Welcome to Leon's Blog  
日历
<2008年5月>
27282930123
45678910
11121314151617
18192021222324
25262728293031
1234567
统计
  • 随笔 - 30
  • 文章 - 0
  • 评论 - 51
  • 引用 - 0

导航

常用链接

留言簿(4)

随笔分类

随笔档案

ACM

搜索

  •  

最新评论

阅读排行榜

评论排行榜

 
         今天上网,输入www.google.cn,结果网页跳转到一个类似与百度的页面,但是网址却写的是www.yahoo.com.cn,从页面上看,绝对不是百度的网页,但是奇怪的是可以进行搜索。ping了之后发现三个网站都来之于同一个IP地址:219.235.3.16。这肯定是中了病毒或者木马之类的东西了,结果在电脑里面找了半天,查找到了一个名为host的文件

该文件在system32/drives/etc目录下。打开host之后,里面的内容是:

127.0.0.1       localhost
219.235.3.16    search.114.vnet.cn
219.235.3.16    keyword.vnet.cn
219.235.3.16    auto.search.msn.com
219.235.3.16    search.msn.com
219.235.3.16    cnweb.search.live.com
219.235.3.16    www.360safe.com
219.235.3.16    www.k369.com
219.235.3.16    www.5566.net
219.235.3.16    360safe.com
202.165.102.243    update.360safe.com
219.235.3.16    dl.360safe.com
219.235.3.16    down.360safe.com
219.235.3.16    bbs.360safe.com
219.235.3.16    kaba.360safe.com
219.235.3.16    baike.360safe.com
219.235.3.16    www.360.cn
219.235.3.16    360.cn
219.235.3.16    wopti.360.cn
202.165.102.243    update.360.cn
219.235.3.16    dl.360.cn
219.235.3.16    down.360.cn
219.235.3.16    bbs.360.cn
219.235.3.16    kaba.360.cn
219.235.3.16    baike.360.cn
219.235.3.16    360.qihoo.com
219.235.3.16    360safe.qihoo.com
219.235.3.16    forum.ikaka.com
219.235.3.16    www.ikaka.com
202.165.102.243 update.ikaka.com
219.235.3.16    forum.jiangmin.com
202.165.102.243 update.jiangmin.com
219.235.3.16    tieba.baidu.com
219.235.3.16    post.baidu.com
219.235.3.16    zhidao.baidu.com
219.235.3.16    www.baidu.com
202.165.102.243 update.rising.com.cn
219.235.3.16    online.rising.com.cn
202.165.102.243 center.rising.com.cn
219.235.3.16    up.duba.net
219.235.3.16    vi.duba.net
219.235.3.16    shadu.baidu.com
219.235.3.16    du.baidu.com
219.235.3.16    security.symantec.com
219.235.3.16    shadu.duba.net
219.235.3.16    bbs.duba.net
219.235.3.16    www.duba.net
219.235.3.16    online.jiangmin.com
219.235.3.16    cn.mcafee.com
219.235.3.16    www.ahn.com.cn
219.235.3.16    www.kaspersky.com.cn
219.235.3.16    www.pcav.cn
219.235.3.16    www.luosoft.com
219.235.3.16    www.im286.com
219.235.3.16    an.baidu.com
219.235.3.16    ma.baidu.com
219.235.3.16    bbs.htmlman.net
202.165.102.243 download.rising.com.cn
202.165.102.243 rsup08.rising.com.cn
219.235.3.16    10000.286er.com
219.235.3.16    im286.net
219.235.3.16    ju.qihoo.com
219.235.3.16    bbs.chinaz.com
219.235.3.16    www.qihoo.com
202.165.102.243 dnl-cn1.kaspersky-labs.com
202.165.102.243 dnl-cn2.kaspersky-labs.com
202.165.102.243 dnl-cn3.kaspersky-labs.com
202.165.102.243 dnl-cn4.kaspersky-labs.com
202.165.102.243 dnl-cn5.kaspersky-labs.com
202.165.102.243 dnl-cn6.kaspersky-labs.com
202.165.102.243 dnl-cn7.kaspersky-labs.com
202.165.102.243 dnl-cn8.kaspersky-labs.com
202.165.102.243 dnl-cn9.kaspersky-labs.com
202.165.102.243 dnl-cn10.kaspersky-labs.com
202.165.102.243 dnl-cn11.kaspersky-labs.com
202.165.102.243 dnl-cn12.kaspersky-labs.com
202.165.102.243 dnl-cn13.kaspersky-labs.com
202.165.102.243 dnl-cn14.kaspersky-labs.com
202.165.102.243 dnl-cn15.kaspersky-labs.com
202.165.102.243    dnl-eu1.kaspersky-labs.com
202.165.102.243    dnl-eu2.kaspersky-labs.com
202.165.102.243    dnl-eu3.kaspersky-labs.com
202.165.102.243    dnl-eu4.kaspersky-labs.com
202.165.102.243    dnl-eu5.kaspersky-labs.com
202.165.102.243    dnl-eu6.kaspersky-labs.com
