Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O2 - BHO: FlashFetcher - {16E8A050-74CE-43D5-8DC0-BADD7347B2DD} - C:\Program Files\GeoVid\FlashFetcher\FlashFetcher.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
O9 - Extra button: FlashFetcher - {07174FC7-B4C1-4643-9C03-B4D2148EB057} - C:\Program Files\GeoVid\FlashFetcher\FlashFetcher.dll (file missing)
O9 - Extra 'Tools' menuitem: FlashFetcher - {07174FC7-B4C1-4643-9C03-B4D2148EB057} - C:\Program Files\GeoVid\FlashFetcher\FlashFetcher.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{515E235D-FA3C-42FB-B0DD-B07E7AA5EE63}: NameServer = 85.255.116.126,85.255.112.119
O17 - HKLM\System\CCS\Services\Tcpip\..\{857C3104-9D83-46EE-91DE-51B902C30C4F}: NameServer = 85.255.116.126,85.255.112.119
O17 - HKLM\System\CCS\Services\Tcpip\..\{91BA0903-30B4-4065-930D-A2952CDD6EBF}: NameServer = 85.255.116.126,85.255.112.119
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9109EDE-1256-4A8C-8478-FB359757D384}: NameServer = 85.255.116.126,85.255.112.119
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.126 85.255.112.119
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.116.126 85.255.112.119
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.126 85.255.112.119
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
Click on the fix checked button.
Close HJT and reboot your computer.
Post a fresh HJT log.
Regards Howard
This thread is for the use of gwiz_oz only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.