Trojan:VBS/Startpage.N
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 80 % (High) |
| Infected Computers: | 4 |
| First Seen: | December 6, 2010 |
| OS(es) Affected: | Windows |
Trojan:VBS/Startpage.N is being classified by security experts as a malicious program that hijacks or edits Firefox start or homepage to that of a malicious or compromised URL/website.
Sounds like Trojan:VBS/Startpage.N may be driven by Visual Basic Scripting (VBS) and operating like a basic browser hijacker. A browser hijacker forcibly routes you to unwanted URLs, usually malicious websites promoting the sale of a rogue security program or, as in this case, a compromised site offering a hacker unearned web traffic and pay-per-click residuals.
After gaining deceptive entry, Trojan:VBS/Startpage.N runs its venomous script to:
- Disarm any programs or tools threatening its removal, such as anti-virus, system security programs or administrative tools like Task Manager.
- Modify the registry to loop Trojan:VBS/Startpage.N poisonous executable so Trojan:VBS/Startpage.N runs at every start or boot.
- Add its dishonest application to your 'approved programs listing' to bypass your firewall.
- Hijack your browser and point you to an arbitrary search engine, usually one that the cybercriminal has partnered with or has compromised. Some known destinations are:
- xxx.raafu.com
- xxx.kinoce.com
- xxx.7ground.com
- xxx.searchmp3.tv/bar
- xxx.searchmp3.tv
- xxx.gooofullsearch.com
xxx.kelltv.com
These websites may or may not be aware of the criminal intent of Trojan:VBS/Startpage.N, however, until they disassociate themselves, you should block them from your browser. Of course this is only after you have completely removed Trojan:VBS/Startpage.N, who may be using a rootkit to hide from you so you cannot remove it. A rootkit might as well be gum at the bottom of your shoe; Trojan:VBS/Startpage.N intends to stick to you like glue and may be hard to remove. The technical explanation of a rootkit is is "a programming tool that helps bury or camouflage files and data in a system's kernel."
If you are not skilled in editing your registry, system or .dll directory files, you should avoid manually looking for Trojan:VBS/Startpage.N, because this is where most likely Trojan:VBS/Startpage.N has scattered and buried Trojan:VBS/Startpage.N's files. Deleting the wrong file could corrupt your hard drive and keep your OS from booting. Unfortunately, not every anti-virus or anti-spyware program is capable of searching this deep and thus, often give victims a false sense of security by reporting 'no infections' when, in fact, malware is embedded and ever present on their PCs.
Table of Contents
Why is Trojan:VBS/Startpage.N Redirecting Traffic to these Specific Websites or Other Search Engines?
Cybercriminals will exploit any tactic they can to reap unearned profits. Cybercriminals start up malicious domains and use black-hat SEO tricks to get their infectious URLs listed on Google search results pages. In the case of Trojan:VBS/Startpage.N, victims are forcibly taken to a compromised or malicious search engine, offering some cybercrook an opportunity to earn undue per-pay-click residuals. SO DON'T CLICK!
Equally dangerous is the kind of company Trojan:VBS/Startpage.N keeps. In addition to a nasty rootkit, Trojan:VBS/Startpage.N may have carried inside or will download more malicious programs.
So How Do You Remove Trojan:VBS/Startpage.N?
Trojan:VBS/Startpage.N is a terror, a nuisance that is fighting not to be removed. You or your anti-virus tool may not be able to find or remove Trojan:VBS/Startpage.N, but there exist stealth anti-malware tools containing an anti-rootkit that can find and safely remove Tr Trojan:VBS/Startpage.N.
In the interim, disconnect your Internet to stop any sends of data to a remote server and find a clean PC to alter your logins and security credentials.
Aliases
7 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| Ikarus | Trojan.VBS.StartPage |
| Microsoft | Trojan:VBS/Startpage.N |
| DrWeb | Trojan.StartPage.30037 |
| eSafe | Win32.TrojanVBSStart |
| Symantec | Trojan.ADH |
| NOD32 | VBS/StartPage.NCM.Gen |
| K7AntiVirus | Riskware |
SpyHunter Detects & Remove Trojan:VBS/Startpage.N
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | install_install_flash_player.exe | 391e5141988e99bcf307e848f4eeca79 | 4 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.