This detection is for trojans written in Borland Delphi intended to modify the Internet Explorer search and start page settings.
When executed these trojans typically modify the Internet Explorer
Search and Start pages to specific URLs hardcoded in the trojan. For example, the following URLs have been used:
Commonly, several other porn links are added to the Internet Explorer Favorites list.
Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the current engine and the specified DATs (or higher). Older engines may not be able to remove all registry keys created by this threat.
the alias related StartPage-AU, W32.Bizten (NAV)
Distribution channels include IRC, peer-to-peer networks, newsgroup postings, email, etc.
Name: Generic StartPage
- Home Users: Low
- Corporate Users: Low
Date Discovered: 1/20/2004
Date Added: 1/22/2004
SubType: Settings Change
DAT Required: 4318
this is so we undestand what we are dealing with (a trojan virus)
so just use your antivirus
amd athlon xp 2400+
1 apacer 256mb unb pc2700 cl2.5
motherboard msi kt4av via kt400a chipset based
1 ??? 512 mb pc2700
1 agp 8x/4x (geforce 4 predator mx4408x)
2 year old 21 magnavox monitor
1 aquos sharp 15\"tv
Seagate 40gb hd
DC Output: 420Watts Total: +5V/0~42A, +12V/0~18A
+3.3V/0~26A, -5V/0~0.8A, -12V/0~1.0A, +5VSB/0~2.5A.