查看完整版本 : 中左廣告毒求救!!!!!!

coloreal1227 2016-2-23 08:15 AM

中左廣告毒求救!!!!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:33:26, on 2016/02/23
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Program Files (x86)\MSI\Live Update\Live Update.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files (x86)\Garena Plus\bbtalk\BBtalk.exe
C:\Program Files\AVAST Software\Avast\avastUi.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NoVirusThanks\Hijack Hunter\HijackHunter.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

[[i] 本帖最後由 geck789 於 2016-4-3 12:32 AM 編輯 [/i]]

coloreal1227 2016-2-23 08:21 AM

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IME14 CHT Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /CHT /Log
O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [PPLiveAP] "C:\Program Files (x86)\Common Files\PPLiveNetwork\PPAP_startup.exe" -background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Killer Network Manager.lnk = ?
O4 - Global Startup: PPLive.lnk = C:\Program Files (x86)\PPLive\PPTV\PPLive_startup.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - ESC Trusted Zone: [url=http://*.update.microsoft.com]http://*.update.microsoft.com[/url]
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Protocol hijack: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol hijack: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6}
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Protocol hijack: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - Protocol hijack: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
O18 - Protocol hijack: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll

[[i] 本帖最後由 coloreal1227 於 2016-2-23 08:34 AM 編輯 [/i]]

coloreal1227 2016-2-23 08:21 AM

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI Live Update Service (MSI_LiveUpdate_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe

[[i] 本帖最後由 coloreal1227 於 2016-2-23 08:36 AM 編輯 [/i]]

coloreal1227 2016-2-23 08:22 AM

O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SuperRAIDSvc - Micro-Star International - C:\MSI\Smart Utilities\SuperRAIDSvc.exe

[[i] 本帖最後由 coloreal1227 於 2016-2-23 08:37 AM 編輯 [/i]]

coloreal1227 2016-2-23 08:23 AM

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12711 bytes

[[i] 本帖最後由 coloreal1227 於 2016-2-23 08:37 AM 編輯 [/i]]

geck789 2016-2-23 10:46 PM

請用 FRST 檢查:

[url]http://computer.discuss.com.hk/viewthread.php?tid=24712252[/url]

coloreal1227 2016-3-26 06:02 AM

不好意思 揾不到上傳附件功能........

**** Hidden Message *****
[img]http://upload.lsforum.net/users/public/o529641g78.jpg[/img]

[[i] 本帖最後由 geck789 於 2016-3-26 10:41 AM 編輯 [/i]]

geck789 2016-3-26 12:08 PM

按照以下指示進行檢查、清理:

步驟 1.

下載附件 fixlist 至 [b]FRST[/b] 相同資料夾位置。例如 [b]FRST[/b] 已存放於[b]桌面[/b],則將 fixlist 存放至[b]桌面[/b]

打開 [b]FRST[/b]

1. 按 [b]Fix[/b] 執行 fixlist 內行動指令進行修復。
2. [b]FRST[/b] 會進行修復程序。完成後會自動重新啟動電腦 。[/list]



步驟 2.

執行 [b][color=blue]Malwarebytes' Anti-Malware[/b][/color]

[list][*]主介面內按 [b]Update Now[/b] 進行更新.
[*]更新後按程式頂部 [b]Scan[/b],再按 [b]Custom Scan[/b] > [b]Configure Scan[/b],確定已勾選 [b]Scan for Rootkits[/b],再選擇 [b]C:[/b],然後按 [b]Scan Now[/b] 進行掃描.
[*]完成掃描後按 [b]Show Results[/b]
[*]假如發現感染項目,確定勾選所有項目,再按 [b]Remove Selected[/b] 進行清理.
[*]假如程式要求重新啓動,按[b]是(Y)[/b]重新啓動。未有提示則自行重新啓動電腦. ([b][color=blue]Malwarebytes' Anti-Malware[/b][/color] 內按 [b]History[/b] > [b]Application Logs[/b],用滑鼠點擊最近 [b]Scan Log[/b] 會顯示掃描記綠,再按 [b]Export[/b] > [b]Text file[/b] 可以文字檔儲存掃描記綠.)[/list]



步驟 3.

下載 [b][color=blue]AdwCleaner[/b][/color] 至[b]桌面[/b]

[url]https://toolslib.net/downloads/finish/1/[/url]

[b][color=blue]AdwCleaner[/b][/color] 使用步驟:

1. 用滑鼠右鍵點擊 [b][color=blue]AdwCleaner[/b][/color] ,再以[b]系統管理員[/b]執行程式.
2. 按 [b]I agree[/b]
3. [b][color=blue]AdwCleaner[/b][/color] 內按 [b]Scan[/b] 進行掃描.
4. 完成掃描後按 [b]Logfile[/b] 儲存掃描記綠.



步驟 4.

下載 [color=blue][b]Malwarebytes Anti-Rootkit[/b][/color] 至[b]桌面[/b]

[url]http://downloads.malwarebytes.org/file/mbar[/url]

[list][*]執行檔案,將資料夾解壓至[b]桌面[/b]
[*]解壓後 [color=blue][b]Malwarebytes Anti-Rootkit[/b][/color] 會自動執行.
[*]按 [b]Next[/b] -> [b]Update[/b] 進行更新.
[*]完成更新後按 [b]Next[/b] -> [b]Scan[/b] 進行掃描.
[*]完成掃描後,假如發現有害項目,按 [b]Cleanup[/b] 進行清理. (清理期間程式可能需要數分鐘及重新啓動電腦。) 如無發現有害項目,按 [b]Exit[/b] 關閉程式.
[*]完成掃描、清理後,[color=blue][b]Malwarebytes Anti-Rootkit[/b][/color] 會將記錄 ([b]mbar-log[/b].txt,[b]system-log[/b].txt) 儲存至 [color=blue][b]Malwarebytes Anti-Rootkit[/b][/color] 資料夾.[/list]



步驟 5.

下載 [b][color=blue]Tdsskiller[/b][/color] 至[b]桌面[/b] [b]<---重要[/b]

[url]http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe[/url]

1. 用滑鼠右鍵點擊 [b][color=blue]Tdsskiller[/b][/color],再以[b]系統管理員[/b]執行程式.
2. 按 [b]Accept[/b]
3. 按 [b]Start Scan[/b] 進行掃描,期間請勿使用電腦.
4.
i) 掃描完成後,如果並無發現問題 ([b]No threats found[/b]),直接關閉程式.
ii)
如果發現可疑項目 [b]Suspicious objects[/b],確定可疑項目選項設定為  [b]Skip[/b] 。
如果發現惡意項目 [b]Malicious objects[/b] ,請勿修改惡意項目選項。
之後按 [b]Continue[/b] 進行清理。完成清理後,假如程式要求重新啓動,按 [b]Reboot now[/b] 重新啓動。
掃描記錄會存於 [b]C:\[color=blue]TDSSKiller.xxxxx_log[/color].txt[/b]



步驟 6.

下載 [b][color=blue]RogueKiller[/b][/color] 至[b]桌面[/b]

[url]http://www.bleepingcomputer.com/download/roguekiller/[/url]

[list][*]安裝 [b][color=blue]RogueKiller[/b][/color],然後執行程式.
[*]確定已移除所有外置硬碟、USB 手指.
[*]按 [b]Accept[/b],之後程式會進行初步掃描. (關閉可能在此時彈出的視窗.)
[*]完成初步掃描後會顯示 [b]Prescan finished.[/b],程式頂部 [b]Language[/b] 選項按 [b]English[/b]
[*]按 [b]Scan[/b] 進行掃描.  (掃描期間可能要求透過 VirusTotal 上載檔案檢查,按 [b]Never[/b])
[*]完成掃描後會顯示 [b]Scan finished.[/b],按 [b]Report[/b] ,再按 [b]Open TXT[/b],儲存掃描記錄.[/list]



完成以上步驟後,請附上以下記綠,作進一步檢查.

AdwCleaner
Malwarebytes' Anti-Malware
Malwarebytes Anti-Rootkit
Tdsskiller
RogueKiller

coloreal1227 2016-3-26 02:52 PM

OK了請過目

**** Hidden Message *****

[[i] 本帖最後由 geck789 於 2016-3-26 04:21 PM 編輯 [/i]]

geck789 2016-3-26 05:18 PM

:smile_39:

暫時冇重大發現,按照以下步驟用 AdwCleaner 清理一次。

用滑鼠右鍵點擊 [b][color=blue]AdwCleaner[/b][/color] ,再以[b]系統管理員[/b]執行程式.

1. [b][color=blue]AdwCleaner[/b][/color] 內按 [b]Scan[/b] 進行掃描. (掃描之前請關閉其他軟件及斷線.)
2. 完成掃描後按 [b]Cleaning[/b] 進行清理,再按 [b]OK[/b]
3. 清理完成後 [b][color=blue]AdwCleaner[/b][/color] 會提示重啟電腦,按 [b]OK[/b] 重啟電腦. 未有提示則自行重新啓動電腦.



