Attention: We will be transitioning to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access.

We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names

Published Nov 30, 2004 | Updated Sep 15, 2017

Learn about other threats

Trojan:Win32/Startpage.TD

Detected by Microsoft Defender Antivirus

Aliases: No associated aliases

Summary

Trojan:Win32/Startpage.TD is a destructive Trojan that redirects Internet Explorer search-related pages to a fixed Web site. It also adds URLs to the Internet Explorer Favorites list and opens Web pages from another fixed Web site.

Win32/StartPage.TD does not install itself into any Windows autorun registry keys or files. You can manually remove some entries and files from your computer that are related to Win32/StartPage.TD, but it is not possible to completely remove this Trojan manually. Therefore, you must use a malicious software removal tool to completely clean this Trojan from your computer.

After you use a malicious software removal tool to remove Win32/StartPage.TD, do not reconnect your computer to the Internet until the computer is protected from re-infection. See the "Preventing Infection" section for more information.

Trojan:Win32/Startpage.TD

Summary

What to do now

Technical information

Threat behavior

Prevention

Symptoms