Hi,
Found JMAP5289.exe in my start-up programs list. It resides in Program files/ULI5289, i.e., one of the things Windows tells you not to touch. Google gave few hits, but most were HighjackThis forums in German, where this mystery file was listed as malware. Another hit was Regfreeze (a security tool) which lists JMAP5289.exe as an EliteBar pest. However, my internet startpage is fine, for the moment. None of my scanners, AV, anti-spy, etc. call it up. But in a multi-AV scan online on the target file alone, while about 20 of the biggies passed on it, Fortinet identified it as either being or having W32/Startpage.DU-dr. That said, Fortinet is known to have a high false positives rate, and everything from AVG to Antivir found nothing. Does anyone know this file, or can you suggest steps? Could I have WinPatrol disable it, for example, or too risky? All suggestions are much appreciated.
Geona
