Author Topic: Win32:startpage-076 Trojan  (Read 2539 times)

0 Members and 1 Guest are viewing this topic.

Offline wallm

  • Newbie
  • *
  • Posts: 1
Win32:startpage-076 Trojan
« on: June 28, 2005, 12:07:45 AM »
I managed to pickup this Trojan and even though Avast Home picks it up and recognizes it, it can not remove it. The file which Avast picks up is es.dll and if you look for it you can not find it, supposedly placed in the "Drive :\Documents and Settings\username\Local Settings\Temp" directory. Try to rectify/remove this Trojan by clicking on either of "move", "cure" or "delete" the error message returned is that Avast can not find the module. Not sure what this is meant to refer to.
Can anyone make suggestions as to how to remove this Trojan or directions on what to try to remove it.
Much appreciated.

Offline justin1278

  • Advanced Poster
  • **
  • Posts: 1072
Re: Win32:startpage-076 Trojan
« Reply #1 on: June 29, 2005, 03:09:50 AM »
go to http://housecall.trendmicro.com/ and see if the online scanner finds anything if it does it should try to clean it or delete it. If you find nothing just to make sure go to symantec security check symantec won't remove the virus if it is found but it will tell you if you really are infected if it finds anything then e-mail avast support at support@avast.com and ask them how to delete it but if you can't figure out how to delete it try to qurantine it.
My PC's

Compaq Presario:
Windows Vista Ultimate SP1
AMD Athlon 3800+ 2.4 GHz
2 GB RAM

Sony Vaio:
Windows XP Professional SP3 [Tester]
Intel Pentium M 1.86 GHz
1.5 GB RAM

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Win32:startpage-076 Trojan
« Reply #2 on: June 29, 2005, 09:14:32 AM »
Hi Wallm,

Please get rid of all your temporary files as described here:

http://safecomputing.umn.edu/guides/tempdirectories.html

Then run a boot time scan with avast!

(In Win 98 boot into safe mode before scanning- hit F8 while booting.)

Right click the avast! globe and select Start avast! Antivirus.

avast! will do a memory scan: if it finds malware in memory, it will prompt you to do a boot time scan: accept this and reboot.

If avast! doesn't find anything in memory, schedule a boot time scan. (Click the button at the top left of the avast! silver console and select Schedule boot time scan from the drop-down menu.)

es.dll is legitimate:

http://www.liutilities.com/products/wintaskspro/dlllibrary/es/

But it shouldn't be hiding in temp folders. If avast! identifies it as a Trojan when it is found in any of the normal system folders, it may be a false alarm.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog