I tried a virus scan yesterday and at the time it seemed to scan ok onlky that found nothing. I can't update the definitions though.
System Restore won't work. "System Restore has been turned off by group policy. To turn on System Restore, contact your domain Administrator."
Anyway, it seems to let ad-aware and spybot s&d through at the moment so I scanned only they don't detect anything that stops it (both have up to date definitions). So I gave HijackThis a bash. I removed some obvious stuff but it's still having the same problem. Here is my current log:
Anyway, it seems to let ad-aware and Logfile of HijackThis v1.98.2
Scan saved at 1:29:03 PM, on 3/19/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\gsicon.exe
C:\WINDOWS\System32\dslagent.exe
C:\WINDOWS\System32\aaupdt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Saitek\Software\Profiler.exe
C:\Program Files\Saitek\Software\SaiSmart.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\System32\wuauclt.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marcus\Desktop\Shortcuts\HijackThis.exe
O1 - Hosts: 213.199.154.54 www.symantec.com
O1 - Hosts: 213.199.154.54 www.sophos.com
O1 - Hosts: 213.199.154.54 www.mcafee.com
O1 - Hosts: 213.199.154.54 www.viruslist.com
O1 - Hosts: 213.199.154.54 www.f-secure.com
O1 - Hosts: 213.199.154.54 www.avp.com
O1 - Hosts: 213.199.154.54 www.kaspersky.com
O1 - Hosts: 213.199.154.54 www.networkassociates.com
O1 - Hosts: 213.199.154.54 www.ca.com
O1 - Hosts: 213.199.154.54 www.my-etrust.com
O1 - Hosts: 213.199.154.54 www.nai.com
O1 - Hosts: 213.199.154.54 www.trendmicro.com
O1 - Hosts: 213.199.154.54 www.grisoft.com
O1 - Hosts: 213.199.154.54 securityresponse.symantec.com
O1 - Hosts: 213.199.154.54 symantec.com
O1 - Hosts: 213.199.154.54 sophos.com
O1 - Hosts: 213.199.154.54 mcafee.com
O1 - Hosts: 213.199.154.54 liveupdate.symantecliveupdate.com
O1 - Hosts: 213.199.154.54 viruslist.com
O1 - Hosts: 213.199.154.54 f-secure.com
O1 - Hosts: 213.199.154.54 kaspersky.com
O1 - Hosts: 213.199.154.54 kaspersky-labs.com
O1 - Hosts: 213.199.154.54 avp.com
O1 - Hosts: 213.199.154.54 networkassociates.com
O1 - Hosts: 213.199.154.54 ca.com
O1 - Hosts: 213.199.154.54 mast.mcafee.com
O1 - Hosts: 213.199.154.54 my-etrust.com
O1 - Hosts: 213.199.154.54 download.mcafee.com
O1 - Hosts: 213.199.154.54 dispatch.mcafee.com
O1 - Hosts: 213.199.154.54 secure.nai.com
O1 - Hosts: 213.199.154.54 nai.com
O1 - Hosts: 213.199.154.54 update.symantec.com
O1 - Hosts: 213.199.154.54 updates.symantec.com
O1 - Hosts: 213.199.154.54 us.mcafee.com
O1 - Hosts: 213.199.154.54 liveupdate.symantec.com
O1 - Hosts: 213.199.154.54 customer.symantec.com
O1 - Hosts: 213.199.154.54 rads.mcafee.com
O1 - Hosts: 213.199.154.54 trendmicro.com
O1 - Hosts: 213.199.154.54 grisoft.com
O1 - Hosts: 213.199.154.54 sandbox.norman.no
O1 - Hosts: 213.199.154.54 www.pandasoftware.com
O1 - Hosts: 213.199.154.54 uk.trendmicro-europe.com
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Microsoft Update] aaupdt.exe
O4 - HKLM\..\Run: [8Zdx9dL] C:\windows\temp\8Zdx9dL.exe
O4 - HKLM\..\Run: [gEdOYWdF] C:\WINDOWS\rsebk.exe
O4 - HKLM\..\Run: [8Zdx9dL.exe] C:\windows\temp\8Zdx9dL.exe
O4 - HKLM\..\Run: [AceGain LiveUpdate] D:\BFV\LiveUpdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [rollbk] C:\WINDOWS\System32\sysup.exe
O4 - HKLM\..\Run: [DsmSer] C:\WINDOWS\System32\svosm.exe
O4 - HKLM\..\RunServices: [Microsoft Update] aaupdt.exe
O4 - HKLM\..\RunServices: [rollbk] C:\WINDOWS\System32\sysup.exe
O4 - HKLM\..\RunServices: [DsmSer] C:\WINDOWS\System32\svosm.exe
O4 - HKLM\..\RunServices: [AvSer] C:\WINDOWS\System32\svosm.exe
O4 - HKCU\..\Run: [NTSF MICROSOFT SYSTEM] sqlserver.exe
O4 - HKCU\..\Run: [Windows Media Player] msa.exe
O4 - HKCU\..\Run: [Microsoft Update] aaupdt.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE713D7F-CC0C-4EF4-9352-761208C758FC}: NameServer = 194.74.65.69 194.72.9.38
There must be some other stuff that can go there...