virus/malware..check my Hijackthis please

I've been unable to get my superanti spyware to install updates, and I have something that keeps re-directing me when I click on links in searches. I have tried to download other free-anti malware/spyware programs, and NONE of them will download, all I get are Unable to connect messages. I think something is blocking my downloads.

Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:49:03 PM, on 3/29/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Ideazon\ZEngine\Zboard.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll
O4 - HKLM\..\Run: [UpdReg] "C:\WINDOWS\UpdReg.EXE"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [Zboard] "C:\Program Files\Ideazon\ZEngine\Zboard.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s2.work4sure.com/c/ge/w4sgeen9.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/Driver...reqlab_nvd.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirements...qlabdetect.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driver...sysreqlab2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://affiliates.piclens.com/shared/plinstll.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://www.yougamers.com/systeminfo/FMSI.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - https://register.creative.com/regist...lientNoMFC.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2402C590-2EA9-4C62-933F-83F65F112A47}: NameServer = 93.188.162.95,93.188.161.78
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B9717FD-1D84-4753-9CA8-E90C92C6DC5E}: NameServer = 205.171.3.65,205.171.2.65
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA3672C0-B6CA-4988-92EA-6F46374239E4}: NameServer = 93.188.162.95,93.188.161.78
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.95,93.188.161.78
O17 - HKLM\System\CS2\Services\Tcpip\..\{2402C590-2EA9-4C62-933F-83F65F112A47}: NameServer = 93.188.162.95,93.188.161.78
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.95,93.188.161.78
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Update Service (gupdate1ca02a23e9ec812) (gupdate1ca02a23e9ec812) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 8771 bytes

Well your first problem is almost certainly these entries:

O17 - HKLM\System\CCS\Services\Tcpip\..\{2402C590-2EA9-4C62-933F-83F65F112A47}: NameServer = 93.188.162.95,93.188.161.78
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B9717FD-1D84-4753-9CA8-E90C92C6DC5E}: NameServer = 205.171.3.65,205.171.2.65
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA3672C0-B6CA-4988-92EA-6F46374239E4}: NameServer = 93.188.162.95,93.188.161.78
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.95,93.188.161.78
O17 - HKLM\System\CS2\Services\Tcpip\..\{2402C590-2EA9-4C62-933F-83F65F112A47}: NameServer = 93.188.162.95,93.188.161.78
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.95,93.188.161.78

Something has hijacked you. Unfortunately I'm not certain what. Though I'm not certain what this is:

O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s2.work4sure.com/c/ge/w4sgeen9.exe

You can try removing those entries and see what happens, but odds are something not visible in HijackThis is just gonna put it back. If you can get to another machine, download a cleaner from there to a USB drive and transfer it to your machine. That might work for you. I'd recommend Malwarebytes Antimalware. It does a pretty good job and is free. http://www.malwarebytes.org/mbam.php

Ok, some things to try.

Before anything else run hijackthis and check those entries back blast listed. The w4sgeen9.exe shouldn't need fixing. I downloaded the file and scanned it with multiple scanners and it came up negative so it's likely exactly what it is suppose to be, a program that checks for product compatibility. Have hijackthis fix those entries.

Now some other suggestions. Put a copy of hijackthis on your desktop and give it a different name like hijackthat.exe, then run it again and post the results. Even though when you run hijackthis it says it must be run in it's own directory there are several virus and trojans which will block it from fully running if they see it on the drive. I don't know if superantispyware can run the same way but I would try it just to be sure.

Second. Try going to trendmicro.com/housecall
Some programs which are very good a redirecting or blocking downloads of full antivirus solutions won't block remote site scanners. You still have to download a small program to use housecall but it might not be blocked.

Third. Try downloading antivirus solutions from Download.com. A virus that blocks the home page of an antivirus site usually doesn't block program collection sites. The first one you should try from there is malwarebytes and I might as well give you the link to that here http://download.cnet.com/Malwarebyte...html?tag=mncol

Once malwarebytes is installed (if you can get it installed) go into the malwarebytes directory and rename mbam.exe to something else .exe. It will still run. I actually keep two copies of the program on my system named mbam.exe and bomb.exe just because some virus programs do stop mbam from loading.

That's all I've got for now.

I'm guessing you're not in the Ukraine ... that's where those nameserver IP addresses in your hijackthis log are registered.

You will want to find somethnig to search for rootkits as well - malwarebytes does not do this, as far as I know. If you are not computer saavy, you will want to entrust removal of the rootkit(s) to someone who understands system files. Sophos has a free rootkit scanner and the new free version of LavaSoft's AdAware does as well. One of the best tools I've found for squashing rootkits is ComboFix, but you need to be very careful about where you download this stuff from, as hackers are setting up sites designed to be very similar to the legit download sites in order to prevent you from fixing the problems and to infect your computer even more. Download combofix only from bleepingcomputer.com - and there are people on the forum there that can guide you step by step in finding and removing most malware, if you need assistance.

The purpose of a rootkit is to hide running processes - and while there are what some consider legitimate rootkit use, the bad guys generally use them to hide keystroke loggers and screen scrapers so they can steal account information and passwords. The purpose of redirecting your computer to their "nameservers" is to prevent you from finding and removing the malicious software they've installed. If you do or have done any financial transactions on this computer, you may want to consider contacting those companies and, at the very least, changing all passwords associated with them.

Good luck.

Storm