MyCity » Ambulanta -> Arhiva Ambulante » Toolbar.MyWebSearch

Toolbar.MyWebSearch

Napisano na dan: 25.7.2008

Toolbar.MyWebSearch

Sledeća strana

Pagination

Odgovori

puela Poslao: 25 Jul 2008 11:55 Idi na vrh
offline puela Građanin Pridružio: 06 Jan 2006 Poruke: 64	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sinoć mi je Nod32 prijavio ovu napast Toolbar.MyWebSearch ovde: Citat:Scan performed at: 25.7.2008 1:42:22 Scanning Log NOD32 version 3296 (20080724) NT Command line: C:\Program Files\Mozilla Firefox\plugins\NPZoneSB.dll Date: 25.7.2008 Time: 01:42:28 Anti-Stealth technology is enabled. Scanned disks, folders and files: C:\Program Files\Mozilla Firefox\plugins\NPZoneSB.dll C:\Program Files\Mozilla Firefox\plugins\NPZoneSB.dll - Win32/Toolbar.MyWebSearch application - deleted (after the next restart) [2] Number of scanned files: 1 Number of threats found: 1 Number of files cleaned: 1 Time of completion: 01:45:17 Total scanning time: 169 sec (00:02:49) Notes: [2] File is being used (open or running). System restart is required for the cleaning to complete. Tada sam uradila In depth analysis i našao ga je na još dva mesta: Citat:Scan performed at: 25.7.2008 2:50:12 Scanning Log NOD32 version 3296 (20080724) NT Operating memory - is OK Date: 25.7.2008 Time: 02:50:43 Anti-Stealth technology is enabled. Scanned disks, folders and files: C:; E: C:\hiberfil.sys - error opening (File locked) [4] C:\pagefile.sys - error opening (File locked) [4] C:\Documents and Settings\ana\NTUSER.DAT - error opening (File locked) [4] C:\Documents and Settings\ana\ntuser.dat.LOG - error opening (File locked) [4] C:\Documents and Settings\ana\Application Data\Mozilla\Firefox\Profiles\8lmmhfsa.default\chrome\pink_paula_pp_2-1.0.5-fx.jar »ZIP »browser/livemark-item.png - archive damaged C:\Documents and Settings\ana\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4] C:\Documents and Settings\ana\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4] C:\Documents and Settings\LocalService\NTUSER.DAT - error opening (File locked) [4] C:\Documents and Settings\LocalService\ntuser.dat.LOG - error opening (File locked) [4] C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4] C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4] C:\Documents and Settings\NetworkService\NTUSER.DAT - error opening (File locked) [4] C:\Documents and Settings\NetworkService\ntuser.dat.LOG - error opening (File locked) [4] C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4] C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4] C:\Program Files\ZoneAlarmSB\bar\1.bin\NPZONESB.DLL - Win32/Toolbar.MyWebSearch application - deleted C:\System Volume Information\MountPointManagerRemoteDatabase - error opening (Access denied) [4] C:\System Volume Information\_restore{2EF7C664-1C3D-4EBD-A742-DBEF2A2515DB}\RP466\A0172309.dll - Win32/Toolbar.MyWebSearch application - deleted C:\System Volume Information\_restore{2EF7C664-1C3D-4EBD-A742-DBEF2A2515DB}\RP467\A0172409.DLL - Win32/Toolbar.MyWebSearch application - deleted C:\WINDOWS\system32\config\default - error opening (File locked) [4] C:\WINDOWS\system32\config\default.LOG - error opening (File locked) [4] C:\WINDOWS\system32\config\SAM - error opening (File locked) [4] C:\WINDOWS\system32\config\SAM.LOG - error opening (File locked) [4] C:\WINDOWS\system32\config\SECURITY - error opening (File locked) [4] C:\WINDOWS\system32\config\SECURITY.LOG - error opening (File locked) [4] C:\WINDOWS\system32\config\software - error opening (File locked) [4] C:\WINDOWS\system32\config\software.LOG - error opening (File locked) [4] C:\WINDOWS\system32\config\system - error opening (File locked) [4] C:\WINDOWS\system32\config\system.LOG - error opening (File locked) [4] C:\WINDOWS\system32\drivers\fidbox.dat - error opening (File locked) [4] C:\WINDOWS\system32\drivers\fidbox.idx - error opening (File locked) [4] E:\Downloadss\winzip110.exe »ZIP »SETUP.WZ »ZIP »WINZIP32.EX_ - error - password-protected file E:\System Volume Information\MountPointManagerRemoteDatabase - error opening (Access denied) [4] Number of scanned files: 229202 Number of threats found: 3 Number of files cleaned: 3 Time of completion: 11:38:06 Total scanning time: 31643 sec (08:47:23) Notes: [4] File cannot be opened. It may be in use by another application or operating system. Evo i loga sa HijackThis-a, ima li još nešto sumnjivo? I da li mogu još nešto da uradim za ovaj Toolbar? Logfile of HijackThis v1.99.1 Scan saved at 11:43:25, on 25.7.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\ana\Desktop\mika\tm3.exe.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com/resources/scan8/oscan8.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8-) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Hvala unapred!

Profil

dr_Bora Poslao: 25 Jul 2008 15:07 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... File C:\Program Files\Mozilla Firefox\plugins\NPZoneSB.dll bi trebao biti legitiman (ZoneAlarm SPy Blocker Plugin). Moguće da je u pitanju pogrešna detekcija. Proveri da li se file nalazi u karantinu. Ako je tamo, vrati ga na mesto i zatim uploaduj na proveru preko sledećeg linka: http://www.mycity.rs/ambulanta-upload.php Btw, postavljeni logfile je čist.

Profil

puela Poslao: 25 Jul 2008 20:02 Idi na vrh
offline puela Građanin Pridružio: 06 Jan 2006 Poruke: 64	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Na žalost, obrisan je. Prepala sam se sinoć pa ga nisam ni stavila u karantin. Hvala na odgovoru i stručnoj pomoći.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Toolbar.MyWebSearch

Ko je trenutno na forumu

Ukupno su 907 korisnika na forumu :: 33 registrovanih, 5 sakrivenih i 869 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., aramis s, babaroga, bbogdan, Bubimir, cifra, djboj, Djokislav, drimer, esx66, galerija, ivica976, Kibice, kolle.the.kid, ksyyaj, maCvele, maiden6657, Marko Marković, nedeljkovici, nikoladim, ozzy, panzerwaffe, RecA, repac, shaja1, Shinobi, sokars, Srki94, Srle993, Trpe Grozni, vandrej, VP6919, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by