202.165.102.243    dnl-eu7.kaspersky-labs.com
202.165.102.243    dnl-eu8.kaspersky-labs.com
202.165.102.243    dnl-eu9.kaspersky-labs.com
202.165.102.243    dnl-eu10.kaspersky-labs.com
202.165.102.243    dnl-eu11.kaspersky-labs.com
202.165.102.243    dnl-eu12.kaspersky-labs.com
202.165.102.243    dnl-eu13.kaspersky-labs.com
202.165.102.243    dnl-eu14.kaspersky-labs.com
202.165.102.243    dnl-eu15.kaspersky-labs.com
202.165.102.243    dnl-us1.kaspersky-labs.com
202.165.102.243    dnl-us2.kaspersky-labs.com
202.165.102.243    dnl-us3.kaspersky-labs.com
202.165.102.243    dnl-us4.kaspersky-labs.com
202.165.102.243    dnl-us5.kaspersky-labs.com
202.165.102.243    dnl-us6.kaspersky-labs.com
202.165.102.243    dnl-us7.kaspersky-labs.com
202.165.102.243    dnl-us8.kaspersky-labs.com
202.165.102.243    dnl-us9.kaspersky-labs.com
202.165.102.243    dnl-us10.kaspersky-labs.com
202.165.102.243    dnl-us11.kaspersky-labs.com
202.165.102.243    dnl-us12.kaspersky-labs.com
202.165.102.243    dnl-us13.kaspersky-labs.com
202.165.102.243    dnl-us14.kaspersky-labs.com
202.165.102.243    dnl-us15.kaspersky-labs.com
202.165.102.243    dnl-ru1.kaspersky-labs.com
202.165.102.243    dnl-ru2.kaspersky-labs.com
202.165.102.243    dnl-ru3.kaspersky-labs.com
202.165.102.243    dnl-ru4.kaspersky-labs.com
202.165.102.243    dnl-ru5.kaspersky-labs.com
202.165.102.243    dnl-ru6.kaspersky-labs.com
202.165.102.243    dnl-ru7.kaspersky-labs.com
202.165.102.243    dnl-ru8.kaspersky-labs.com
202.165.102.243    dnl-ru9.kaspersky-labs.com
202.165.102.243    dnl-ru10.kaspersky-labs.com
202.165.102.243    dnl-ru11.kaspersky-labs.com
202.165.102.243    dnl-ru12.kaspersky-labs.com
202.165.102.243    dnl-ru13.kaspersky-labs.com
202.165.102.243    dnl-ru14.kaspersky-labs.com
202.165.102.243    dnl-ru15.kaspersky-labs.com
202.165.102.243    dnl-jp1.kaspersky-labs.com
202.165.102.243    dnl-jp2.kaspersky-labs.com
202.165.102.243    dnl-jp3.kaspersky-labs.com
202.165.102.243    dnl-jp4.kaspersky-labs.com
202.165.102.243    dnl-jp5.kaspersky-labs.com
202.165.102.243    dnl-jp6.kaspersky-labs.com
202.165.102.243    dnl-jp7.kaspersky-labs.com
202.165.102.243    dnl-jp8.kaspersky-labs.com
202.165.102.243    dnl-jp9.kaspersky-labs.com
202.165.102.243    dnl-jp10.kaspersky-labs.com
202.165.102.243    dnl-jp11.kaspersky-labs.com
202.165.102.243    dnl-jp12.kaspersky-labs.com
202.165.102.243    dnl-jp13.kaspersky-labs.com
202.165.102.243    dnl-jp14.kaspersky-labs.com
202.165.102.243    dnl-jp15.kaspersky-labs.com
202.165.102.243    dnl-kr1.kaspersky-labs.com
202.165.102.243    dnl-kr2.kaspersky-labs.com
202.165.102.243    dnl-kr3.kaspersky-labs.com
202.165.102.243    dnl-kr4.kaspersky-labs.com
202.165.102.243    dnl-kr5.kaspersky-labs.com
202.165.102.243    dnl-kr6.kaspersky-labs.com
202.165.102.243    dnl-kr7.kaspersky-labs.com
202.165.102.243    dnl-kr8.kaspersky-labs.com
202.165.102.243    dnl-kr9.kaspersky-labs.com
202.165.102.243    dnl-kr10.kaspersky-labs.com
202.165.102.243    dnl-kr11.kaspersky-labs.com
202.165.102.243    dnl-kr12.kaspersky-labs.com
202.165.102.243    dnl-kr13.kaspersky-labs.com
202.165.102.243    dnl-kr14.kaspersky-labs.com
202.165.102.243    dnl-kr15.kaspersky-labs.com
202.165.102.243    dnl-cd1.kaspersky-labs.com
202.165.102.243    dnl-cd2.kaspersky-labs.com
202.165.102.243    dnl-cd3.kaspersky-labs.com
202.165.102.243    dnl-cd4.kaspersky-labs.com
202.165.102.243    dnl-cd5.kaspersky-labs.com
