I got an e-mail this morning, claiming to be a link to an electronic postcard... Now normally I'd have spotted that it was a spoof e-mail a mile off but I had a headache and I was just rattling through everything. I clicked the link on the e-mail which said *http://www.freewebcards.com/pickup.phtml?id=2725793811fcc2d but the actual link was *http://freewebcardsA.org/uk/viewcard.html When I landed on the site, (which I did through proxies as something didn't smell right), my firewall emmedietely reported that the file SVCHOST.exe had been changed... UH-OH! :o So... thinking if it's a virus/worm/trojan then it is already on my system, so I returned to the website to do some investigating. I used view source and discovered that it was a script. If you'd already been to the spoof site it merely forwarded you to the real freewebcards.com site but if you hadn't it forwarded you to *http://freewebcardsA.org/uk/pickup.htm It turns out that it was in this page where svchost was changed. Now if I return to this page (pickup.htm) it seems to try and make changes to my system again and svchost crashes and displays the following error message... svchost.exe - Entry Point Not Found The procedure entry point Exith could not be located in the dynamic link library KERNEL32.dll. Is it a trojan? A virus? Are my credit card details safe? Is my music work safe? What do I DOOOOO? :(