Another click.giftload problem - :(
- Thread starter nicks_scotland
- Start date
nicks_scotland
New member
Blade81,
Sorry it's taken me so long to repost. Got a friend to help get network/internet working again. We have managed to do so and have installed SP3 and ie8 and all the other updates that were waiting.
Thought I was all clear as computer working fine (and browser not re-directing) but did another scan with searchbot and the click.giftload is still there
DDS log below and spybot attached (was too long for pasting here).
Thanks in advance.
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by user at 11:34:25.43 on 07/04/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2015.1256 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\MSOffice\OFFICE11\MSACCESS.EXE
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\user\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\rapid.lnk - c:\qaddress\rapid32.315\qarapidn.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} - hxxp://www.bebo.com/files/BeboUploader.5.1.4.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - hxxp://almcam2.lofer.at:1003//activex/AMC.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli scecli
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\e26cpkhm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\e26cpkhm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\e26cpkhm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
.
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-9-24 19592]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2008-8-27 294608]
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-1-4 587096]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-8-27 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-18 40384]
R3 EUCR;ENE USB Mass Storage;c:\windows\system32\drivers\EUCR6SK.sys [2005-5-13 40576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2009-9-24 22528]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2009-6-17 25480]
S3 rcp_service;ReaConverter scheduler service;c:\program files\reaconverter 5.5 pro\rcp_scheduler.exe [2007-11-30 558592]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2005-3-25 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-04-07 09:24:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-07 09:24:37 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-07 09:24:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-06 14:27:20 -------- d-sh--w- c:\documents and settings\user\IECompatCache
2011-04-06 14:26:16 -------- d-sh--w- c:\documents and settings\user\PrivacIE
2011-04-06 14:10:53 -------- d-sh--w- c:\documents and settings\user\IETldCache
2011-04-06 13:39:36 -------- d-----w- c:\windows\system32\winrm
2011-04-06 13:39:31 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-04-06 13:31:57 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-04-06 13:31:34 -------- d-----w- c:\windows\ie8updates
2011-04-06 13:31:21 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-04-06 13:31:21 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-04-06 13:31:20 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-04-06 13:30:29 -------- dc-h--w- c:\windows\ie8
2011-04-06 13:22:53 -------- d-----w- c:\docume~1\user\applic~1\Windows Desktop Search
2011-04-06 13:22:13 -------- d-----w- c:\program files\Windows Desktop Search
2011-04-06 13:22:12 -------- d-----w- c:\windows\system32\GroupPolicy
2011-04-06 13:21:51 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2011-04-06 13:21:51 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2011-04-06 13:21:51 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2011-04-06 13:19:35 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-04-06 13:19:35 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-04-06 13:19:35 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-04-06 13:19:35 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2011-04-06 13:19:34 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2011-04-06 13:19:34 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2011-04-06 13:19:34 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2011-04-06 13:19:34 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-04-06 12:55:40 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-04-06 12:55:40 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-04-06 12:54:53 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-04-06 12:53:40 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-04-06 12:47:48 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-04-06 12:01:49 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-04-06 12:01:34 357248 -c----w- c:\windows\system32\dllcache\srv.sys
2011-04-06 12:01:05 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-04-06 12:01:05 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-04-06 12:01:00 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-04-06 12:01:00 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-04-06 12:01:00 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-04-06 12:01:00 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-04-06 12:01:00 110592 -c----w- c:\windows\system32\dllcache\services.exe
