IE 8 首页被占

请大大帮忙有边只防毒可以清左佢,用紧NOD 32 ,扫唔出,我系电脑白痴

已解决,谢谢版大

[ 本帖最后由 schoolboy123 於 2013-12-19 04:35 PM 编辑 ]

下载 Hijackthis至桌面 > 按 Install > 按[ Accept] > 按 [Do a system scan and save a logfile ] > 完成扫瞄系统，hijackthis会弹出报告。

储存该扫瞄报告於桌面。请把Hijackthis 扫瞄报告贴上。

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 上午 11:28:11, on 2013/12/13
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\CCBComponents\DMWZ\CCBCertificate.exe
C:\Program Files\CCBComponents\HDZB\USBKeyTools.exe
C:\Windows\System32\WatchData\Watchdata CCB OCL CSP v3.2\WDCertM_CCB.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchFilterHost.exe
C:\C S\HijackThis.exe

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CCBCertificate] C:\Program Files\CCBComponents\DMWZ\CCBCertificate.exe
O4 - HKLM\..\Run: [USBKeyTools.exe] C:\Program Files\CCBComponents\HDZB\USBKeyTools.exe
O4 - HKLM\..\Run: [wdcertm_ccb] C:\Windows\system32\WatchData\Watchdata CCB OCL CSP v3.2\WDCertM_CCB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-505881861-1126571908-2771334154-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-505881861-1126571908-2771334154-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: 使用BitSpirit下载(&B) - C:\Program Files\BitSpirit\bsurl.htm

O13 - Gopher Prefix:
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.co ... s/flash/swflash.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Baidu Updater (BaiduUpdater) - Broadcom Corporation - (no file)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HDZB Comm Service For V2.0 (HZ_CommSrv) - ?大智??子系?有限公司 - C:\Windows\system32\HZ_CommSrv.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WatchData ccb V3.2 (WDMonitorCCB) - Beijing WatchData System Co., Ltd. - C:\Windows\system32\WatchData\Watchdata CCB OCL CSP v3.2\WDKeyMonitorCCB.exe

--
End of file - 4842 bytes

就系呢个网页,谢谢版大 http://www.zhaozhaola.com/

1. 下载/执行Junkware Removal Tool扫毒。执行扫毒前请关闭所有浏览器同程式。
(JRT会自动删除附於浏览器的恶意程式/档案/登录档)

2. 下载/执行 AdwCleaner (Xplode) 扫毒。(按[Clean] 扫毒/删除)
(执行AdwCleaner关闭所有浏览器/程式)

3. 关闭所有防毒软件(包括Windows Defender),下载ComboFix至桌面 ,执行 ComboFix 扫毒。
扫瞄时不要执行其他程式或点击 ComboFix视窗。
完成扫瞄后,ComboFix 报告会自动弹出。

请贴上以下报告:
a. JRT扫毒报告。
b. AdwCleaner删毒报告。
c. ComboFix扫毒报告。
d. 新1份Hijackthis扫瞄报告。

已解决,谢谢版大

You're welcome.

1. 如果浏览器首页回复正常,请跟#8帖移除Hijackthis/ComboFix等等的扫瞄软件。
http://computer.uwants.com/viewthread.php?tid=12999541&extra=page%3D1

2. 请用CCleaner Free删除temp files/登录档,用Windows预载defrag功能,做番1次磁碟重组(defrag)。

3. 请将[病毒移除]主题改为[已解决]。Tks.