重新啓動電腦後按照以下步驟重設 Internet Explorer 及清理暫存檔、Cookies:

變更或重設 Internet Explorer 設定

[url]http://windows.microsoft.com/zh-hk/internet-explorer/reset-ie-settings#ie=ie-11[/url]

檢視及刪除您的瀏覽歷程記錄 (選擇刪除[快取的影像和網際網路暫存檔]、[Cookie])

[url]http://windows.microsoft.com/zh-hk/internet-explorer/manage-delete-browsing-history-internet-explorer#ie=ie-11[/url]



之後下載 [b][color=blue] Emsisoft Emergency Kit[/color][/b] 至[b]桌面[/b]

[url]http://dl.emsisoft.com/EmsisoftEmergencyKit.exe[/url]

[list][*]執行 [b][color=blue] Emsisoft Emergency Kit[/b][/color]
[*]按 [b]Extract[/b] 進行解壓.
[*]執行桌面 [b][color=blue]Start Emsisoft Free Emergency Kit[/b][/color]
[*]程式會提示更新,按 [b]Yes[/b] 進行更新.
[*]完成更新後按 [b]Custom Scan[/b],程式會提示要求掃描 [b]Potentially Unwanted Programs[/b],按 [b]Yes[/b] 允許.
[*]確定掃描路徑只有 [b]C:\[/b],然後按 [b]Next[/b] 開始掃描.
[*]完成掃描後,假如發現有害項目,按 [b]Quarantine selected[/b] 進行清理. (假如程式要求重新啓動電腦,按 [b]OK[/b] 重新啓動電腦。)
[*]關閉[b][color=blue] Emsisoft Emergency Kit[/color][/b]. ([b][color=blue] Emsisoft Emergency Kit[/color][/b] 會彈出視窗,可以直接關閉.)[/list]



完成掃描後,檢查瀏覽器仲有冇顯示o個個廣告。如果仍然出現問題,我只好建議你備份私人檔案,然後格式化硬碟再重裝 Windows。因為診斷記錄並無顯示問題所在位置,而且用過既殺毒程式(包括能力極高既 BitDefender 引擎)亦無重大發現,應該有難以偵察既惡意程式存在。

coloreal1227 2016-3-27 11:20 AM

回應

因為我前都有洗過機 但都冇用......洗左中幾次機又換過HD都係唔得= =我係唔係應該要換腦?

coloreal1227 2016-3-27 12:02 PM

我想網搵(Sorry you can't watch this content as guest. Please continue to create free account Virus)
之後搵到呢個網但我睇唔明係咩文= =
[url]http://www.teknobaha.com/2016/01/sorry-you-cant-watch-this-content-as.html[/url]

geck789 2016-3-27 12:10 PM

呢部電腦去其他正常網站係咪都同樣出現呢啲有問題既廣告?定係只有呢個網站有問題?

同一個網絡內有冇其他電腦?有既話試下去呢啲出現有問題廣告既網站,睇下係咪同樣有問題。



[url=http://www.discuss.com.hk/android][img=100,23]http://i.discuss.com.hk/d/images/r10/androidD.jpg[/img][/url]

coloreal1227 2016-3-27 12:47 PM

其他網頁都有= =

geck789 2016-3-27 06:41 PM

:smile_30: :loveliness:

有趣既問題。

假設你指既洗過機係格式化硬碟再重裝 Windows,咁餘下只有兩個可能性。

首先登入路由器,網址通常係 [url]http://192.168.0.1[/url] 或 [url]http://192.168.1.1[/url],然後重新設置路由器(或直接長按路由器上既重設掣),之後登入路由器,檢查 DNS 項目既 IP 係咩,通常o係網路設定、DNS、DHCP 分頁就見到。

coloreal1227 2016-3-28 05:03 PM

回應

感覺= =應該是網路設定問題...
電腦白痴<~

因為= =網頁有講建立(非)私人連線會出現呢D POPUPS

但係建立私人連線- -係唔會有呢個問題....所以我應該...???

http://upload.lsforum.net/users/public/r355001k78.jpg 圖1

http://upload.lsforum.net/users/public/c245373k78.jpg


http://upload.lsforum.net/users/public/b184152p78.jpg 圖2


http://upload.lsforum.net/users/public/q49224a78.jpg

[[i] 本帖最後由 coloreal1227 於 2016-3-28 05:51 PM 編輯 [/i]]

geck789 2016-3-29 10:53 PM

先按照帖 #15 步驟執行檢查。

Yelung 2016-3-30 08:24 PM

[b]我都係[/b]



[url=http://www.discuss.com.hk/iphone][img=100,23]http://i.discuss.com.hk/d/images/r10/iphoneD.jpg[/img][/url]
頁: [1]
查看完整版本: 中左廣告毒求救!!!!!!