Hi Guys, Has anybody heard of a virus called StartPage-CD, McAfee caught it last night when I extracted a dos game called "Super Mario 2 South Park" which was in my hotmail inbox sent to me by a friend. However McAfee couldn't delete or quarantine the virus (not sure if it is). It created some files in my Local Settings/Temp dir which couldn't be deleted either, until I tried safe mode (see screenshots below marked NEW). Click HERE for Screenshots I was wondering if anybody could confirm whether it is in fact a virus? Searched Symantec and McAfee databases, no results lol. ER4S3R. Thx in advance. ____________________________________________ ### Nobody believes the official spokesman, but everybody trusts an unidentified source ###

Also known as troj_bookmark.a (trend micro) Removes your IE favorites and replaces with a crappy list of url's. Changes IE homepage to http://webcoolsearch.com Look on nortons site for trojan bookmarker. Here's the url for trend micro's write-up: http://de.trendmicro-europe.com/enterprise/security_info/ve_detail.php?Vname=TROJ_BOOKMARK.A CWShredder might kill it too. _______________________________________ I never give up! Windows Update

try a online scan http://www.antivirus.com they have a free online antivirus scan

Thank-you blender! so that's what it was, fortunately I think McAfee prevented it from running, which is why my IE favourites are still left intact. :-D IMHO, those damn webcoolsearch peepz @ http://webcoolsearch.com/ need to be taught a lesson. They're getting away with murder, maybe somebody ought carry out dos attacks on their website (just an opinion :-P). Cheers blender! ER4S3R. ____________________________________________ ### Nobody believes the official spokesman, but everybody trusts an unidentified source ###

ER4S3R Likely mcafee did stop it...When you tried extracting the zip file you should have gotten zip errors (access denied) when mcafee stopped it. When you extracted the file...it would extract to a temp directory first before installing. Thing I find with mcafee is when downloading zip files mcafee does not see the virus until unzipped or manual scan is done on the file itself. It will find it when exracting tho. I'm quite sure you are not the only one wanting to trash CWS sites. They would be really hard to attack tho cus they have hundreds (mabye thousands) of affiliate sites doing the same crap, and new sites joining in every day! As soon as some are discovered..they are taken down and new ones put up. Persistant b***ards they are! Cheers! __________________________ I never give up! Windows Update

Yes I hope it didn't install any hidden stuff in the registry lol. I thought I'd do another scan with AVG in safe mode just in case, turned out to be clean. The workloads for most AV software are getting harder, as the viru$-writers get more advanced. Hopefully laws will become tighter and those low-lifes B@****s at CWS will get what's coming to them. Thx for the input ER4S3R. ____________________________________________ ### Nobody believes the official spokesman, but everybody trusts an unidentified source ###

Hello, I have this same problem. McAfee is flagging a file in local settings\temp\gate.exe\GATE.EXE, however this file does not exist. I tried CWShredder and it finds nothing. mcafee gives be the warning every day when it runs. Any ideas? Thanks! Andy K.