Jak w temacie dotyczy to aplikacji tmpf00 rozne sa tam liczby z przedzialu 00-30 zawsze po uruchomieniu wyskauje mi informacja avasta ze mam trojana o nazwie 123235.exe oraz za moment misb.exe skanowalem wszystkim co pisaliscie w awaryjnym we wszytskim i nic wkleje log bo mi kazaliscie usunac ta linie O21 - SSODL: eplrr - {17966720-C510-4698-A63B-A28B32A22873} - C:\WINDOWS\System32\eplrr3.dll ale podczas kasowania jak i a awaryjnym jak i wnormalnym wyskakuje komunikat :
An unexpected error has occurred at procedure: modBackup_MakeBackup(sItem=O21 - SSODL: eplrr -
{066F7204-81BE-4491-8BD9-43CE7024CC30} - C:\WINDOWS\System32\eplrr3.dll)
Error #62 - Input past end of file
I tam dalej please email i takie pierdoły
Dodam jeszcze ze w msconfig w uruchaminiu mam taka pozycjae SahAgent w C:windows\System32\sahagent.exe
Moze ktos ma sposob juz z takim czym sie spotkal i to usunał: Wleje log jeszcze
Logfile of HijackThis v1.99.0
Scan saved at 11:39:57, on 2005-01-07
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Gadu-Gadu\gg.exe
C:\WINDOWS\System32\tmpf00.exe
C:\WINDOWS\System32\tmpf05.exe
C:\Documents and Settings\ciapo\Dane aplikacji\itos.exe
C:\WINDOWS\system32\w?nlogon.exe
C:\WINDOWS\System32\tmpf08.exe
C:\Program Files\DeskAd Service\DeskAdServ.exe
C:\Program Files\DeskAd Service\DeskAdKeep.exe
C:\WINDOWS\System32\SahAgent.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.onet.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~2.DLL
O2 - BHO: (no name) - {98FB92C0-0302-76F2-51A4-20D028057490} - C:\WINDOWS\System32\lkokef.dll
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM…\Run: [DeskAd Service] C:\Program Files\DeskAd Service\DeskAdServ.exe
O4 - HKLM…\Run: [sAHAgent] C:\WINDOWS\System32\SahAgent.exe
O4 - HKCU…\Run: [Gadu-Gadu] “C:\Gadu-Gadu\gg.exe” /tray
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [Teah] C:\Documents and Settings\ciapo\Dane aplikacji\itos.exe
O4 - HKCU…\Run: [Rfkyi] C:\WINDOWS\System32\w?nlogon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Click … dge-c9.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar … /cabsa.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTickets … refid=4205
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O23 - Service: avast! iAVS4 Control Service - Unknown - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: Kerio Personal Firewall 4 - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe