start.chm / MSITStore (MasterSearch)
A new type of CWS variant that uses an exploit to reset a user's homepage.
More info HERE
Responsible entries in a HijackThis log :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = mk:@MSITStore:C:\WINDOWS\start.chm::/start.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mk:@MSITStore:C:\WINDOWS\start.chm::/start.html
A workaround for this exploit is provided HERE
There should be an official microsoft patch soon, please keep an eye for updated patches at windowsupdate.com
NOTE* : There is offered a removal tool (remove.exe) on their site which seems legit and does work, however it is believed it creates a GUID (Global Unique IDentifier) which can always 'distinguish' a user, meaning : they can track you down and follow your actions on the net, kinda like WMP.