I'm a freelance graphic designer, so I use my computer continuously. My current clients prefer that I use Skype to stay in contact with them, which means being online while I work.

No problem there except that while I'm working, everything I do in my graphics program (copy, paste, save, etc.) is quickly followed by a visual "quick trip to the internet" in the little internet connection/traffic icon down on the taskbar. That's way more than just a coincidence, or random Norton or Windows update traffic.

Every day, I must go into Windows Firewall and uncheck file and printer sharing too, as something keeps turning it back on. Plus, whatever is running is causing a slowdown in production, so it's costing me valuable time.

I'm frustrated and angry, as I don't know how much other info is being guided off my computer... bank info, email, etc.

I'm spending considerable time watching Task Manager, checking Norton connection logs, cross-referencing Whois, etc. I just can't find a solution on my own, and can't afford the time or money to drop off my computer to a tech to clean up.

How do I even start to figure out how to stop this?

I'm running XP sp2

Assuming you own your computer, I strongly recommend that you follow CastleCops' Malware Removal and Prevention procedure, a system CastleCops devised to enable users to either partially, or fully clean their systems without the direct aid of an expert.

Please read these instructions carefully. You will find the Malware Removal and Prevention Procedure here:

http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction

If that doesn't fix the problem, then go to this Forum, read the instructions at the top of the page carefully:

/f67-Hijackthis_Spyware_Viruses_Worms_Trojans_Oh_My.html

Follow these instructions:

/t102301-Hijackthis_Guidelines_Read_Before_Posting.html

and one of CC's trained 1st Responders or Security Experts will help you.

Note to everyone: You must be a CastleCops member to post for help in the HJT forum. Do not post a HJT log anywhere other than in our HJT forum. If you post them here or in other forums, they will be deleted or ignored.

Thank you PCBruiser,

I'll get started on your suggestions.

I've held off asking for help, because I knew it might be a daunting task to dig in to, and I only know enough about computers to get into trouble trying to fix them. But I can't just let it go and continue on as is, or there could be far more trouble down the road than I can cause on my own.

And yes, this is my own computer, a new one in fact. So far, I've only installed Norton Anti-Virus on it, and use Windows Firewall (yes, I know, but that's another story).

Thanks again

This may not be as bad as you think. There is a ton of software that runs in the background all the time, and some of them are always listening on the Internet for various reasons that are completely legitimate. So, what you are seeing may not be anything to worry about, but we can find that out and make sure one way or the other.

Whether you realize it or not, a typical system has approximately 750+ processes running in the background (most not seen by Task Manager) including required dlls from the OS, services, drivers, etc., plus actual programs used by the user.

If you want to get a better idea of just what is running in the background, download, install, and run this:

http://www.whatsrunning.net/whatsrunning/main.aspx

Do not attempt to use this program to "fix" your system - you can kill the system trying to fix things with a powerful program like this. It is safe to run it diagnostically, just to see what is actually currently running on your system.

Thanks PCBruiser,

I'm almost done with the Removal and Prevention steps, but as it is now Monday, I'll have to finish up after working hours.

So far, my computer is still calling for take-out every time I save or paste in my graphic program, so I'll probably need to go through your entire course.

The program you mentioned just above, the whatsrunning... does that also show where these processes are running from?

That's my biggest complaint on anything that comes with Windows (like Task Manager), or even with some big-time anti-virus programs, is that they give you all kinds of information, but not the information you actually need, like where is this process located, where is it coming from, which one is accessing the internet right this second when the connection "traffic light" is green... stuff that us lay-people actually need to more easily put our finger directly on the most likely suspect (or ease our minds if it is a normal process coming from a normal path).

Yes, What's Running and similar software tell you that info including what is accessing/listening to the Internet. And, we have even more powerful tools if we need them.

Sorry I took so long to get back. Now my Outlook Express isn't working, so I've been trying to figure out what happened.

I'm also trying to get an online virus scan from Panda, but even though I put panda in my trusted sites, it won't let me download a few of the ActiveX controls...it says they aren't verified from panda.... sigh... on to another. Nothing is easy, is it.

I think I had better wear taller wading boots as I proceed.

Here it is two months later... I apologize for not returning to conclude this thread.

The depth of the problem had become so complicated, yet schedules and deadlines for work continued, so I had to give up seeking a solution.

I thought I had circumvented the spyware problem, at least temporarily, by using a small internet tablet (installed with Skype) as my means to stay in communication with my clients, while keeping my main work computer offline.

Apparently, there is no such thing as being totally "offline" these days. Even with the cable unplugged, my work computer is still sending info from everything I do, to the internet, via WiFi through the internet tablet!

Yet, my desktop work computer didn't come with any sort of WiFi adapter. But it must have something not visable to the user, because a simple test shows activity on the home network, with each program activity.

I honestly think it's time for me to give up, because if I've lost the ability to keep a computer totally offline, then there is no real means to secure it either.

Thanks for all of your help.