WiredWX Hobby Weather ToolsLog in

 


descriptionNot sure whats wrong but I can not do a search in yahoo or google or any search  EmptyNot sure whats wrong but I can not do a search in yahoo or google or any search

more_horiz
I have ran my antivirus and malware but they come up with nothing but I cannot run any kind of search engine of any kind and my pc seem to be running very very slow both online and off. Any help would be greatly appreciated.

Vangie

OTL logfile created on: 1/14/2012 10:25:54 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Vangie\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 79.61% Memory free
3.82 Gb Paging File | 3.41 Gb Available in Paging File | 89.36% Paging File free
Paging file location(s): C:\pagefile.sys 1000 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.99 Gb Total Space | 29.82 Gb Free Space | 20.71% Space Free | Partition Type: NTFS

Computer Name: PAIN | User Name: Vangie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/14 10:25:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vangie\Desktop\OTL.com
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/04 04:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/06/04 17:56:20 | 000,057,344 | ---- | M] (Ideazon, Inc.) -- C:\Program Files\Ideazon\ZEngine\Zboard.exe
PRC - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/04 21:42:40 | 000,595,184 | ---- | M] ( ) -- C:\WINDOWS\system32\dldncoms.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/14 08:46:22 | 001,678,336 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12011401\algo.dll
MOD - [2012/01/13 11:35:01 | 001,678,336 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12011301\algo.dll
MOD - [2011/10/13 08:23:04 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
MOD - [2011/10/13 08:23:04 | 000,280,064 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
MOD - [2011/10/13 08:23:03 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
MOD - [2011/10/13 08:22:54 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/13 08:22:47 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011/10/13 07:10:03 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/13 07:09:40 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/13 07:08:55 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/13 07:07:36 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
MOD - [2011/10/12 23:52:25 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/12 23:52:12 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/12 23:51:17 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/10/12 23:51:12 | 000,113,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2011/10/12 23:51:11 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/02/05 11:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/06/04 17:55:46 | 000,018,432 | ---- | M] () -- C:\Program Files\Ideazon\ZEngine\AxInterop.WBOCXLib.dll
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 17:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/03/24 21:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2008/01/22 10:48:56 | 000,115,200 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldndrpp.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Symantec Core LC)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/03/04 21:42:40 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldncoms.exe -- (dldn_device)
SRV - [2005/10/27 21:41:52 | 000,491,520 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\System32\dlcccoms.exe -- (dlcc_device)


========== Driver Services (SafeList) ==========

DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/05 00:42:44 | 000,023,608 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wmamp3DriverV32.sys -- (wmamp3DriverV32)
DRV - [2011/09/09 11:10:19 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011/07/04 04:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 04:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 04:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 04:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 04:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 04:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 04:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/19 09:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010/09/19 09:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010/09/19 09:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010/09/19 09:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010/09/19 09:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2010/06/21 15:07:39 | 000,091,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2009/11/04 16:54:12 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/11/04 16:54:12 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/11/04 16:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/04 16:54:12 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/11/04 16:53:40 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/07/23 09:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007/03/20 11:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2006/11/15 15:06:56 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/11/15 14:49:49 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2006/11/15 14:46:36 | 000,642,560 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2006/10/19 20:51:23 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/07/24 15:20:00 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/06/05 01:39:56 | 000,024,064 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006/01/10 10:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/12/04 12:55:40 | 000,034,944 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Alpham.sys -- (Alpham)
DRV - [2004/06/09 07:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
DRV - [2004/04/14 22:13:00 | 000,339,488 | R--- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB20XP.sys -- (PRISM_A02)
DRV - [2003/11/17 19:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 19:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 19:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0061019
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0061019

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm486PBUS&fl=0&ptb=iQG2DsRA8hhH9h.jWBdlbQ&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=sb&searchfor={searchTerms}&gcht=sy
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)



