Mam ten plik za kazdym uruchomieniem komputera i za kazdym razem Avast mi go wykrywa jako wirus i usuwam a potem i tak on powraca to samo sie dzieje z mtr…vir nie wiem ja tam brzmi dokladnie ta nazwa
Wyłącz przywracanie systemu.
A masz na dysku taki program - tmpf00.exe. ?
ten plik uruchamia sie razem z windowsem bo zawsze daje zakoncz w menadzerze zadan a lokalizjuje sie w C:\WINDOWS\System32 jets duzo tych plikow tam tmpf00.exe, i potem 01,03 itd. i zawsze je usuwam ale zawsze wracaja
Robilem juz skanuy z tej strony wielokrotnie usuwalo wirusy tojany ale znow powracaly i niewiem juz jak sobie poradzic ale log wkeje
Logfile of HijackThis v1.98.2
Scan saved at 09:24:34, on 2004-12-31
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Gadu-Gadu\gg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.onet.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [Windows AdService] C:\Program Files\Windows AdService\WinAdServ.exe
O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKCU…\Run: [Gadu-Gadu] “C:\Gadu-Gadu\gg.exe” /tray
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O16 - DPF: komentator - http://sport.onet.pl/komentator.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file. … 567bbcc1cd
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.windowsecurity.com/trojanscan/TDECntrl.CAB
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar … /cabsa.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {82CF9738-0BDA-4AAF-AB08-5AC5875FF3BB} (YMultiRecord Class) - http://portalwiedzy.onet.pl/europlus/le … ording.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab
O21 - SSODL: zjSikrTC - {40F6D95D-EA5C-73F7-19AF-084A6A116F80} - C:\WINDOWS\System32\tkhxa.dll (file missing)
O21 - SSODL: eplrr - {681EBC71-254C-4C97-A948-1AEA0DACAB85} - C:\WINDOWS\System32\eplrr3.dll
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.onet.pl/
R3 - Default URLSearchHook is missing
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=7fd1b1487ea24557e81cb1f266ef2 780947d11d735d3f73d567bbcc1cd65aeb860d24e26488494fe11db2684f9909f72dc77fd77a214: 2e5848e0a9d3ad577e6a6478c1291781
O16 - DPF: {82CF9738-0BDA-4AAF-AB08-5AC5875FF3BB} (YMultiRecord Class) - http://portalwiedzy.onet.pl/europlus/lekcje/localplayer/recording/yrecording.cab
O21 - SSODL: zjSikrTC - {40F6D95D-EA5C-73F7-19AF-084A6A116F80} - C:\WINDOWS\System32\tkhxa.dll (file missing)
Ten mnie zastanawia:
O21 - SSODL: eplrr - {681EBC71-254C-4C97-A948-1AEA0DACAB85} - C:\WINDOWS\System32\eplrr3.dll
http://forum.dobreprogramy.pl/viewtopic.php?t=14452
Poczytaj i zastosuj się do rad.
Ps
Dobrze Damian że ten wpis Cię zastanawia bo to trojan 