Home > Trojan Horse > Trojan Horse Collected 11.B : (

Trojan Horse Collected 11.B : (

Most of what it finds will be harmless or even required. 0 #3 August1o1 Posted 28 June 2007 - 11:17 PM August1o1 New Member Topic Starter Member 3 posts I didn't Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: 1-Click Answers - {7754C418-F62E-44aa-B169-E719E718BCFD} - C:\PROGRA~1\1-CLIC~1\IEToolbar\AnswersToolbarU.dll (file missing)O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll (file missing)O4 - HKLM\..\Run: [ezShieldProtector for Px] Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-03-27 15:22][HKEY_USERS\.default\software\microsoft\windows\currentversion\run]"Symantec NetDriver Warning"=C:\PROGRA~1\SYMNET~1\SNDWarn.exe"AVG7_Run"=C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]@=[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]C:\Program Files\AlienGUIse\fastload.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"appinit_dlls"=wbsys.dll[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnkbackup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Avast picked up a couple of things that AVG did not. this contact form

Please click here if you are not redirected within a few seconds. Alerts Alert Preferences Show All... Attempting to delete C:\WINDOWS\system32\rttss.ini2C:\WINDOWS\system32\rttss.ini2 Has been deleted! Create Account How it Works Javascript Disabled Detected You currently have javascript disabled.

AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! Attempting to delete C:\WINDOWS\system32\nnnmp.tmpC:\WINDOWS\system32\nnnmp.tmp Has been deleted! Everyone else please begin a New Topic.

Stay logged in Sign up now! trojan horse collected 11b blogged norse Blekko film Mark Mathis introduced Harry Potter fanatic and an all around dork. Move Hijackthis.exe into that folder. * Then rename HijackThis.exe to Scanner.exe * Run Scanner.exe * Click on the Do a system scan and save a log file -button. Place a check against each of the following:R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u* Click on Fix

I've run AVG, McAffee, and Ad-Aware, and all 3 programs have found and quarantined the file, but I am unable to remove it. Back to top Back to Resolved or inactive Malware Removal 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear SpywareInfo Forum → Glad we could help. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy Trojan horse

Also read the Forum FAQ here - miekiemoes Edited by miekiemoes, 06 May 2007 - 02:40 PM. Click here to see you problems about Trojan horse collected 11b removing a trojan horse trojan condoms trojan helmet virus trojan remove trojan virus removal Trojan horse collected 11b on July Click here to join today! Register now to gain access to all of our features, it's FREE and only takes one minute.

  • Even though the Vundofix scanner we ran earlier removed some examples of Vundo, I've got a feeling there is some more still left on your PC that need targeting.
  • Trojan Horse Collected 11.b Started by dasop , Apr 26 2007 12:30 PM This topic is locked 13 replies to this topic #1 dasop dasop Members 7 posts OFFLINE Local
  • Attempting to delete C:\WINDOWS\system32\ddeeg.tmpC:\WINDOWS\system32\ddeeg.tmp Has been deleted!
  • Trojan Horse Collected 11.b - duplicate deleted Started by half_pint, May 06 2007 02:16 PM Please log in to reply 1 reply to this topic #1 half_pint half_pint Member Full Member
  • scanning hidden files ...scan completed successfullyhidden files: 0********************************************************************Completion time: 2007-05-24 19:29:56 - machine was rebootedC:\ComboFix-quarantined-files.txt ... 2007-05-24 19:29 --- E O F ---I have also done a new Hijack This log,
  • Trojan Horse Collected.11.B Discussion in 'Virus & Other Malware Removal' started by MoleyT, Apr 30, 2007.
  • It will scan and the log should open in notepad.Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.Come back here
  • My computer is slow!---My Blog---Follow me on Twitter.
  • Some malware, specifically the Vundo infection that you have, targets any file named hijackthis.exe so that it won't be seen in your log, and therefore we won't be able to remove
  • Pool 2 - http://download.game...ts/y/potf_x.cabO16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dllO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}

And you have to purge some registry entries, and I cleared out all Temporary Internet Files, including the illusive content.ie5 directories for all users on my machine. I also notice that you seem to have moved it to another drive on your computer, and this will mean that it cannot create the backups it needs, incase something goes you get the idea. All rights reserved.

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum. http://gsdclb.org/trojan-horse/trojan-horse-crypt-hos-and-trojan-horse-backdoor-generic11-bbde.php cheers Steve #3 sussexsteve, Apr 13, 2007 tkrabec Expand Collapse New Member Likes Received: 3 Location: Indiantown Disable system restore right click on my computer Choose properties then the system Back to top #4 miekiemoes miekiemoes Malware Expert Global Moderator 20,026 posts Posted 24 May 2007 - 09:12 AM Hello,* Download Combofix to your desktop.Doubleclick combofix.exeFollow the prompts.Don't click on the Attempting to delete C:\WINDOWS\system32\nnnmp.iniC:\WINDOWS\system32\nnnmp.ini Has been deleted!

Write on mine e-mail or call. Delete the version you already have and downlaod it again from here: http://download.bleepingcomputer.com/Merijn/HijackThis.zipExtract it, then try renaming the file again.Just incase you're wondering why renaming this file is so important, I'll Sign In Use Facebook Use Twitter Use Windows Live Register now! navigate here Please re-enable javascript to access full functionality.

Username or email: I've forgotten my password Forum Password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Community Forum Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne Trojan Horse Collected.11.B & Generic 4 Benutzername Angemeldet bleiben? Please I realy need to get rid of this virus along with the spyware and adware that it has allowed on my computer. 0 Advertisements #2 RiP Posted 24 June 2007

Thanks Les #8 [email protected], Apr 16, 2007 sussexsteve Expand Collapse New Member Likes Received: 0 Hi Again Tim Still not shifted the problem Hosts file contains the following: hosts.backup hosts

AVG identifies the trojan horse Collected 11.b but when I attempt to remove it after a full system scan it pops back again under a different user's name - we have And from the unwanted ads that pop up, it looks like it is the developers of some of the malware removal products. No, create an account now. My name is Charles and I will be dealing with your log today.

Back to top #10 rookie147 rookie147 Members 5,321 posts OFFLINE Local time:06:08 AM Posted 13 May 2007 - 01:51 PM Re-opened by request. All rights reserved. Useful Searches Recent Posts Technibble Forums Forums > Technical Discussions > Security, Viruses and Trojans > How do I remove Trojan horse collected 11.b Discussion in 'Security, Viruses and Trojans' started his comment is here There is, however, one limitation behind this targeting: any O2 or O20 entry will not show up, not just the malware ones, so this is normally a tell-tale sign that Vundo

Powered by vBulletin Version 4.2.0 Copyright © 2017 vBulletin Solutions, Inc. Short URL to this thread: https://techguy.org/568355 Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account? Pool 2 - http://download.game...ts/y/potf_x.cabO16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dllO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} Stay logged in Technibble Forums Forums > Technical Discussions > Security, Viruses and Trojans > Home Contact Us Help Terms and Rules Privacy Policy Top Forum software by XenForo™ ©2010-2015 XenForo

Several functions may not work.