求助 - IE開啟網頁問題請眾前輩指點一二 拜託 請看一下

[foxlee]

已試過 IE7 FIREFOX Maxthon 都是一樣 開某些網頁 網頁上方都會出現 如圖一

http://img264.imageshack.us/my.php?image=01wi6.gif

或圖2

http://img412.imageshack.us/my.php?image=02yp2.gif

小弟除了重灌已試過各種方法

IE修復 安裝IE7 火狐 Maxthon 利用超級兔子 修復
都是一樣 也試過掃毒 並無中毒
所以向板上的眾位高手 求救指點一二 拜託各位長輩

PS. 公司電腦僅有 2台有此情況 其他都正常...昨天都有進行WIN更新

不成材的網管留.........

[plunderer]

你在區域網內? 問網管吧
這是考驗網管功力的最佳題材

[a471]

引用:

作者: plunderer

你在區域網內? 問網管吧
這是考驗網管功力的最佳題材

它就是那個搞不定的網管啦

[plunderer]

網管至少得具備一點英文基礎吧....

We have a residential (ie: I don't control what is on them) network here of up to 500 computers at any one time. Currently there is a machine doing an ARP-cache poisoning attack against the network. For some unknown reason, it is inserting the string "1^LIBraBBGvB8i~o+Z~UU?L5{B~SLIB5C" into HTTP responses just after the HTTP headers. I presume (NOTE: this is speculation, I have not yet been able to examine the machine in question) that this is due to a trojan/worm or other malware on the system performing the attack, possibly trying to spread itself to other computers on the subnet accessing the web running a vulnerable web browser - although I have not yet identified the effect of that string, so it may be for some other purpose.
I suggest you check other machines on your network for possible compromises.
Use a program like wireshark to examine network traffic to see if there are a continuous stream of ARP responses that _appear_ to be from your router to every other IP address in the subnet, but telling them in incorrect MAC - the computer with that MAC will be the culprit - you may use nmap to find the IP address of the machine. Alternatively if you are using a managed switch, you can look for the MAC that maps to just about every IP address on the subnet.

這是 MSDN 論壇的回覆, 看看有沒有幫助