Pippen47
22-02-2007, 20:13
ovako:
za jedan sat spojen na adsl , napravim promrt od 40mb(bez da idem na internet, samo je spojen) ...
nije mi jasno zake tako puno skida... mislim da je problem ovdje:
newdotnet7_48.dll
taj file ne mogu izbrisati...
evo i mog loga
Logfile of HijackThis v1.99.1
Scan saved at 20:06:34, on 22.2.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\msasvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\System32\wininet.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Relja\MAXadsl - Provjera prometa\MAXadslPP.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Alien\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcplay.hr/
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,C:\WINDO WS\ntsock.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programi\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan]SSOUNDMAN.EXE
O4 - HKLM\..\Run: [snpstd]SC:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [QuickTime Task]S"C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck]SC:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools]S"D:\Programi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ISUSPM Startup]SC:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler]S"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [trioService]S"C:\PROGRA~1\Freeze.com\Halloween\\trioService.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched]S"C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent]SC:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Lexmark_X79-55]SC:\WINDOWS\System32\lsasss.exe
O4 - HKLM\..\Run: [winabc]Srundll32.exe C:\DOCUME~1\Alien\LOCALS~1\Temp\a.dll,abcLaunchEv
O4 - HKLM\..\Run: [ATIPTA]S"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [TRIXX]S"C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [New.net Startup]Srundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [CTFMON.EXE]SC:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg]SC:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WhenUSave]S"C:\Program Files\Save\Save.exe"
O4 - HKCU\..\Run: [E06AXLRD_7126812]S"D:\Programi\Encarta\Encarta Premium DVD 2006\EDICT.EXE" -m
O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Programi\Adobe\Reader\reader_sl.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... zer000YYHR (http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZZzer000YYHR)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {7B41B7AC-3496-4C13-A70F-DE6B60A6A8A8} (MGAME manager Class) - http://www.legendofares.com/download/mg ... rv1001.cab (http://www.legendofares.com/download/mgusamanagerv1001.cab)
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/downloa ... herNew.cab (http://legendofares.netgame.com/download/MusaLauncherNew.cab)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\System32\svchu.dll
O21 - SSODL: SysRun - {D7FFD784-5276-42D1-887B-00267870A4C7} - C:\WINDOWS\System32\svshost.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\System32\msasvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
za jedan sat spojen na adsl , napravim promrt od 40mb(bez da idem na internet, samo je spojen) ...
nije mi jasno zake tako puno skida... mislim da je problem ovdje:
newdotnet7_48.dll
taj file ne mogu izbrisati...
evo i mog loga
Logfile of HijackThis v1.99.1
Scan saved at 20:06:34, on 22.2.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\msasvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\System32\wininet.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Relja\MAXadsl - Provjera prometa\MAXadslPP.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Alien\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcplay.hr/
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,C:\WINDO WS\ntsock.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programi\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan]SSOUNDMAN.EXE
O4 - HKLM\..\Run: [snpstd]SC:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [QuickTime Task]S"C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck]SC:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools]S"D:\Programi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ISUSPM Startup]SC:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler]S"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [trioService]S"C:\PROGRA~1\Freeze.com\Halloween\\trioService.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched]S"C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent]SC:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Lexmark_X79-55]SC:\WINDOWS\System32\lsasss.exe
O4 - HKLM\..\Run: [winabc]Srundll32.exe C:\DOCUME~1\Alien\LOCALS~1\Temp\a.dll,abcLaunchEv
O4 - HKLM\..\Run: [ATIPTA]S"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [TRIXX]S"C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [New.net Startup]Srundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [CTFMON.EXE]SC:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg]SC:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WhenUSave]S"C:\Program Files\Save\Save.exe"
O4 - HKCU\..\Run: [E06AXLRD_7126812]S"D:\Programi\Encarta\Encarta Premium DVD 2006\EDICT.EXE" -m
O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Programi\Adobe\Reader\reader_sl.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... zer000YYHR (http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZZzer000YYHR)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {7B41B7AC-3496-4C13-A70F-DE6B60A6A8A8} (MGAME manager Class) - http://www.legendofares.com/download/mg ... rv1001.cab (http://www.legendofares.com/download/mgusamanagerv1001.cab)
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/downloa ... herNew.cab (http://legendofares.netgame.com/download/MusaLauncherNew.cab)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\System32\svchu.dll
O21 - SSODL: SysRun - {D7FFD784-5276-42D1-887B-00267870A4C7} - C:\WINDOWS\System32\svshost.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\System32\msasvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe