PDA

Pogledaj cijelu verziju : newdotnet7_48.dll


Pippen47
22-02-2007, 20:13
ovako:
za jedan sat spojen na adsl , napravim promrt od 40mb(bez da idem na internet, samo je spojen) ...
nije mi jasno zake tako puno skida... mislim da je problem ovdje:

newdotnet7_48.dll

taj file ne mogu izbrisati...


evo i mog loga


Logfile of HijackThis v1.99.1
Scan saved at 20:06:34, on 22.2.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\msasvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\System32\wininet.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Relja\MAXadsl - Provjera prometa\MAXadslPP.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Alien\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcplay.hr/
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,C:\WINDO WS\ntsock.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programi\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan]SSOUNDMAN.EXE
O4 - HKLM\..\Run: [snpstd]SC:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [QuickTime Task]S"C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck]SC:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools]S"D:\Programi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ISUSPM Startup]SC:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler]S"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [trioService]S"C:\PROGRA~1\Freeze.com\Halloween\\trioService.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched]S"C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent]SC:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Lexmark_X79-55]SC:\WINDOWS\System32\lsasss.exe
O4 - HKLM\..\Run: [winabc]Srundll32.exe C:\DOCUME~1\Alien\LOCALS~1\Temp\a.dll,abcLaunchEv
O4 - HKLM\..\Run: [ATIPTA]S"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [TRIXX]S"C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [New.net Startup]Srundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [CTFMON.EXE]SC:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg]SC:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WhenUSave]S"C:\Program Files\Save\Save.exe"
O4 - HKCU\..\Run: [E06AXLRD_7126812]S"D:\Programi\Encarta\Encarta Premium DVD 2006\EDICT.EXE" -m
O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Programi\Adobe\Reader\reader_sl.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... zer000YYHR (http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZZzer000YYHR)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {7B41B7AC-3496-4C13-A70F-DE6B60A6A8A8} (MGAME manager Class) - http://www.legendofares.com/download/mg ... rv1001.cab (http://www.legendofares.com/download/mgusamanagerv1001.cab)
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/downloa ... herNew.cab (http://legendofares.netgame.com/download/MusaLauncherNew.cab)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\System32\svchu.dll
O21 - SSODL: SysRun - {D7FFD784-5276-42D1-887B-00267870A4C7} - C:\WINDOWS\System32\svshost.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\System32\msasvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Helena
22-02-2007, 20:19
SNEWDOTNET7_48.DLL Application/Process Description
Below is a description of NEWDOTNET7_48.DLL. This application may not be safe to have on your computer. If this application is running on your computer, it is advised that you scan your computer for both viruses and spyware/adware immediately.

Summary of NEWDOTNET7_48.DLL
Trojan.NewDotNet.BHO

Description of NEWDOTNET7_48.DLL
Newdotnet browser helper object

Trojans are programs that can appear to serve a legitimate purpose but actually have an unwanted or harmful effect.

A large segment of trojan programs download other harmful software components to a user's PC without his/her knowledge.

This application is most likely downloaded and installed by another application that is considered to be adware or spyware.

Threat Level (1-10)
8

Processes
NEWDOTNET7_48.DLL

CLSID List
{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
{DD521A1D-1F98-11D4-9676-00E018981B9E}

Mislim da ti je ovime sve jasno.
Pippen47
22-02-2007, 20:24
al kako se rjesiti tog smeca? jel ga mogu maknuti s Spybot S&D
Helena
22-02-2007, 20:26
Antivirusom skeniraj sve. Šta drugo ti preostaje.
Pippen47
22-02-2007, 20:29
ma skeniram s Spybot search & destroj , i nakon scana ga označim, kliknem fix problems i program mi javi da ga ne može izbrisati(neka datoteka ga koristi) , da komp treba restartati... kad to napravim ponovno isto...
Helena
22-02-2007, 20:30
Spybot nije antivirus... AVG, Nod32, šta već koristiš.
The Boz
22-02-2007, 20:35
Ako neće sa AVGom, bootaj u safe modu, ili ga nađi i zbriši iz dosa.
Karzah
22-02-2007, 20:36
Skeniraj ZoneAlarmom ili NOD32 antivirusom , ako to ne uspije probaj iz safe moda kako ti je Boz rekao .
Bartuc
22-02-2007, 20:50
Inaće ako SpyBot nemre neš popravit traži te da restartaš komp i onda on obavi svoje prije neg kaj ti se potpuno otvore windowsi.

Moj prjedlog je isto Safe Mode, dok restarta klikni F5 ili F6 nisam ziher pa klikni oboje i promptat će te za Safe Mod. Onda pokreneš antivirus, ak nemaš antivirus onda probaš sa SpyBotom!
Helena
22-02-2007, 20:54
Nije ni F5, ni F6, već F8.
The Plague
22-02-2007, 20:55
Skini program named Unlocker - ja sam ga dobio uz moje windowse Dark Edition

s njim ces moc obrisat sigurno. Ako ne to onda u safe modu
Bartuc
22-02-2007, 20:58
Nije ni F5, ni F6, već F8.

Moguće onda da pali bilo koji gumb jer meni ulazi i sa F5 i sa F6 u Safe Mode!

Probaj pa buš vidla :D Neki dan sam s njima ulazil u Safe Mode jer sam imal 7 trojanaca, al je sad sve čisto i virus free odkad imam BitDefender 10 :pray:
The Boz
22-02-2007, 21:01
Ovisi o matičnoj zapravo. Isto tako ovisi na šta se ulazi u BIOS(F1, F2..., DEL itd.), i slične opcije/naredbe
Umjesto Unlockera preporučam CCleaner (http://www.ccleaner.com/), Add/Remove Programs na steroidima.
Pippen47
23-02-2007, 16:44
ja ušao u safe modu (F11) i izbrisao datoteku... pa nisam mogao spojiti se na net... ja napravio system restore i sad nema vise antivirusa a kad se komp pokrene piše mi da ne može naći source file iliti izvornu datoteku, ali sam se evo uspio spojiti... miuslim da ću napraviti format diska :roll: