W2000 Pro, SP4: Running ZA (free), Etrust EZ anti-virus and occasional AVG anti-virus too.

Don't know where it came from, but I CANNOT get rid of W32.Startpage.KG. It keeps on putting up an extra search bar, giving me all sorts of 'pop-ups' (at my age! :D ), highlighting all its associated search links and when I go through the registry and remove its little presents, the darned thing is trapped again 10 minutes later by my AV programme. The 'files' in which the AV says it lies do not appear to exist either??:confused:

Would appreciate some help here please.

BOAC,

Check your Folder Options. Make sure it says to Show Hidden Files and Folders and Show Protected Operating System Files.

Then I would try:

Trend Micro's HouseCall (http://housecall.trendmicro.com/)

and

Lavasoft's Ad-Aware SE Personal Edition 1.05 (http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10319876.html?tag=lst-0-2)

Just to see if they cannot help.

You could also post the HJT! log file for us to take a look at.

Take Care,

Richard

Thanks as always, Richard:

1) I always have 'full' viewing of files set

2) Running HCall as I type - I guess if the files have been 'quarantined' they will not be found?

3) Neither Adaware nor Spybot have noticed it!

Etrust quarantined two instances, one 'dsktrf[1].dll' and the other a temp file, 'WIN8F.tmp', both shown as being in 'Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\7Z0ECZR9\' but not there '(quarantined'?) and one instance of 'infected' file 'WIN8F.tmp' in 'Documents and Settings\Administrator\Local Settings\Temp\' but also not there!

PS Should have beenn Startpage.KG - I have corrected the previous post.

HJT next! I'll run it and see if I can decode the problems before I pass it up to you/Eliam.

HC - nil found.

Edited to say: a search for 'dsktrf.dll' showed that others were having trouble with this file, and working through this link (http://www.techspot.com/vb/topic17297.html) seems to have cleared it. One thing I did not know was that running Adaware in SAFE mode pulled out loads of problems whereas in normal it found nothing.

BOAC,

It sounds like you have things well under control. Now if you are able to work HJT! then we need to add you to the list of people solving the issues on HJT! Logs for others in this forum. ;)

Let us know if the problem comes back.

Take Care,

Richard

then we need to add you to the list of people solving the issues on HJT! Logs for others in this forum - I say - steady on! I DID manage to work thorugh my HJT log but only with the help of that link I put up!

OOI, the 'search' problem was 'Begin2Search' and it did prove persistent. In the middle of 2 days simulator so will run HJT gain soon. So far B2S has stayed away!

BOAC,

Lets hope it stays away. :ok:

Take Care,

Richard

HJT showed 'popupsearches.com' still remaining but that died a nasty death:D
Fingers crossed!