2011-04-06 12:00:59 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2011-04-06 12:00:59 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2011-04-06 12:00:59 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2011-04-06 12:00:59 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-04-06 12:00:58 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-04-06 12:00:57 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-04-06 12:00:56 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-04-06 12:00:27 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-04-06 11:59:10 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-04-06 11:54:07 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-04-06 11:53:54 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-04-06 11:52:59 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-04-06 11:52:43 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-04-06 10:30:03 -------- d-----w- c:\windows\system32\CatRoot_bak
2011-04-06 09:55:22 63663 ------w- c:\windows\system32\drivers\ati1rvxx.sys
2011-04-06 09:54:15 19569 ----a-w- c:\windows\002667_.tmp
2011-04-05 13:17:33 -------- d-----w- c:\docume~1\user\applic~1\Malwarebytes
2011-04-05 13:17:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-04-05 11:03:19 -------- d-----w- c:\docume~1\user\applic~1\Easeware
2011-04-04 15:18:23 132096 ----a-w- c:\windows\system32\wkssvc.dll
2011-04-04 15:16:03 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-04-04 15:14:52 345600 ----a-w- c:\windows\system32\localspl.dll
2011-04-04 15:13:19 149504 ----a-w- c:\windows\system32\schannel.dll
2011-04-04 15:12:05 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-04 15:11:54 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-04 15:10:50 730112 ----a-w- c:\windows\system32\lsasrv.dll
2011-04-04 15:10:50 718336 ----a-w- c:\windows\system32\ntdll.dll
2011-04-04 15:10:50 110592 ----a-w- c:\windows\system32\services.exe
2011-04-04 15:10:49 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-04 15:10:49 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-04 15:09:21 1854976 ----a-w- c:\windows\system32\win32k.sys
2011-04-04 15:08:17 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-04 15:08:17 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2011-04-04 15:08:17 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-04 15:07:09 203136 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-04-04 15:01:19 -------- d-----w- c:\windows\system32\scripting
2011-04-04 15:01:19 -------- d-----w- c:\windows\l2schemas
2011-04-04 15:01:18 -------- d-----w- c:\windows\system32\en
2011-04-04 15:01:18 -------- d-----w- c:\windows\system32\bits
2011-04-04 14:55:00 -------- d-----w- c:\windows\network diagnostic
2011-04-04 14:49:58 617472 ----a-w- c:\windows\system32\comctl32.dll
2011-04-04 14:23:39 -------- d-----w- c:\windows\EHome
2011-04-02 17:10:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-02 17:10:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-02 17:10:36 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-04-02 14:32:37 -------- d-sha-r- C:\cmdcons
2011-03-29 15:32:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-03-29 15:32:06 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-03-23 11:00:25 -------- d-----w- c:\program files\common files\L&H
2011-03-23 10:59:50 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-03-23 09:51:09 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2011-03-23 09:51:08 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-03-23 09:18:28 -------- d-----w- c:\docume~1\user\locals~1\applic~1\Microsoft Help
2011-03-21 14:01:36 165376 ----a-w- c:\windows\system32\unrar.dll
2011-03-21 14:01:23 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-03-21 14:01:22 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-03-21 14:01:22 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-03-21 14:01:21 810496 ----a-w- c:\windows\system32\xvidcore.dll
2011-03-21 14:01:21 183808 ----a-w- c:\windows\system32\xvidvfw.dll
2011-03-21 14:01:03 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-03-21 13:43:00 -------- d-----w- c:\program files\common files\DivX Shared
2011-03-21 13:38:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\DivX
2011-03-21 13:33:42 421888 ----a-w- c:\windows\system32\ac3filter.acm
2011-03-21 13:33:25 -------- d-----w- c:\program files\XP Codec Pack
.
==================== Find3M ====================
.
2011-02-28 08:00:00 80896 ----a-w- c:\windows\system32\ff_vfw.dll
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 08:47:35 38848 ----a-w- c:\windows\avastSS.scr
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 11:35:58.64 ===============
Sorry it's taken me so long to repost. Got a friend to help get network/internet working again. We have managed to do so and have installed SP3 and ie8 and all the other updates that were waiting.
Thought I was all clear as computer working fine (and browser not re-directing) but did another scan with searchbot and the click.giftload is still there
DDS log below and spybot attached (was too long for pasting here).
Thanks in advance.
