QQ pop-up ad Trojan, Which is disguised as a QQ pop-up advertisement. the pop-up window is displayed at any time in the lower right corner of the screen. Place the mouse in this window, And the mouse will turn into a hand. Click anywhere in the window to open the browser to link to the advertisement webpage. In the formal QQ pop-up advertisement window, most of them are text or image descriptions, you can only click the link in the description to open the webpage. Therefore, the pop-up advertisement window is actually a webpage link Trojan, which must be distinguished by everyone.
Solution: The trojan will create a "Backup" folder in the C: \ Windows directory and use the automatic loading and monitoring of Backup files function, so that you cannot manually clear the trojan in safe mode. The solution is to use the batch processing function and delete it before the trojan program re-creates the backup.
Restart the machine and press F8 to select safe mode to enter the system. Create a text document and enter:
"Move c: \ windows \ backup c: \ windows \ bak (rename the Backup Directory to Bak)
Md c: \ windows \ backup (create a Backup directory under C: \ windows )",
Click "file/Save as" to change the file name to "QQ advertisement. bat" and save the file.
Tip: Do not enter the description in the brackets.
After running the batch file, immediately delete the "Bak" folder in the "C: \ windows" folder and delete the trojan backup file. Create a new text document and enter:
"Cd c: \ (change the current path to C: root directory of the disk)
Cd C: \ windows \ Downloaded Program Files (change the current path)
C: \ windowsDownloaded Program Files move _ IS_0518 c: \ bak (move related folders )"
Click the "file/Save as" option and save it as the "QQ advertisement 2. bat" file. After you double-click it, delete the "Bak" folder on drive C, go to the "C: \ windows" directory, and delete the Backup folder, which clears the trojan file.
Finally, enter "Regedit" in the "run" dialog box to open the "Registry Editor" window, delete "HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run \ Advapi32" and "HKEY_CURRENT_USER/Software/advapi32" respectively.
|
| [Content navigation] | |
| Page 1: QQ pop-up ad Trojan | Page 2nd: QQ expressions |
| Page 1: Kill QQ music Virus | Page 1: QQ turtle virus detection and removal |
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
