Content
StartPage-KG
- Type
- Trojan
- SubType
- StartPage
- Discovery Date
- 03/07/2008
- Length
- Varies
- Minimum DAT
- 5247 (03/07/2008)
- Updated DAT
- 5247 (03/07/2008)
- Minimum Engine
- 5.1.00
- Description Added
- 03/07/2008
- Description Modified
- 03/10/2008 12:00 AM (PT)
Tab Navigation
Characteristics
StartPage-KG will write itself to the following location:
- %WINDOWS%\rundll32.exe
The following registry entries are modified:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Driver: "%WINDOWS%\rundll32.exe"
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page: "http://www.[removed]articles.com"
(where %WINDOWS% is the Windows directory, e.g. C:\Windows)
Symptoms
- Presence of previous mentioned registry entries.
- Presence of previously mentioned file.
Method of Infection
N/A
Removal
AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.
Variants
Variants
N/A
All Information
Overview -
StartPage-KG will modify registry entries to change the start page of IE and run itself at startup.
Characteristics
Characteristics -
StartPage-KG will write itself to the following location:
- %WINDOWS%\rundll32.exe
The following registry entries are modified:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Driver: "%WINDOWS%\rundll32.exe"
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page: "http://www.[removed]articles.com"
(where %WINDOWS% is the Windows directory, e.g. C:\Windows)
Symptoms
Symptoms -
- Presence of previous mentioned registry entries.
- Presence of previously mentioned file.
Method of Infection
Method of Infection -
N/A
Removal -
Removal -
AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.
Additional Windows ME/XP removal considerations
Variants
Variants -
N/A
