +86-22-85580950
fax-no:      +86-22-24222740
e-mail:      scadmin@tjtele.com
nic-hdl:      CSA3-AP
mnt-by:      MAINT-NEW
changed:      hm-changed@apnic.net 20030801
changed:      hm-changed@apnic.net 20030801
source:      APNIC



DNS records
DNS query for 98.193.238.221.in-addr.arpa returned an error from the server: NameError

name class type data time to live
bf.welcome.vnet.cn IN A 221.238.193.98 3596s (00:59:56)
vnet.cn IN A 218.30.64.121 3600s (01:00:00)
vnet.cn IN NS ns1.chinavnet.com 3600s (01:00:00)
vnet.cn IN NS ns2.chinavnet.com 3600s (01:00:00)
vnet.cn IN NS ns.ptt.js.cn 3600s (01:00:00)
vnet.cn IN SOA server: dns-ntp-01
email: admin
serial: 457
refresh: 900
retry: 600
expire: 86400
minimum ttl: 3600
3600s (01:00:00)
vnet.cn IN MX preference: 1
exchange: mta.21cn.net
3600s (01:00:00)

Traceroute
Tracing route to bf.welcome.vnet.cn [221.238.193.98]...

hop rtt rtt rtt  ip address fully qualified domain name
1 0 0 0  63.134.215.1 
2 0 0 0  216.197.122.81 dr-ded1-ge-1-6.crystaltech.com
3 0 0 0  216.197.122.65 cr-edge1-ge-5-0.crystaltech.com
4 0 0 0  67.131.24.221 phv-edge-01.inet.qwest.net
5 2 1 1  205.171.129.85 tmp-core-01.inet.qwest.net
6 11 11 11  67.14.10.54 bur-core-02.inet.qwest.net
7 11 12 12  205.171.213.110 lap-brdr-01.inet.qwest.net
8 11 11 11  218.30.54.193 
9 12 11 11  202.97.49.157 
10 203 203 204  202.97.51.33 
11 197 196 195  202.97.33.13 
12 204 203 202  202.97.37.54 
13 223 223 223  202.97.58.226 
14 310 311 310  219.150.32.118 
15 321 309 309  219.150.65.158 
16 310 310 310  221.238.191.130 
17 * * *   
18 * * *   
19 * * *   
20 * * *   

Trace aborted

Service scan
FTP - 21 Error: TimedOut
SMTP - 25 Error: TimedOut
HTTP - 80 HTTP/1.1 200 OK
Connection: close
Date: Fri, 05 May 2006 00:42:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Cache-Control: private
Content-Type: text/html; charset=gb2312
Content-Length: 29330
POP3 - 110 Error: TimedOut
NNTP - 119 Error: TimedOut

-- end --

这个软件能禁止任何插件！！！

地址： http://218.6.144.251/kill.zip

互联星空http://bf.welcome.vnet.cn/在重起ADSL时居然修改TOM邮箱的网页画面，屏幕上左半个为TOM网站画面，另一半为互联星空画面，还有就是初次开机起动TVKOO时，TVKOO的电视窗口界面也变成了互联星空，病毒啊！一种新病毒！

我用金山2006安全套装后互联星空http://bf.welcome.vnet.cn被修复了。

电信的不出来说话，我们大家干脆不用他的网络了，听人说电信的宽带安全性很差，网通的用户你们有这种情况吗？

vnet.cn的详细信息：


Domain Name: vnet.cn
ROID: 20030312s10001s00054089-cn
Domain Status: clientTransferProhibited
Registrant Organization: 中国电信集团公司
Registrant Name: 中国电信集团公司互联网与增值业务事业部
Administrative Email: lqing@chinatelecom.com.cn
Sponsoring Registrar: 厦门精通科技实业有限公司
Name Server:ns2.chinavnet.com
Name Server:ns1.chinavnet.com
Registration Date: 2003-03-17 12:20
Expiration Date: 2007-03-17 12:48

我也中招了,正郁闷呢.请高手给看看:
Logfile of HijackThis v1.99.1
Scan saved at 20:48:43, on 2006-5-6
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Network Associates\Alert Manager\amgrsrvc.exe
D:\Program Files\Network Associates\Common Framework\FrameworkService.exe
D:\Program Files\Network Associates\VirusScan\Mcshield.exe
D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\软件\工具\HijackThis\HijackThis.exe

O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: Gmail网络磁盘文件分割器 - {19741013-C829-11D1-8233-0020AF3E97A0} - C:\WINDOWS\system32\ShellExt\GMailFC.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O3 - Toolbar: (no name) - {92B255FE-94E2-4BCA-958D-3926CE38913F}? - (no file)
O4 - HKLM\..\Run: [ShStatEXE] "D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,9/McUpdatePortal.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{97CCF07F-E8D6-45A6-8351-28145D12D8DC}: NameServer = 219.150.32.132 219.146.0.130
O20 - Winlogon Notify: System Safety Monitor - C:\WINDOWS\SYSTEM32\SSMWinlogonEx.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: McAfee Alert Manager (AlertManager) - McAfee Division of Network Associates, Inc. - C:\Program Files\Network Associates\Alert Manager\amgrsrvc.exe
O23 - Service: McAfee Framework 服务 (McAfeeFramework) - Network Associates, Inc. - D:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - d:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe