Trojan.StartPage.GEN --- how to block?

Discussion in 'other anti-malware software' started by blancheirving, Dec 10, 2005.

Thread Status:
Not open for further replies.
  1. blancheirving

    blancheirving Registered Member

    Joined:
    Dec 10, 2005
    Posts:
    3
    Location:
    San Francisco, CA
    From Googling around (without finding a solution) I see that I'm not the only one to have this happening in the past few weeks: scans via Spy Doctor's freeware version produces six entries described as high-risk attempts to change the IE homepage. Other freeware scanners don't come up with these. They are always these six:

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie##

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##0

    Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##1

    They are removable each time... annoying though! The net buzz seems to be saying these are harmless and actually caused by Spy Doctor and that no one's figured a way to have SpywareBlaster block them.

    Advice? Please be specific as you can... I'm no techie. Thanks.
     
  2. Atomas31

    Atomas31 Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    923
    Location:
    Montreal, Quebec
    That was a false positive from Spyware Doctor and like everybody else I had it :)

    The problem was resolved with the following updates. Have you updated Spyware Doctor recently? If so, you shouldn't have those false positives again!
     
  3. b-i

    b-i Guest

    Thanks for the info, and for realizing I meant **Spyware** Doctor...

    I update its malware database and whatever else they have that's new that week. I have it current at 3 December 2005.

    If you meant update the software itself, no, not lately unless it was part of the normal "Live Update." I've got the freeware, 3.1.0.312 - while the newer offering, 3.2.2, is available to registered users only. A popup ad says so when I use the program. Did I misinterpret?

    Interestingly, I have the nagging recollection the problem began one database update following the first time I'd ever seen that ad pop up. I could be wrong though.

    Not a big emergency, I guess, since you confirm the idea the intruders are phantom... appreciated.
     
Loading...
Thread Status:
Not open for further replies.