Please see the "HOW TO..." instructions at the top of this forum for downloading HijackThis and posting on this forum.

After your log has been posted, someone will review it.

jsturge,

Your computer is infected and disconnect your computer from your network now! This one is going to take some time to remove and will involve several tools to get rid of this one.

You will most likely have to download and install the following software from another computer and use a USB stick to install these to the infected computer

Please download SmitfraudFix
Extract the files to the Desktop

~~~~
Start the computer in Safe Mode :

• When the machine first starts again, tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
• Select the option for Safe Mode using the arrow keys.
• Press Enter to boot into Safe Mode.

Open SmitfraudFix

• Double-click smitfraudfix.cmd
• Select Option 2 - Clean by typing 2 and press Enter (Deletes infected files)
• You are prompted: Do you want to clean the registry? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.

The tool also checks if a relevant file, wininet.dll, is infected.
You may be prompted to replace the infected file (if found).
Replace infected file? Answer Y (yes) and hit Enter to restore a clean file.

~~~~
Restart the computer to complete the removal process.

Next:

Download and install Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam.php

Run this program and let it do it's cleanup

Next:

Download and install: CCleaner: http://www.filehippo.com/download_ccleaner/

Run this program and let it do it's cleanup

Next:

Download and install: SpyBot S&D: http://www.safer-networking.org/en/download/index.html

Run this program and let it do it's cleanup.

I would now recommend uninstalling your Corporate Symantic Anti Virus Pro and downloading and installing:

AVG Free 8.0 Antivirus: http://free.avg.com/download?prd=afe

After installing and updating do a complete system scan.

After this is all done - Install and Run: hijackthis: http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

Then post the results to the hijack this fourm to check for any other infections.

Good Luck

Although we appreciate his trying to help, please be aware that ai5u is not listed as a graduate of the malware removal schools that we contacted. It is understood by the trained analysts that once a helper replies to a log, he continues working with you until the issue is resolved.

jsturge, you have some choices:

1. You can, at risk, continue working with the person who has taken ownership of this thread.

2. You can repost your log at the top of the forum as a New Message, and wait for a trained analyst to reply.
A list is here: http://en.community.dell.com/forums/t/19241959.aspx

thanks,

I will  this and let you all know how it comes out.

will I be able to  a  system restore point after I get it cleaned up.?  It did not let me do it after my first attempt to clean it up.

per A15U

says to install Malwarebytes Anti Malware.   I did that without doing all the prelims and it did appear to identify and I was able to delete a lot of entries etc.   The system worked good for a while and then it went back to what it was doing before.  I tried rerunning and it would not run,  even in safe mode.   If I start over,  will it allow the system to run it?

I also have spybot but the system will not let in run.   will the prelim steps allow it to run then?

You suggest removing "Corporate Symantic Anti Virus Pro "  .  I log into my work place and that is what they require for entry into their system. 

Bugbatter,  you suggest listing my log;  which log are you referring to?   You also suggest Spyhammer;  is that another spyware program to be downloaded "free"? 

anyway,  wow,  it sounds like I have been "highjacked".   If I get all this cleaned up,  how can I prevent this from happening again?

thanks everyone for you input.

Please see the "HOW TO..." instructions at the top of this forum for downloading HijackThis and posting on this forum.

After your log has been posted, someone will review it.

That would be your HijackThis log.

It appears that by following the instructions posted by A15U, you have decided to continue working with him.

As you can see, it is confusing to be working with more than one helper, and it may even damage your system if the tools you are asked to run by two different helpers cause conflicts.  It is in your best interest that you decide which one of us you would like to work with.

If you would like to work with me, please post a HijackThis log and the Malwarebytes' Anti-Malware log together in one NEW Topic.

To continue with A15U, please post your reply below and he will advise you on what to do next.

The instructions for posting on this forum will have you download v. 2.02, the most updated version. Please follow the instructions so you download the correct installer version.

there seems to be muliple versions of Hijack This 1.99 or 2.02 from multiple places.  is one better than the other?

Do you still need help with this?  If so, please post your HijackThis log.