Home > Trojan Horse > Trojan Horse Collected 11 B - HELP!

Trojan Horse Collected 11 B - HELP!

DroninOmega, Feb 15, 2017, in forum: Virus & Other Malware Removal Replies: 1 Views: 180 valis Feb 15, 2017 Thread Status: Not open for further replies. thx again...dasop Back to top #4 rookie147 rookie147 Members 5,321 posts OFFLINE Local time:06:20 AM Posted 27 April 2007 - 03:27 PM You haven't renamed HijackThis yet, please follow my Back to top #7 Shawty Shawty Member Full Member 5 posts Posted 24 May 2007 - 03:54 PM hiya, ty againI did it all, but when i went to http://www.virustota.../en/indexf.html all Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account? this contact form

It was the only program that would delete the primary dll in \windows\system32 once winlogon had its foot on it. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: 1-Click Answers - {7754C418-F62E-44aa-B169-E719E718BCFD} - C:\PROGRA~1\1-CLIC~1\IEToolbar\AnswersToolbarU.dll (file missing)O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll (file missing)O4 - HKLM\..\Run: [ezShieldProtector for Px] If the above link is broken, try this link. I've got the annoying Collected 11.B trojan.

Using My Computer/Windows Explorer, navigate to where you have HJT saved.Right-click on the hijackthis.exe file. When I try to delete the virus its say access denied and requested action is not available for this object. Note: It is possible that VundoFix encountered a file it could not remove.

  • My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.
  • Are you looking for the solution to your computer problem?
  • Posts 14,022 Points 2335 Hi Your log's clean now I have used AVG anti-virus (free) for a long time now, and am very happy with it (otherwise I would have changed)
  • anyway take a look at the link in my signature ...
  • When I run AVG it returns the following changes: user32.dll shell32.dll ntoskml.exe hosts all are in the folder c:\windows\system32\ with the 'hosts' being in c:\windows\system32\drivers etc\hosts I have no idea what
  • The time now is 12:20 AM.
  • Theme designed by Audentio Design.

Including helpful at-a-glance quick reference boxes and tables, Exam Essentials summaries, review questions and answers, tutorial information and more, this resource is at once succinct and comprehensive. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O4 - HKLM\..\Run: If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. Damn frustrating.

I am also finding viruses call Adware.Virtumonde, Logger.VBStat.h, Troan.Agent.aoy, Downloader.PurityScan.ej, Trojan horse Generic5.CF, Trojan horse Collected.11.B. Instead they assert the liberal and the conservative are always andessentially intertwined, mutually constituted and mutually constituting. I guess it was because my computer started to run normally again and I was not getting anymore popups from AVG telling me that a threat was detected. Yes, my password is: Forgot your password?

Once in the Settings screen click on "Recommended actions" and then select "Quarantine". Attempting to delete C:\WINDOWS\system32\accdd.ini2C:\WINDOWS\system32\accdd.ini2 Has been deleted! Most of what it finds will be harmless or even required. Attempting to delete C:\WINDOWS\system32\ssttr.dllC:\WINDOWS\system32\ssttr.dll Could not be deleted.

Close Hijackthis. Can uou help me on this one? AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! Most of what it finds will be harmless or even required. 0 #3 August1o1 Posted 28 June 2007 - 11:17 PM August1o1 New Member Topic Starter Member 3 posts I didn't

By default it will install to C:\Program Files\Hijack This. http://gsdclb.org/trojan-horse/trojan-horse-crypt-hos-and-trojan-horse-backdoor-generic11-bbde.php Please I realy need to get rid of this virus along with the spyware and adware that it has allowed on my computer. 0 Advertisements #2 RiP Posted 24 June 2007 Doubleclick on the HJTsetup.exe icon on your desktop. I also notice that you seem to have moved it to another drive on your computer, and this will mean that it cannot create the backups it needs, incase something goes

Could not remove it with killbox or several other tools I tried, or via cmd line with safe boot. Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved Attempting to delete C:\WINDOWS\system32\ddeeg.ini2C:\WINDOWS\system32\ddeeg.ini2 Has been deleted! navigate here BroadbandR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exeO4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXEO4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /rO4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXEO4 -

Terms of Use Privacy Policy Licensing Advertise International Editions: US / UK India Register Help Remember Me? We apologize for the delay; our helpers have been very busy.If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the Back to top #11 miekiemoes miekiemoes Malware Expert Global Moderator 20,026 posts Posted 29 May 2007 - 05:13 PM Since this issue appears resolved ...

Attempting to delete C:\WINDOWS\system32\ssttr.dllC:\WINDOWS\system32\ssttr.dll Could not be deleted.Performing Repairs to the registry.Done!hi there rookie147, thx for taking the time to look at my problem.

AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time. Restart back into Windows normally now. this Topic has been closed. If you're not already familiar with forums, watch our Welcome Guide to get started.

Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content SWI Forums Members Forums Calendar ListLogs More SpywareInfo Powered by Volunteers. Attempting to delete C:\WINDOWS\system32\rttss.ini2C:\WINDOWS\system32\rttss.ini2 Has been deleted! his comment is here Click Exit on the Main menu to close the program.

There seems to be nothing much about these files on the net, other than ads for removal products from the guys who probably put it out there in the first place Back to top #4 miekiemoes miekiemoes Malware Expert Global Moderator 20,026 posts Posted 24 May 2007 - 09:12 AM Hello,* Download Combofix to your desktop.Doubleclick combofix.exeFollow the prompts.Don't click on the Jun 22, 2007 #1 CCT TS Evangelist Posts: 2,653 +6 I am just getting this started for momok: Read this FIRST: http://www.techspot.com/vb/topic65943.html Then, follow these steps if still interested: http://www.techspot.com/vb/topic58138.html I really really hate the guys who put these things out.

internet\DialBTYahoo.exe" [2004-10-16 09:29]"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 11:54]"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 20:05]"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NVIEW"="nview.dll,nViewLoadHook" []"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2004-10-13 14:45]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:56]"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]"EPSON Stylus Photo R300 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.exe" [2003-09-11 04:00]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Any advice would be welcome. #7 [email protected], Apr 16, 2007 [email protected] Expand Collapse New Member Likes Received: 0 And how do I get a name other than my email address! You may also... history.

This is the ideal resource for anyone looking to refresh their skills in this area, learn more about ethical hacking, or successfully pass the certification exam and become a Certified Ethical I'm now getting alerts about having Trojan Horse Collected.11.B, and i dont know how to get rid of it, someone please help. Found this thread and thought - sounds good. internet\DialBTYahoo.exe" /ReInstallAutoDialO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHookO4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe

No, create an account now. Several functions may not work. System32 files that keep returning, even after using MoveOnBoot are: gebxvtu.dll jkkjh.dll hjkkj.ini The last two are hidden. spybot (use the immunize feature & teatimer) Adaware ...

Please re-enable javascript to access full functionality. Please be patient.Once scanned, copy and paste the results in your next reply. Ask a question and give support. Join over 733,556 other people just like you!