202.165.102.243    dnl-cd6.kaspersky-labs.com
202.165.102.243    dnl-cd7.kaspersky-labs.com
202.165.102.243    dnl-cd8.kaspersky-labs.com
202.165.102.243    dnl-cd9.kaspersky-labs.com
202.165.102.243    dnl-cd10.kaspersky-labs.com
202.165.102.243    dnl-cd11.kaspersky-labs.com
202.165.102.243    dnl-cd12.kaspersky-labs.com
202.165.102.243    dnl-cd13.kaspersky-labs.com
202.165.102.243    dnl-cd14.kaspersky-labs.com
202.165.102.243    dnl-cd15.kaspersky-labs.com
202.165.102.243    downloads1.kaspersky-labs.com
202.165.102.243    downloads2.kaspersky-labs.com
202.165.102.243    downloads3.kaspersky-labs.com
202.165.102.243    downloads4.kaspersky-labs.com
202.165.102.243    downloads5.kaspersky-labs.com
219.235.3.16       rss.360safe.com
219.235.3.16       x.360safe.com
219.235.3.16       d.360safe.com
219.235.3.16       updatem.360safe.com
219.235.3.16       softm.360safe.com
219.235.3.16       ishare.sina.com.cn
219.235.3.16       search.cn.yahoo.com
219.235.3.16       www.google.com
219.235.3.16       google.com
219.235.3.16       www.google.cn
219.235.3.16       www.yahoo.com.cn
219.235.3.16       cn.yahoo.com
219.235.3.16       search.tom.com
219.235.3.16       zhuansha.duba.net
219.235.3.16       buy.duba.net
219.235.3.16       kad.www.duba.net
219.235.3.16       cu001.www.duba.net
219.235.3.16       cu002.www.duba.net
219.235.3.16       cu003.www.duba.net
219.235.3.16       cu004.www.duba.net
219.235.3.16       cu005.www.duba.net
219.235.3.16       cu010.www.duba.net
219.235.3.16       client.download.duba.net
219.235.3.16       page.so.163.com
219.235.3.16       www.soso.com
219.235.3.16       sou.china.com
219.235.3.16       test.591jx.com
219.235.3.16       a.topxxxx.cn
219.235.3.16       picon.chinaren.com
219.235.3.16       www.5566.net
127.0.0.1 p.qqkx.com
127.0.0.1 news.netandtv.com
127.0.0.1 z.neter888.cn
127.0.0.1 b.myblank.cn
127.0.0.1 wvw.wokutu.com
127.0.0.1 unionch.qyule.com
127.0.0.1 www.qyule.com
127.0.0.1 it.itjc.cn
127.0.0.1 www.linkwww.com
127.0.0.1 vod.kaicn.com
127.0.0.1 www.tx8688.com
127.0.0.1 b.neter888.cn
127.0.0.1 promote.huanqiu.com
127.0.0.1 www.huanqiu.com
127.0.0.1 www.haokanla.com
127.0.0.1 play.unionsky.cn
127.0.0.1 www.52v.com
127.0.0.1 www.gghka.cn
127.0.0.1 icon.ajiang.net
127.0.0.1 new.ete.cn
127.0.0.1 www.stiae.cn
127.0.0.1 o.neter888.cn
127.0.0.1 comm.jinti.com
127.0.0.1 www.google-analytics.com
127.0.0.1 hz.mmstat.com
127.0.0.1 www.game175.cn
127.0.0.1 x.neter888.cn
127.0.0.1 z.neter888.cn
127.0.0.1  p.etimes888.com
127.0.0.1  hx.etimes888.com
127.0.0.1 abc.qqkx.com
127.0.0.1 dm.popdm.cn
127.0.0.1 www.yl9999.com
127.0.0.1 www.dajiadoushe.cn
127.0.0.1 down.nihao29.cn
127.0.0.1 v.onondown.com.cn
127.0.0.1 www.interoo.net
127.0.0.1 bally1.bally-bally.net
127.0.0.1 www.bao5605509.cn
127.0.0.1   down.nihao29.cn
127.0.0.1   www.mzd020.cn
127.0.0.1   jzm015.cn
127.0.0.1   down.hs7yue.cn
127.0.0.1   new.doups.cn
127.0.0.1   w.qq-uc.cn
127.0.0.1   down.nihao69.cn
127.0.0.1   www.rty456.cn
127.0.0.1   www.werqwer.cn
127.0.0.1   1.360-1.cn
127.0.0.1   user1.23-16.net
127.0.0.1   www.guccia.net
127.0.0.1   www.interoo.net
127.0.0.1   upa.netsool.net
127.0.0.1   js.users.51.la
127.0.0.1   vip2.51.la
127.0.0.1   web.51.la
127.0.0.1   qq.gong2008.com
127.0.0.1   2008tl.copyip.com
127.0.0.1   tla.laozihuolaile.cn
127.0.0.1   www.tx6868.cn
127.0.0.1   p001.tiloaiai.com
127.0.0.1   s1.tl8tl.com
127.0.0.1   s1.gong2008.com

 

删除了该文件之后,结果IE正常。但是我怀疑应该有exe或者dll文件存在在电脑里面,因为IE来读取这个文件,而且ping命令也是读取这个文件,但是查找半天都没有找到。希望大家有谁遇到过类似的问题,帮我解决一下。谢谢了。
         不知道大家对这个原理了解吗?可以探讨一下!

posted on 2008-08-03 13:02 Leon916 阅读(1058) 评论(6)  编辑 收藏 引用
评论:
  • # re: 删除病毒求助  meepo Posted @ 2008-08-03 13:46
    好歹先google下这个文件啊。。。还发首页精华区,丢脸。。。  回复  更多评论   

  • # re: 删除病毒求助  zhp Posted @ 2008-08-03 13:54
    我汗  回复  更多评论   

  • # re: 删除病毒求助  lonkil Posted @ 2008-08-03 14:30
    病毒修改了host文件而已。

    病毒应该还在你机器内。  回复  更多评论   

  • # re: 删除病毒求助  Leon916 Posted @ 2008-08-03 14:33
    是的,所以想请教大家这个病毒怎么删除,在网上找了半天,工具不能用。修改了host只是一个治标的办法。  回复  更多评论   

  • # re: 删除病毒求助[未登录]  Xw.Y Posted @ 2008-08-04 21:24
    首页精华区,原来这里不审核的啊。。。汗  回复  更多评论   

  • # re: 删除病毒求助  酸菜 Posted @ 2008-08-04 22:36
    这里就是什么样的文章都能发首页精华区。搞得现在都没心情看首页精华区了。
    俺来说网站被收购了,也能有人手运营了,咋还一点都不审核呢。  回复  更多评论   


只有注册用户登录后才能发表评论。
网站导航: 博客园   IT新闻   BlogJava   博问   Chat2DB   管理


 
Copyright © Leon916 Powered by: 博客园 模板提供:沪江博客