Author Topic: avast could not detect Trojan.Win32.StartPage.biq, detected by kav. help  (Read 4767 times)

0 Members and 1 Guest are viewing this topic.

yulawton

  • Guest
i need solution t this problem

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37697
  • F-Secure user
Check your computer for Malware with

Malwarebytes Antimalware http://filehippo.com/download_malwarebytes_anti_malware/
after install click UPDATE and run quick scan, click on REMOVE SELECTED to quarantine anything found

SUPERAntiSpyware http://filehippo.com/download_superantispyware/
Are cookies really spyware and are they dangerous?
http://www.superantispyware.com/supportfaqdisplay.html?faq=26

If anything is found come back and post the scan logs here

insane pogo

  • Guest
        Also Try A-squared Free 4.5
http://www.emsisoft.com/en/software/free/

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89623
  • No support PMs thanks
Careful if you use a-squared as it still appears to have a high number of false positives.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free  24.8.6127 (build 24.8.9372.862) UI 1.0.814/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67185
Careful if you use a-squared as it still appears to have a high number of false positives.
+10
The best things in life are free.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34034
  • malware fighter
Hi yulawton,
 
Her is a description of this malware:
http://www.threatexpert.com/report.aspx?uid=297f2340-0e38-4f53-9894-ee8fb568eb9b

As what file was it found, can you send a copy to avast.
How to remove?
 1. Temporarily Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Reboot computer in SafeMode

4. Run a full system scan and clean/delete all infected files.

5. Delete/Modify any values added to the registry.
Navigate to and delete the following registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\

Run\chiCkie: "C:\WINDOWS\inf\chiCkie.exe"


HKEY_ALL_USERS\Software\Microsoft\Windows\CurrentVersion\Run\"I just want to say I love Milko and I need a drink" = "C:\Documents and Settings\Administrator\Local Settings\Application Data\svchost.exe"

Navigate to and restore the following registry entries to their previous values, if needed:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\"DisableSR" = "1"
HKEY_ALL_USERS\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoRun" = "1"
HKEY_ALL_USERS\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoFind" = "1"
HKEY_ALL_USERS\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoLogOff" = "1"
HKEY_ALL_USERS\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoSetFolders" = "1"
HKEY_ALL_USERS\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

\"NoFolderOptions" = "1"
 

6. Exit registry editor and restart the computer.
7. In order to make sure that threat is completely eliminated from your computer, carry out a full scan of your computer using AntiVirus and Antispyware Software,

polonus
 

« Last Edit: April 29, 2010, 11:29:01 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

yulawton

  • Guest
To Polonus i think your reply will work out, but i thank all of you a lot for your reply, i hav recan the Pc will kis..and its all gone. And besides the avast was already up to date before i scanned with it, still its still not fetch out the trj.