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by user at 11:34:25.43 on 07/04/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2015.1256 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\MSOffice\OFFICE11\MSACCESS.EXE
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\user\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\rapid.lnk - c:\qaddress\rapid32.315\qarapidn.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} - hxxp://www.bebo.com/files/BeboUploader.5.1.4.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - hxxp://almcam2.lofer.at:1003//activex/AMC.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli scecli
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\e26cpkhm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\e26cpkhm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\e26cpkhm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
.
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-9-24 19592]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2008-8-27 294608]
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-1-4 587096]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-8-27 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-18 40384]
R3 EUCR;ENE USB Mass Storage;c:\windows\system32\drivers\EUCR6SK.sys [2005-5-13 40576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2009-9-24 22528]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2009-6-17 25480]
S3 rcp_service;ReaConverter scheduler service;c:\program files\reaconverter 5.5 pro\rcp_scheduler.exe [2007-11-30 558592]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2005-3-25 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-04-07 09:24:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-07 09:24:37 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-07 09:24:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-06 14:27:20 -------- d-sh--w- c:\documents and settings\user\IECompatCache
2011-04-06 14:26:16 -------- d-sh--w- c:\documents and settings\user\PrivacIE
2011-04-06 14:10:53 -------- d-sh--w- c:\documents and settings\user\IETldCache
2011-04-06 13:39:36 -------- d-----w- c:\windows\system32\winrm
2011-04-06 13:39:31 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-04-06 13:31:57 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-04-06 13:31:34 -------- d-----w- c:\windows\ie8updates
2011-04-06 13:31:21 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-04-06 13:31:21 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-04-06 13:31:20 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-04-06 13:30:29 -------- dc-h--w- c:\windows\ie8
2011-04-06 13:22:53 -------- d-----w- c:\docume~1\user\applic~1\Windows Desktop Search
2011-04-06 13:22:13 -------- d-----w- c:\program files\Windows Desktop Search
2011-04-06 13:22:12 -------- d-----w- c:\windows\system32\GroupPolicy
2011-04-06 13:21:51 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2011-04-06 13:21:51 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2011-04-06 13:21:51 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2011-04-06 13:19:35 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-04-06 13:19:35 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-04-06 13:19:35 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-04-06 13:19:35 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2011-04-06 13:19:34 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2011-04-06 13:19:34 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2011-04-06 13:19:34 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2011-04-06 13:19:34 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-04-06 12:55:40 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-04-06 12:55:40 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-04-06 12:54:53 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-04-06 12:53:40 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-04-06 12:47:48 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-04-06 12:01:49 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-04-06 12:01:34 357248 -c----w- c:\windows\system32\dllcache\srv.sys
2011-04-06 12:01:05 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-04-06 12:01:05 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-04-06 12:01:00 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-04-06 12:01:00 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-04-06 12:01:00 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-04-06 12:01:00 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-04-06 12:01:00 110592 -c----w- c:\windows\system32\dllcache\services.exe
2011-04-06 12:00:59 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2011-04-06 12:00:59 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2011-04-06 12:00:59 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2011-04-06 12:00:59 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-04-06 12:00:58 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-04-06 12:00:57 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-04-06 12:00:56 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-04-06 12:00:27 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-04-06 11:59:10 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-04-06 11:54:07 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-04-06 11:53:54 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-04-06 11:52:59 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-04-06 11:52:43 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-04-06 10:30:03 -------- d-----w- c:\windows\system32\CatRoot_bak
2011-04-06 09:55:22 63663 ------w- c:\windows\system32\drivers\ati1rvxx.sys
2011-04-06 09:54:15 19569 ----a-w- c:\windows\002667_.tmp
2011-04-05 13:17:33 -------- d-----w- c:\docume~1\user\applic~1\Malwarebytes
2011-04-05 13:17:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-04-05 11:03:19 -------- d-----w- c:\docume~1\user\applic~1\Easeware
2011-04-04 15:18:23 132096 ----a-w- c:\windows\system32\wkssvc.dll
2011-04-04 15:16:03 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-04-04 15:14:52 345600 ----a-w- c:\windows\system32\localspl.dll
2011-04-04 15:13:19 149504 ----a-w- c:\windows\system32\schannel.dll
2011-04-04 15:12:05 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-04 15:11:54 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-04 15:10:50 730112 ----a-w- c:\windows\system32\lsasrv.dll
2011-04-04 15:10:50 718336 ----a-w- c:\windows\system32\ntdll.dll
2011-04-04 15:10:50 110592 ----a-w- c:\windows\system32\services.exe
2011-04-04 15:10:49 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-04 15:10:49 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-04 15:09:21 1854976 ----a-w- c:\windows\system32\win32k.sys
2011-04-04 15:08:17 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-04 15:08:17 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2011-04-04 15:08:17 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-04 15:07:09 203136 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-04-04 15:01:19 -------- d-----w- c:\windows\system32\scripting
2011-04-04 15:01:19 -------- d-----w- c:\windows\l2schemas
2011-04-04 15:01:18 -------- d-----w- c:\windows\system32\en
2011-04-04 15:01:18 -------- d-----w- c:\windows\system32\bits
2011-04-04 14:55:00 -------- d-----w- c:\windows\network diagnostic
2011-04-04 14:49:58 617472 ----a-w- c:\windows\system32\comctl32.dll
2011-04-04 14:23:39 -------- d-----w- c:\windows\EHome
2011-04-02 17:10:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-02 17:10:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-02 17:10:36 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-04-02 14:32:37 -------- d-sha-r- C:\cmdcons
2011-03-29 15:32:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-03-29 15:32:06 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-03-23 11:00:25 -------- d-----w- c:\program files\common files\L&H
2011-03-23 10:59:50 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-03-23 09:51:09 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2011-03-23 09:51:08 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-03-23 09:18:28 -------- d-----w- c:\docume~1\user\locals~1\applic~1\Microsoft Help
2011-03-21 14:01:36 165376 ----a-w- c:\windows\system32\unrar.dll
2011-03-21 14:01:23 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-03-21 14:01:22 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-03-21 14:01:22 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-03-21 14:01:21 810496 ----a-w- c:\windows\system32\xvidcore.dll
2011-03-21 14:01:21 183808 ----a-w- c:\windows\system32\xvidvfw.dll
2011-03-21 14:01:03 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-03-21 13:43:00 -------- d-----w- c:\program files\common files\DivX Shared
2011-03-21 13:38:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\DivX
2011-03-21 13:33:42 421888 ----a-w- c:\windows\system32\ac3filter.acm
2011-03-21 13:33:25 -------- d-----w- c:\program files\XP Codec Pack
.
==================== Find3M ====================
.
2011-02-28 08:00:00 80896 ----a-w- c:\windows\system32\ff_vfw.dll
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 08:47:35 38848 ----a-w- c:\windows\avastSS.scr
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 11:35:58.64 ===============
Hi,
Save text below as fix.reg on Notepad (save it as all files (*.*)) on the Desktop.
It should look like this ->
Doubleclick fix.reg, press Yes and ok.
Reboot and see if Spybot still finds the item.
Save text below as fix.reg on Notepad (save it as all files (*.*)) on the Desktop.
Code:
REGEDIT4
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION]
"svchost.exe"=-It should look like this ->
Doubleclick fix.reg, press Yes and ok.
Reboot and see if Spybot still finds the item.
nicks_scotland
New member
Thanks for the super quick response! The spybot scan is now only telling me that the windows firewall isn't on. No sign of click.giftload. 
Do you think I'm in the clear now?
Nicks x
Do you think I'm in the clear now?
Nicks x
Good. If no symptoms left I believe case is finished. To help keeping system up-to-date I recommend downloading Secunia Personal Software Inspector (PSI) 
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread.
If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.
Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread.
If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.