What can block downloading of anti-spyware

The are quite few nastys that can cause problems with downloading.
Can you download any type of files at all (try some that have nothing to do with spyware, virus, adware, etc)?

Do you have an up to date virus application and have you run a full scan with it?

What file on your c drive is unavailable? Always give specific information and exact error messages.

 

Normally we prefer the READ ME FIRST to be executed but you have a bad case of malware that prevents this. So go ahead and post your HJT log (as an attachment). Hopefully you already have the current version (1.98.2).

To bad you did not give you Win OS version. I would like you to look at your hosts file to see if any websites are being blocked. For WinXP and 2K it is here:
c:\windows\system32\drivers\etc\hosts

Also look at you Restricted Zones in Internet Explorer to see if any sites you need are being blocked (note you could have lots of bad sites being blocked if you have used Spybot's Immunize feature or have done similar with another program).

 

Please do not post HJT logs inline. I had asked that you post it as an attachment.

Is the below URL (from your log) something you want to use, or is it part of your problem.
http://www.iquicksearch.net/search.htm

You need to remove the lines from your hosts file. Your hosts file should only contain what I give below in bold print:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost

 

Also, the below programs should not be running when using HijackThis:

:\Program Files\Netscape\Communicator\Program\AIM\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\system32\NOTEPAD.EXE

 

Make sure you have system restore disabled and viewing of hidden files enabled (per the tutorial).
I'm going to assume that you do not want those www.iquicksearch.net lines and tell you to have HJT fix them. If you do want them, skip those line below.


Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.iquicksearch.net/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.iquicksearch.net/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.iquicksearch.net/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.iquicksearch.net/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R3 - URLSearchHook: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file)
O1 - Hosts: 217.116.231.7 aimtoday.aol.com12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O9 - Extra button: Dell Home - {90D7162F-5C08-4A00-B04B-6A5197462544} - http://www.dellnet.com (file missing) (HKCU)
O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - http://toolbar.isearch.com/general/initial.cab
O16 - DPF: {A27AD582-5BE5-4C2D-82F0-48B24FE02040} - http://www.adshooter.com/pop_shoote...00/SYSsfitb.cab


Now reboot your PC and post a new HJT log. And tell us how things are working.

Try using Internet Explorer and run the steps in: READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

 

Re: I have run all of the fixes

Okay for the DSO Exploit message with Spybot we need to make sure it is not part of a bug with Spybot. Please download and run this update: Spybot - Search and Destroy DSO Exploit Fix

Make sure you have the current detections files for Spybot too (check for updates).

Are you up to date with your Windows updates from Microsoft? Don't guess! Go here and check: Windows Update

You are using the wrong version of HijackThis again. How did you get 1.97.7 back again? You already had 1.98.2 working in a previous message. You must delete 1.97.7 and not use it again. It will not make backups for you, it does not find some problems, and cannot fix certain problems too. Post a new log using version 1.98.2.

I think I figure out how you got 1.97.7 again. You never removed it. It is running from:
C:\unzipped\hijackthis1977\HijackThis.exe

whereas you had 1.98.2 running from:
C:\unzipped\hijackthis\HijackThis.exe

Try putting HJT in c:\Program Files\HJT and anytime there is an update just unzip or copy the new version into this folder and overwrite the old version.

You MUST remember to shut down all browsers BEFORE running HJT. You had the below running:
C:\Program Files\Internet Explorer\IEXPLORE.EXE

 

Re: I have run all of the fixes

Did you really want to disable the below using BHO Demon:
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (disabled by BHODemon)

It's not malware but is known to waste a load of memory especially since you are not always using Acrobat reader. It's up to you what to do with it. If you'd like to open your PDF documents directly in IE you will want to keep this file. This is the browser plugin.

It seems strange that the below process for McAfee firewall is running twice:
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE