I'm asking for help from those of you with better knowledge of computers than me (Which is almost everyone).

A few days ago I noticed that I could not get online using Firefox. Internet Explorer worked okay, but when I clicked on the FF icon, nothing would happen.

Today I upgraded to FF 3.0 but the problem persists

Also today, something odd started to happen. Whenever I went online, it would open on a page with the following address: C:\WINDOWS\system32\spywarewarning.mht

On this page it has a button that says "Scan" a place that says: Click here to scan your PC for spyware, adware, trojans and viruses and remove them from your computer. Full system scan is highly recommended by (hyperlinked) "Windows Security Center" and a hyperlinked area that says "Click here to scan your computer and remove all threats..."

When I move the cursor over the "scan" button or the hyperlinked areas, it shows the page it will go to having the following address: http://easytoprotect.com/mrs/?wmid=mrs10

I have checked my computer using Ad-Aware SE, AVG, and SpywareBlaster. They all say it's clean. My Windows Security Center says everything is up and running.

However, when I try to use Spybot - Search and Destroy, nothing happens; similar to FF.

Finally, whenever I change my preferred home page to something else, in a few moments the preference automatically goes back to the "Warning" page.

What do you think? Malicious adware? Virus? I don't know the answer and I'm hoping someone out there can help.

Please.

It sounds like you've picked up a very recent and (as yet) little known piece of nastyware. I found this information (http://www.threatexpert.com/report.aspx?uid=0866cc99-31e9-4482-9b69-c3fee2133bcf) at threatexpert.com.

My recommendation as a run-of-the-mill Windows user (I'm much more comfortable in Linux) is to boot the computer into Safe Mode and use RegEdit to remove the keys listed in the report. If you're not comfortable doing that, I recommend you seek out someone who is.

Don't just go deleting registry entries though. Can you try this in a command window?

req query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole

From the page Blue Mountain provided (nice one, thanks) it looks like you should see a path to the beastie

Hi, I would say it is something that is trying to get you to download a virus, i recomend that you try running your Spybot in safe mode. Or your other protective software.

Then go to Majorgeeks.com and read the thread:
http://forums.majorgeeks.com/showthread.php?t=35407

I have found it to be useful, the trick is sometimes finding the bugger is the add/remove programs. there are a lot of little 'helper' programs that infect your machine. My son got a goofy background for his cel-phone that needed to be removed, when he checked the web-site on the PC it downloaded a helper that tried to infect the machine. I found it in Add/remove eventualy and then Spybot and Adaware removed it.

Also, check your System Restore settings (if you're running XP or Vista). You can get to it through Control Panel->System->System Restore tab. Turn it off before you make your changes (there's a checkbox for it), then turn it on afterwards. System Restore has a bad habit of "helpfully" putting back those "System files and settings" you must have "inadvertantly" deleted, and it can re-infect your system after you clean it.

First of, thank you all for the advice and assistance.

I've tried to remove the malware without success. I can find the programs but I can't seem to get them off the computer. Fortunately I have access to another computer.

I just made the phone call to Mr. Goodwrench and I'll be bringing the tower over to the shop this afternoon for a proper cleaning and tune-up.

Again, I appreciate the help and the links you've provided, and I salute those of you that understand the inner workings of a computer.

But Blue Mountain said it best: If you're not comfortable doing that, I recommend you seek out someone who is.

Cheers!

Don't just go deleting registry entries though. Can you try this in a command window?

req query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole

From the page Blue Mountain provided (nice one, thanks) it looks like you should see a path to the beastie
Or "reg query..."

Don't press anything ever again!!

I just dealt with a laptop the other day that had a really aggressive version of this sort of malware. They bury themselves in a bunch of different locations on the computer, and unless you get all of them more or less at once, when you reboot your computer it will reinstall everywhere.