Hi Mike
You are indeed infected. You don't say which programs you have run, and
some need to be run in Safe Mode in order to fully remove the scumware from
your system. Your AV will not detect the kind of malware you have that is
causing this problem as it is programmed to detect viruses. Also, some
types of malware can hide in files that are being used by Windows, thus,
they can only be detected and removed in Safe Mode.
Try the following and see if it helps. Even if you have already run some
programs, run them again according to the instructions in the information
below to thoroughly clean you system.
Dealing with Unwanted Spyware and Parasites:
http://mvps.org/winhelp2002/unwanted.htm
What You Should Know About Spyware
http://www.microsoft.com/athome/security/spyware/devioussoftware.mspx
Be sure to run CWShredder here
http://www.majorgeeks.com/download3019.html
and AdAware and Spybot.
Download the newest version of HiJackThis here:
http://www.bleepingcomputer.com/files/hijackthis.php
and SpyBot Search & Destroy
http://www.majorgeeks.com/download2471.html
Also visit these two sites to test for parasites and help basic cleaning:
On-Line Check
http://aumha.org/a/noads.htm
and
Quick-Fix Protocol.
http://aumha.org/a/quickfix.php
Basically, throw everything here at your "infection".
And be sure to use the HijackThis. Please DO NOT post your log to this
newsgroup, but to the HiJackThis Support Forums below:
http://www.hijackthis.de/forum/forumdisplay.php?f=10&guestlanguageid=4
the Aumha HiJackThis Forum
http://forum.aumha.org/viewforum.php?f=30
or Bleeping Computer Forum
http://www.bleepingcomputer.com/forums/forum22.html
to allow the experts there to evaluate your log and advise you of any
necessary steps to clean your system.
(Note: You will have to Register before posting on these Forums. Please
follow all posting instructions carefully to avoid having your log deleted
or ignored.
Also this program searches for hidden .dlls that recreate the malware.
About Buster:
http://www.majorgeeks.com/download4289.html
CAUTION!!!!! Before you try to remove spyware using any of the programs
below, download a copy of LSPFIX from any of the following sites:
http://www.cexx.org/lspfix.htm
http://www.spychecker.com/program/winsockxpfix.html
(if your OS is Win2k or XP) The process of removing certain malware may kill
your internet connection. If this should occur, this program, LSPFIX, will
enable you to regain your connection.
You should also get a copy of WINSOCKXPFIX available at:
http://www.spychecker.com/program/winsockxpfix.html
and
WinsockXP Fix- WinXP
If these steps do not resolve your problem, or you need help with the above,
please post back to this thread with the details and any error messages.
Hope this helps
Jan
Smiles are meant to be shared,
that's why they're so contagious.
Replies are posted only to the newsgroup for the benefit or other readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm