trojan.startpage.m again....

Discussion in 'Malware Help (A Specialist Will Reply)' started by elzardo217, Jan 22, 2006.

  1. elzardo217

    elzardo217 Private E-2

    I had posted a thread about two weeks ago about this same virus and it seemed that it was resolved...the virus was not reported by my Norton Antivirus. Several days later, it reared it's ugly head. So here we go again...

    I have a custom build computer running a Pentium 4 CPU 3.00GHz w 1 GB of RAM and about 500 GB of hard drive. I've got XP Pro version 2002, Service Pack 2.

    My problem is that my virus protection program, Norton AntiVirus, keeps catching what it calls Trojan.StartPage.M trying to hijack IE. It generally fires when I launch IE. When I switched to FireFox, the warnings lessened. Now that I've got the latest upgrade to Norton, it fires when Norton checks for upgrades. It also appears to fire if I leave my computer on and unattended for several hours.

    The last time I posted this problem, it appeared to be fixed. I could launch IE just fine. However, about two days later, it started up again.

    I've run through the malware read & run me first post from chaslang and got several reports of malware....the three logs are attached.
     

    Attached Files:

    elzardo217, Jan 22, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please run the steps in the below link but start at step 2 since you did the first part.

    about:Blank and HSA Hijacker - Simplified Removal

    Make sure you save and attach the about:Buster logs.

    Also you must not use msconfig to disable startups like you are doing. Read the detailed instructions in the link posted in step 7 of the READ & RUN ME.
     
    chaslang, Jan 22, 2006
    #2
  3. elzardo217

    elzardo217 Private E-2

    I've run the procedure you asked for.

    Attached is the log file for about:Buster...I ran it three times (the first was looking for the update...which I never found.)

    Another behavior that has just started is when I reboot, I get an error that se.dll cannot be found. I keyed in on that because that dll is mention in Norton's docs on Trojan.StartPage.M. I also noticed a line in the HijackThis log,
    O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\se.dll,DllInstall

    I have not done anything with it....just pointing it out.

    Waiting for your reply.
     

    Attached Files:

    elzardo217, Jan 22, 2006
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That is part of what we were fixing with About:Buster. Now just finish the fix by running HJT and selecting that O4 line and the click Fix checked.

    Let me know how things are running now after another reboot.
     
    chaslang, Jan 22, 2006
    #4
  5. elzardo217

    elzardo217 Private E-2

    I'm cautiously optomistic...
    I launched IE with no notice from Norton,
    I ran Norton's LiveUpdate...and again no virus notice.

    The only remaining tests are to check again tomorrow and the next day and to let my computer run unattended for several hours.

    I'll let you know on Wed how things are going.

    Thanks very much for your assistance and for this web site...It's a great resource and so far, I've referred three other people to it...for both help in dealing with viruses and as a general information rescource.
     
    elzardo217, Jan 22, 2006
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome and thanks for the referrals.

    If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

    After that, you should work thru the below link:

    How to Protect yourself from malware!
     
    chaslang, Jan 22, 2006
    #6
  7. elzardo217

    elzardo217 Private E-2

    I've run all of my checks and the trojan seems to be gone!!!

    Thanks again.
     
    elzardo217, Jan 24, 2006
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, Jan 25, 2006
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds