Ok, thank you for the information.  I have a 3d work project tonight and a meeting tomorrow night so I'll try to work through this Friday or the weekend.

Khai, If its not rendo or DAZ that hired the advertisers, then I guess that makes DAZ and possibly Rendo a victim as well.  At least DAZ now knows that someone is using their logo to lure people.  I can see where folks might think they have a DAZ coupon and then go to the websites that might further have adware coding.  I hope that both companies will investigate on their own and protect their good names.

26F, I've cleaned the system several times with cc cleaner, hyjack this, ATF, a few other cleaners, and run Avast virus and malwarebytes scans and they all come up negative for it.  Actually, I do the cleaning once a week mostly to clear out Poser temp files.  I even checked for rootkits.  So obviously I need to go deeper than that.

Janl, thanks for the research.  Let me see if one of those sites has a removal that will work. 

Khory, well, um, maybe contacting crossfire will just result in more viruses if they are the ones stealing the DAZ logo and Renderosity name.  I'm not sure that contacting them will be of any positive value for me.  But perhaps if DAZ and Rendo as victims wish to contact Crossfire and tell Crossfire to cease that would be to everyone's benefit.

Ok, I don't mean to sound cranky and irritable, but its a natural reaction to unwanted junk.  I am more concerned about data mining.  Hopefully after this weekend I can report some good news and a fix in case anyone else gets this.