首页 手机软件 手机游戏 单机游戏 资讯文章 专题下载 游戏合集 文章合集 php下载 php教程 电脑软件
+ -
当前位置:首页 → 问答吧 → [有图]电脑经常弹出其他网页/自行浏览某个网页[附HIJACKTHIS]

[有图]电脑经常弹出其他网页/自行浏览某个网页[附HIJACKTHIS]

时间:2013-09-29

来源:互联网

电脑经常弹出其他网页/自行浏览某个网页
附件 未命名.jpg (228.05 KB)

2013-7-18 11:21 AM

未命名[1].jpg (117.02 KB)

2013-7-18 11:21 AM

未命名.jpg (228.05 KB)

2013-7-18 11:21 AM

未命名[1].jpg (117.02 KB)

2013-7-18 11:21 AM

作者: cheungkinwa11   发布时间: 2013-09-29

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:14:52, on 18/7/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Users\Cheung KW\funshion\funshiontools\FSPAP.exe
E:\PPS.tv\PPStream\PPSProtect.exe
E:\PPS.tv\PPStream\PPSKernel.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Cheung KW\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\881903\IETOOLBAR\hkmgr.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\Symantec AntiVirus\VPTray.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Cheung KW\AppData\Roaming\881903\update\hkUpdate.exe
C:\Users\Cheung KW\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Funshion Online\Funshion\FunshionService.exe
C:\Users\Cheung KW\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Users\Cheung KW\AppData\Roaming\BrowserCompanion\tbhcn.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

作者: cheungkinwa11   发布时间: 2013-09-29

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
O2 - BHO: ShowHKToolbar Class - {06433BFE-4946-4E89-823D-CD359C81CD06} - C:\Program Files (x86)\881903\IETOOLBAR\hktbar.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Hong Kong Toolbar - {481EE3EC-C026-4F9A-BA22-FD07654ADFC0} - C:\Program Files (x86)\881903\IETOOLBAR\hktbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - (no file)
O2 - BHO: Windows Live ID 登入协助程式 - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: iToolsBHO - {E1499FE7-129D-4B6E-B681-DDF21E14172C} - C:\Users\Cheung KW\Documents\iTools\Plugin\iToolsBHO.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Hong Kong Toolbar - {481EE3EC-C026-4F9A-BA22-FD07654ADFC0} - C:\Program Files (x86)\881903\IETOOLBAR\hktbar.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~2\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [IME14 CHT Uninstall] C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE /Uninstall /CHT /Log
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [HKToolbarManager] "C:\Program Files (x86)\881903\IETOOLBAR\hkmgr.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Users\Cheung KW\Desktop\MSN 8.5\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PPS Accelerator] E:\PPS.tv\PPStream\PPSKernel.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Cheung KW\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Cheung KW\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [HKToolbarManager] C:\Program Files (x86)\881903\IETOOLBAR\hkmgr.exe
O4 - HKCU\..\Run: [TorrentStream] C:\Users\Cheung KW\AppData\Roaming\TorrentStream\engine\tsengine.exe
O4 - HKCU\..\Run: [Funshion] "C:\Program Files (x86)\Funshion Online\Funshion\Funshion.exe" startbywindows tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [PPS Accelerator] E:\PPS.tv\PPStream\PPSKernel.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [PPS Accelerator] E:\PPS.tv\PPStream\PPSKernel.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PPS Accelerator] E:\PPS.tv\PPStream\PPSKernel.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = Cheung KW\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = Cheung KW\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: PPS.lnk = E:\PPS.tv\PPStream\PPStream.exe
O4 - Startup: tbhcn.lnk = Cheung KW\AppData\Roaming\BrowserCompanion\tbhcn.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: &使用BitComet下载 - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &使用BitComet下载全部连结 - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: 传送至 OneNote(&N) - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: 汇出至 Microsoft Excel(&X) - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bi ... owdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/Me ... /uno1/GAME_UNO1.cab
O16 - DPF: {A99C5366-DB29-42C8-9372-632F0005B74D} (p2plsocx Control) - http://2012.i-cable.com/olympic/players/astri/ie/p2plsocx.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bi ... Client.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} (PPLive Lite Class) - http://dl.pplive.com/PluginSetup.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll

作者: cheungkinwa11   发布时间: 2013-09-29

O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: Bonjour 服务 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google更新 服务 (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google更新 服务 (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod 服务 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14685 bytes

作者: cheungkinwa11   发布时间: 2013-09-29

BrowserCompanion 是不是你安装的?

Step 1 : 下载及安装 Malwarebytes' Anti-Malware

下载 Malwarebytes' Anti-Malware
http://www.malwarebytes.org/mbam-download.php储存 mbam-setup.exe 至桌面执行 mbam-setup.exe 开始进行安装,安装时请选择 English 作为安装语言按 Next,勾选 I accept the agreement 后再按 Next然后全部都按 Next,不需要更改任何设定按 Install 后等候安装按 Finish 完成安装,并进行更新
Step 2 : 使用 Malwarebytes' Anti-Malware

勾选 Perform full scan,然后按 Scan再按 Scan,进行扫瞄等待扫瞄完成,按 Show Results,再按 Remove Selected 进行清理完成清理后会弹出扫描纪录,请储存扫描纪录至桌面关闭 Malwarebytes' Anti-Malware
Step 3 : 简述情况及贴上报告

请简述一下阁下电脑的状况请上传下列报告至 Sendspace
HijackThisMalwarebytes' Anti-Malware

作者: anlth2010   发布时间: 2013-09-29

Malwarebytes' Anti-Malware:
http://www.sendspace.com/file/c85mve

HijackThis:
http://www.sendspace.com/file/kgrc7t


BrowserCompanion 不是我安装的

作者: cheungkinwa11   发布时间: 2013-09-29

现时网页弹出多个一样的广告
附件 未命名[2].jpg (346.12 KB)

2013-7-20 05:22 PM

未命名[2].jpg (346.12 KB)

2013-7-20 05:22 PM

作者: cheungkinwa11   发布时间: 2013-09-29

Step 1 : 开启 HijackThis 修复项目

开启 HijackThis,按一下 Do a system scan only在左方的小格,勾选以下项目:
引用:O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll

O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll

O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - (no file)

O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll

O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll

O4 - Startup: tbhcn.lnk = Cheung KW\AppData\Roaming\BrowserCompanion\tbhcn.exe
接一下 Fix checked,然后再按是关闭 HijackThis
Step 2 : 重新启动电脑

重新启动电脑请进入安全模式
Step 3 : 删除档案

下载 OTM 至桌面,并执行 OTM复制下列文字,并贴上於 Paste Instructions for Items to be Moved 之框格内:
引用::files
C:\Program Files (x86)\BrowserCompanion\jsloader.dll
C:\Program Files (x86)\vShare\vshare_toolbar.dll
C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
C:\Users\Cheung KW\AppData\Roaming\BrowserCompanion\tbhcn.exe
按一下 MoveIt!,再按 OK,并重新启动电脑
Step 4 : 简述情况及贴上报告

请简述一下阁下电脑的状况请上传下列报告至 Sendspace
HijackThis

作者: anlth2010   发布时间: 2013-09-29

http://www.sendspace.com/file/e9lvcc

广告仍有弹出
有ib.adnxs.com的奇怪广告

作者: cheungkinwa11   发布时间: 2013-09-29

Step 1 : 下载及安装 Malwarebytes' Anti-Malware

下载 Malwarebytes' Anti-Malware
http://www.malwarebytes.org/mbam-download.php储存 mbam-setup.exe 至桌面执行 mbam-setup.exe 开始进行安装,安装时请选择 English 作为安装语言按 Next,勾选 I accept the agreement 后再按 Next然后全部都按 Next,不需要更改任何设定按 Install 后等候安装按 Finish 完成安装,并进行更新
Step 2 : 使用 Malwarebytes' Anti-Malware

勾选 Perform full scan,然后按 Scan再按 Scan,进行扫瞄等待扫瞄完成,按 Show Results,再按 Remove Selected 进行清理完成清理后会弹出扫描纪录,请储存扫描纪录至桌面关闭 Malwarebytes' Anti-Malware
Step 3 : 简述情况及贴上报告

请简述一下阁下电脑的状况请上传下列报告至 Sendspace
HijackThisMalwarebytes' Anti-Malware

作者: anlth2010   发布时间: 2013-09-29

HijackThis:
http://www.sendspace.com/file/3v7aie

Malwarebytes' Anti-Malware:
http://www.sendspace.com/file/7s896h

作者: cheungkinwa11   发布时间: 2013-09-29

现在情况如何?

作者: anlth2010   发布时间: 2013-09-29

没了ib.adnxs.com的奇怪广告
仍然是#1的情况

作者: cheungkinwa11   发布时间: 2013-09-29

引用:原帖由 cheungkinwa11 於 2013-7-28 01:56 AM 发表
没了ib.adnxs.com的奇怪广告
仍然是#1的情况
请贴上新的 HijackThis 纪录。

作者: anlth2010   发布时间: 2013-09-29

http://www.sendspace.com/file/w1o5ml
最新hijackthis

作者: cheungkinwa11   发布时间: 2013-09-29

Step 1 : 使用 VirusTotal 扫瞄档案

登入 VirusTotal选择下列档案:
[quote][/quote]按发送档案,档案会被上载等待完成扫瞄后,把扫瞄结果复制及储存
Step 2 : 贴上报告

请上传下列报告至 Sendspace
VirusTotal

作者: anlth2010   发布时间: 2013-09-29

选择下列档案:
[quote][/quote]

不明白

作者: cheungkinwa11   发布时间: 2013-09-29

引用:原帖由 cheungkinwa11 於 2013-8-8 02:45 PM 发表
选择下列档案:


不明白
不好意思,打漏了,请使用 VirusTotal 扫瞄这个档案。

C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

作者: anlth2010   发布时间: 2013-09-29

结果是这样的吗?
附件 未命名.jpg (135.13 KB)

2013-8-17 03:25 PM

未命名.jpg (135.13 KB)

2013-8-17 03:25 PM

作者: cheungkinwa11   发布时间: 2013-09-29

Step 1 : 开启 HijackThis 修复项目

开启 HijackThis,按一下 Do a system scan only在左方的小格,勾选以下项目:
引用:O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
接一下 Fix checked,然后再按是关闭 HijackThis
Step 2 : 重新启动电脑

重新启动电脑请进入安全模式
Step 3 : 删除档案

下载 OTM 至桌面,并执行 OTM复制下列文字,并贴上於 Paste Instructions for Items to be Moved 之框格内:
引用::files
C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
按一下 MoveIt!,再按 OK,并重新启动电脑

Step 4 : 简述情况及贴上报告

请简述一下阁下电脑的状况请上传下列报告至 Sendspace
HijackThisComboFix

作者: anlth2010   发布时间: 2013-09-29

相关阅读 更多

热门阅读

热门下载

更多
关于本站 免责申明 联系我们

Copyright 2006-2020 php爱好者(phpfans.net) All Rights Reserved.备案号:湘ICP备2023016114号-2

本站为非盈利性网站,不接受任何广告。本站所有资源均由网友上传,如有侵权,请发邮件至 [email protected] phpfans.net