Ok guys, I know how good you all are but I have one of the biggest bitch trojans I have ever had. I have spybot, adaware, cwShredder and Symantic antivirus based on searches here I tried. I cant get rid of this Trojan.startpage. I am still very hesitant to mess with my registry but I did a hijackthis log, can anyone help me decipher it? Please ask me to post it and I will. I see about 4 lines in the with references to about.blank but not sure to do anything without getting a second opinion...please help guys. Dave

Well I got a followup for you, I found this page: http://hijackthis.de/index.php It is amazing and I loved it, I followed what it said and I think I am back in the clear baby. Trojan.StartPage can suck it! Thanks aeveryone for the posts so I could find that lil jewel site

Hi, Out of interest this may have helped... http://securityresponse.symantec.com/avcenter/venc/data/trojan.startpage.html daisymay

First search Google for a little program called LSPFIX. When you attempt to get shot of about:blank you risk losing your internet connection. LSPFIX will get you back online again if this happens. Next download and run this: ABOUT:BUSTER In order to run About:Buster this you will need to have the following file and register it (unless you already have it on board): MSCOMCTL.OCX INFO & DOWNLOAD If you look where it says "alternatively" you will see that the file registering procedure is very simple. This will save a 5.66M program download. No promises but the above looks like your best bet. Avoid advertised removers generally, they are often riddled with spyware. Derek.W

Thx for feedback (arrived while typing mine). Worth knowing, sounds simpler and nice to know it worked. Derek.W

As an afterthought, I see this seems to have been cured within about half an hour - very fast. This nasty can hide itself and come back again. If it does, try my #3. It would be very useful to us if you keep us posted and let us know if your fix lasted. Thanks Derek.W

OH thansk fellas and your so right Derek, I didnt get it with that. I found the perfect fix and I got it off the net and this guy nailed it. it worked perfectly but you have to go into Safe mode and do it exactly as he says. Here it is: Go here and download Adaware SE. Install the program then in the main window look in the bottom right corner and click on Check for updates now then click Connect and download the latest reference files. but don't run it. Also click here to download CWSinstall.exe. CWSinstall.exe file and it will install CWShredder, but don't run it yet either. Set your folder options to show hidden files like so: Go to Start > Search and under "More advanced search options". Make sure there is a check by "Search System Folders" and "Search hidden files and folders" and "Search system subfolders" Next click on My Computer. Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and "Hide extensions for known file types" . Now click "Apply to all folders" Click "Apply" then "OK" Now copy these instructions to notepad and save them to a convenient location like your desktop. You will need them to refer to in safe mode. Restart into Safe mode. How to start your computer in safe mode Do all of the following in safe mode: Run Hijack This and put a check by all of the following entries then click the "Fix Checked" button. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\OWNERY~1.002\LOCALS~1\Temp\sp.dll/sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\OWNERY~1.002\LOCALS~1\Temp\sp.dll/sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank O2 - BHO: (no name) - {D90307F0-2074-4EC3-B86A-E9C5D9010546} - C:\WINDOWS\System32\odml.dll O18 - Filter: text/html - {72AA6E26-38B0-4C14-A3BF-F5ECA502189A} - C:\WINDOWS\System32\odml.dll O18 - Filter: text/plain - {72AA6E26-38B0-4C14-A3BF-F5ECA502189A} - C:\WINDOWS\System32\odml.dll Find and delete this file: C:\WINDOWS\System32\odml.dll Also in safe mode navigate to the C:\WINNT\Temp folder. Open the Temp folder and go to Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder. Go to Start > Run and type %temp% in the Run box. The Temp folder will open. Click Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder. Finally go to Control Panel > Internet Options. On the General tab under "Temporary Internet Files" Click "Delete Files". Put a check by "Delete Offline Content" and click OK. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply then OK. Empty the Recycle Bin Run CWShredder Click on the cwshredder.exe then click "Fix" (Not "Scan only") and let it do it's thing. Next run Adaware according to these insrructions: From main window :Click Start then under Select a scan Mode tick Perform full system scan. Next deselect Search for negligible risk entries. Now to scan just click the Next button. When the scan is finished mark everything for removal and get rid of it.(Right-click the window and choose select all from the drop down menu and click Next) Restart your computer.