Zablokowanie stron w IE

Ciągle włączaja mi się reklamy antywirusów triali i innych optymizerów. Jako główną przeglądarke mam Operę ale to się włącza w IE. Jak zablokowac te strony??

Wklej log z HijackThis.

Wklej loga z HijackThis, Silent Runners do odpowiedniego działu

http://forum.dobreprogramy.pl/viewtopic.php?t=36654

Zainstaluj :

:arrow: http://forum.dobreprogramy.pl/viewtopic.php?t=36654

:arrow: http://www.securityzone.one.pl/blog/wwdc/

Soccer

Sporządź jeszcze raz poprawnie logi - wklej je w całości - temat przenoszę do działu Bezpieczeństwo i logi HijackThis.

Logi:

Logfile of HijackThis v1.99.1

Scan saved at 14:14:40, on 2007-06-12

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe

C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\atiptaxx.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\LClock\LClock.exe

C:\Program Files\Styler\Styler.exe

C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE

C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\psimsvc.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\Program Files\ivo\Expressivo Demo\expressivo.exe

C:\WINDOWS\system32\svchost.exe

D:\Kalendarz XP\Kalendarz.exe

C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe

D:\Program Files\SysInfoMyWork\SysInfoMyWork.exe

C:\WINDOWS\BricoPacks\Longhorn Inspirat\YzToolBar\YzToolBar.exe

c:\program files\panda software\panda antivirus + firewall 2007\WebProxy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Opera\Opera.exe

C:\Documents and Settings\Admin\Pulpit\hijackthis\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll

O3 - Toolbar: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo Demo\IH_iexplore.dll

O4 - HKLM\..\Run: [ATIPTA] C:\WINDOWS\atiptaxx.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u

O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe

O4 - HKLM\..\Run: [Styler] C:\Program Files\Styler\Styler.exe

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\vrxmkpso.dll",realset

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [Odkurzacz-MCD] D:\Program Files\Odkurzacz\odk_mcd.exe

O4 - HKCU\..\Run: [Expressivo] "C:\Program Files\ivo\Expressivo Demo\expressivo.exe" -t

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe

O4 - Startup: SysInfoMyWork.lnk = D:\Program Files\SysInfoMyWork\SysInfoMyWork.exe

O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\YzToolBar\YzToolBar.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Kalendarz XP.lnk = D:\Kalendarz XP\Kalendarz.exe

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1178005981546

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178220007062

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\psimsvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe

Użyj VundoFix + Trojan.Vundo Removal Tool + VirtumundoBeGone.

Daj log z Combofix

OK. Ale czy są jakieś złe logi??

Co masz na myśli pisząc “złe logi”? Złapałeś trojana Vundo dlatego Gutek radzi w pierwszej kolejności użyć automatów, a potem wkleić log z ComboFix, by nie usunięte przez automaty resztki samemu usunąć.

Nie wchodzi jakoś mi program(ściągam instalkę a Opera pisze że niema programu takiego)

nie mogę na stronie znalezc download

działa ale jak go uzyc??

Coś słabo szukałeś

Trojan.Vundo Removal Tool

VundoFix

VirtmundoBeGone

ComboFix