Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.win32.startpage.adh


  • Please log in to reply
1 reply to this topic

#1 driven

driven

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:43 AM

Posted 05 January 2006 - 09:26 PM

Hi there, here is my post with everything reports after following MFDnSC's instruction to blackproton to the letter. I hate this virus/worm/trojan whatever it is. Thks for being here.

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 7:15:40 PM, 1/5/2006
+ Report-Checksum: 419F39E5

+ Scan result:

C:\WINDOWS\system32\nvcctrl.exe -> Downloader.Zlob.dr : Cleaned with backup
C:\Documents and Settings\Chris\Cookies\chris@overture[2].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Kris McMillen\Cookies\kris mcmillen@e-2dj6wjkognajklp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kris McMillen\Cookies\kris mcmillen@e-2dj6wjkysodzgcq.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kris McMillen\Cookies\kris mcmillen@e-2dj6wjmikgajoap.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kris McMillen\Cookies\kris mcmillen@e-2dj6wjnyeidjago.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kris McMillen\Cookies\kris mcmillen@e-2dj6wjnygodzigo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
D:\New Folder\Elisha.NETVISTA\Cookies\elisha@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
D:\New Folder\Elisha.NETVISTA\Cookies\elisha@adopt.euroclick[1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
D:\New Folder\Elisha.NETVISTA\Cookies\elisha@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
D:\New Folder\Elisha.NETVISTA\Cookies\elisha@www.burstbeacon[1].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup


::Report End


Incident Status Location

Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Chris\Cookies\chris@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Chris\Cookies\chris@dist.belnk[2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Chris\Desktop\smitRem.exe[Process.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Chris\Desktop\smitRem\Process.exe
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Chris\Cookies\chris@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Chris\Cookies\chris@dist.belnk[2].txt
Spyware:Cookie/Hbmediapro Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@adopt.hbmediapro[1].txt
Spyware:Cookie/Ask Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@ask[1].txt
Spyware:Cookie/Belnk Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@ath.belnk[1].txt
Spyware:Cookie/Banner Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@banner[2].txt
Spyware:Cookie/Belnk Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@belnk[1].txt
Spyware:Cookie/did-it Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@did-it[2].txt
Spyware:Cookie/Belnk Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@dist.belnk[1].txt
Spyware:Cookie/go Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@go[1].txt
Spyware:Cookie/Screensavers Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@i.screensavers[2].txt
Spyware:Cookie/Searchportal Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@searchportal.information[1].txt
Spyware:Cookie/Toplist Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@toplist[1].txt
Spyware:Cookie/Xiti Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@xiti[1].txt
Spyware:Cookie/Yadro Not disinfected D:\New Folder\Elisha.NETVISTA\Cookies\elisha@yadro[1].txt

I also have manually removed all of these

BC AdBot (Login to Remove)

 


#2 John L

John L

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:10:43 AM

Posted 14 January 2006 - 09:10 PM

Hello Driven and welcome to Bleeping Computer :thumbsup:

Since I really need to see a hijack log to help with this, can you please provide me with one and I will see what i can do for you. :flowers:
Please be patient

Please do not private message me, they will be ignored. If you have a question post it on the board.

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users