Re: Security Toolbar 7.1

John,

Suggest you go to castlecops forums and post your specific issue as yours
may be be different to mine.

I used used them to resolve issue and they were extremely helpful. I used
following utilitity programs - VonduFix.exe, VirtumondeBegone.exe,
SmitfraidFix.exe and ComboFix.exe. Also downloaded and posted reports from
HijackThis.exe

"John" wrote:

Barrowhill,

You are so lucky to get rid of them for your neighbour. I have exactly
messages shown at my XP Sp2 laptop. I tried using norton, microsoft
defender, adware, spybot and smithfraudfix without any luck.

Can anyone please help me to remove them? Which program helps you to remove
them?

Thanks.

"barrowhill" wrote:

cgberry,

Many thanks for your reply and information provided. I'm waiting for knock
on door from neighbour saying problem has returned. Your info will be most
helpful if it has.

"cbgerry" wrote:

On Nov 13, 5:37 am, barrowhill <barrowh...@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
Neighbour can't remove this toolbar. Is their any freeware utuilties he can
use to get rid of it. ???

CastleCops - CLSID / BHO List / Toolbar Master List
http://castlecops.com/bhonew.html
(Identify Malware Toolbars) This is the Master BHO and Toolbar list
copyrighted by Tony Klein and CastleCops.

Good place (bookmark above) to help identify by name sometimes or even
a registry item like {123-456-78-9-000} for example as kind of
'reverse look up'.
Sometimes you find a name or file or registry item for these. The BHO
stands for Browser Help Object and the Active X item is located in the
Windows Registry.

HOWEVER in this case it is not a simple malware toolbar that was
installed but a full blown toolbar malware installation.... You may
want to check the following information for a full clean
uninstall....

How? For files you can use Start > Search and type in at Files search
and click C Local Disk (painstakingly long one by one)

Or Visual check > open Windows Explorer... Right Click > Start >
Explore > My Computer > C Local Disk .... and visually look in the
location areas (much faster)...

Also to get to Windows Registry .... Start > Run > type in regedit >
Ok... and of course do not delete anything unless you are comfortable
with CA makers of Pest Patrol and that you have indeed located and
identified the items below that are safe for deletion as an unwanted
installation and read this to become familiar with thios procedure:
http://www.bluecollarpc.net/registry.html ... that webpage should help
a great deal to understand this as a "Manual Removal" that is also the
same procedure for uninstalling valid software 'by hand'.

FULL INFO http://ca.com/us/securityadvisor/pest/pest.aspx?id=453119555

Security Toolbar 7.1 - CASecurity Toolbar 7.1. Date Published:
Thursday, October 25, 2007. Threat Assessment. Overall Risk: Low.
Privacy: Low. Productivity: Low. System Integrity: ...
http://ca.com/us/securityadvisor/pest/pest.aspx?id=453119555

Date Published:
Thursday, October 25, 2007
Category: Toolbar

Also known as: Win32/Boarim.AK [CA AV], AdWare.Win32.Agent.nt
[Kaspersky], Downloader.MisleadApp [Symantec], Puper [McAfee],
TrojanDownloader:Win32/Zlob.gen!Z [MS OneCare], Troj/Zlobie-Gen
[Sophos]

See Also
Security Toolbar · Boarim ·

Category
Downloader: A program that downloads and may execute or install
software without user permission.

Toolbar: A group of buttons which perform common tasks. A toolbar for
Internet Explorer is nomally located below the menu bar at the top of
the form. Toolbars may be created by Browser Helper Objects.

Trojan: Any program with a hidden intent. Trojans are one of the
leading causes of breaking into machines. If you pull down a program
from a chat room, new group, or even from unsolicited e-mail, then the
program is likely trojaned with some subversive purpose. The word
Trojan can be used as a verb: To trojan a program is to add subversive
functionality to an existing program. For example, a trojaned login
program might be programmed to accept a certain password for any
user's account that the hacker can use to log back into the system at
any time. Rootkits often contain a suite of such trojaned programs.

Detections:
true

Executable Files:
true

DLL Files:
ictmdl.dll

Registry Items:
HKEY_CLASSES_ROOT\clsid\{23ed2206-856d-461a-bbcf-1c2466ac5ae3}
HKEY_CLASSES_ROOT\clsid\{23ed2206-856d-461a-
bbcf-1c2466ac5ae3}\implemented categories
HKEY_CLASSES_ROOT\clsid\{23ed2206-856d-461a-
bbcf-1c2466ac5ae3}\implemented categories\{00021493-0000-0000-
c000-000000000046}
HKEY_CLASSES_ROOT\clsid\{23ed2206-856d-461a-
bbcf-1c2466ac5ae3}\inprocserver32
HKEY_CLASSES_ROOT\clsid\{23ed2206-856d-461a-
bbcf-1c2466ac5ae3}\inprocserver32 threadingmodel
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar
\webbrowser {23ed2206-856d-461a-bbcf-1c2466ac5ae3}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
{23ed2206-856d-461a-bbcf-1c2466ac5ae3}

Files:
ictmdl.dll
ictmdl.dll

Copyright (c) 2007 CA

FULL INFO http://ca.com/us/securityadvisor/pest/pest.aspx?id=453119555

.

Quantcast