Troj/StartPa-BF is a Trojan which creates new registry entries and changes existing entries related to Microsoft Internet Explorer. The changes made to the registry modify the behaviour of the browser. The most visible change will be the new default start page and search page of the browser which are changed to http://4-counter.com.
When first run Troj/StartPa-BF copies itself to the Windows System32 folder as WINPROC32.EXE and sets the following registry entry to ensure it is run at system logon:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
Windows Internet Protocol = C:\<Windows System32>\winproc32.exe
The Trojan may add a list of URLs containing adult content to the favourites folder and create the file FAVICO.DAT in the Windows System32 folder. This file is not malicious and can simply be deleted.