Trojan.StartPage.GEN --- how to block?

Discussion in 'other anti-malware software' started by blancheirving, Dec 10, 2005.

Thread Status:
Not open for further replies.
  1. blancheirving

    blancheirving Registered Member

    Joined:
    Dec 10, 2005
    Posts:
    3
    Location:
    San Francisco, CA
    From Googling around (without finding a solution) I see that I'm not the only one to have this happening in the past few weeks: scans via Spy Doctor's freeware version produces six entries described as high-risk attempts to change the IE homepage. Other freeware scanners don't come up with these. They are always these six:

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie##

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##0

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##1

    They are removable each time... annoying though! The net buzz seems to be saying these are harmless and actually caused by Spy Doctor and that no one's figured a way to have SpywareBlaster block them.

    Advice? Please be specific as you can... I'm no techie. Thanks.
     
  2. Atomas31

    Atomas31 Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    923
    Location:
    Montreal, Quebec
    That was a false positive from Spyware Doctor and like everybody else I had it :)

    The problem was resolved with the following updates. Have you updated Spyware Doctor recently? If so, you shouldn't have those false positives again!
     
  3. b-i

    b-i Guest

    Thanks for the info, and for realizing I meant **Spyware** Doctor...

    I update its malware database and whatever else they have that's new that week. I have it current at 3 December 2005.

    If you meant update the software itself, no, not lately unless it was part of the normal "Live Update." I've got the freeware, 3.1.0.312 - while the newer offering, 3.2.2, is available to registered users only. A popup ad says so when I use the program. Did I misinterpret?

    Interestingly, I have the nagging recollection the problem began one database update following the first time I'd ever seen that ad pop up. I could be wrong though.

    Not a big emergency, I guess, since you confirm the idea the intruders are phantom... appreciated.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.