O1 HOSTS File: ([2011/12/05 16:40:49 | 000,001,401 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 216.240.133.193 www.google-analytics.com.
O1 - Hosts: 216.240.133.193 ad-emea.doubleclick.net.
O1 - Hosts: 216.240.133.193 www.statcounter.com.
O1 - Hosts: 69.72.252.254 www.google-analytics.com.
O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net.
O1 - Hosts: 69.72.252.254 www.statcounter.com.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll File not found
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient_2.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TaskTray] File not found
O4 - HKLM..\Run: [Tweak UI] C:\WINDOWS\System32\TWEAKUI.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - Startup: C:\Documents and Settings\Vangie\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FC0B975-D563-4B08-8B35-66804778B163}: DhcpNameServer = 68.87.85.102 68.87.69.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A3F0D92-0D36-45F8-9AD8-B83F444A49BD}: DhcpNameServer = 75.75.76.76 75.75.75.75
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Vangie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Vangie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 02:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/12/16 15:46:54 | 000,049,244 | ---- | M] () - C:\autoruns.chm -- [ NTFS ]
O32 - AutoRun File - [2009/04/02 15:47:50 | 000,648,064 | ---- | M] (Sysinternals - www.sysinternals.com) - C:\autoruns.exe -- [ NTFS ]
O32 - AutoRun File - [2009/04/02 15:47:48 | 000,540,560 | ---- | M] (Sysinternals - www.sysinternals.com) - C:\autorunsc.exe -- [ NTFS ]
O33 - MountPoints2\{6bca5e37-e48c-11e0-9978-001676b715a7}\Shell - "" = AutoRun
O33 - MountPoints2\{6bca5e37-e48c-11e0-9978-001676b715a7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6bca5e37-e48c-11e0-9978-001676b715a7}\Shell\AutoRun\command - "" = K:\TLBootstrap_WPP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/14 10:25:34 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Vangie\Desktop\OTL.com
[2012/01/11 20:23:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Vangie\Recent
[2011/12/22 18:28:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vangie\Start Menu\Programs\Curse
[2011/12/17 16:48:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vangie\Desktop\Bills paid
[2011/12/15 19:18:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vangie\My Documents\My PSP Files
[2008/03/04 21:42:42 | 000,320,752 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnih.exe
[2008/03/04 21:42:40 | 000,595,184 | ---- | C] ( ) -- C:\WINDOWS\System32\dldncoms.exe
[2008/03/04 21:42:40 | 000,365,808 | ---- | C] ( ) -- C:\WINDOWS\System32\dldncfg.exe
[2008/01/23 19:49:00 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnpmui.dll
[2008/01/23 19:45:58 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnserv.dll
[2008/01/23 19:42:42 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnlmpm.dll
[2008/01/23 19:42:40 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldniesc.dll
[2008/01/23 19:42:28 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dldncomm.dll
[2008/01/23 19:41:26 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnhbn3.dll
[2008/01/23 19:41:00 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnusb1.dll
[2008/01/23 19:40:30 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldncomc.dll
[2008/01/23 19:39:24 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnprox.dll
[2008/01/23 19:37:30 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldninpa.dll
[2006/10/19 20:23:12 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccserv.dll
[2006/10/19 20:23:12 | 001,134,592 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccusb1.dll
[2006/10/19 20:23:12 | 000,774,144 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcchbn3.dll
[2006/10/19 20:23:12 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccomc.dll
[2006/10/19 20:23:12 | 000,638,976 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccpmui.dll
[2006/10/19 20:23:12 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccoms.exe
[2006/10/19 20:23:12 | 000,483,328 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcclmpm.dll
[2006/10/19 20:23:12 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccomm.dll
[2006/10/19 20:23:12 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccih.exe
[2006/10/19 20:23:12 | 000,368,640 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccfg.exe
[2006/10/19 20:23:12 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccprox.dll
[2006/10/19 20:23:12 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccpplc.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/14 10:25:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vangie\Desktop\OTL.com
[2012/01/14 10:17:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/14 10:16:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/14 10:16:07 | 3219,169,280 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/13 16:14:18 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/01/13 16:12:33 | 000,049,238 | ---- | M] () -- C:\Documents and Settings\Vangie\Application Data\wklnhst.dat
[2012/01/10 12:01:51 | 000,041,385 | ---- | M] () -- C:\Documents and Settings\Vangie\Desktop\2368485044_DR_morupzij.3d2.TIFF
[2012/01/10 12:00:59 | 000,037,127 | ---- | M] () -- C:\Documents and Settings\Vangie\Desktop\2368485700_DR_tt32l0lw.r04.TIFF
[2012/01/06 21:39:49 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/01/03 12:53:53 | 000,244,770 | ---- | M] () -- C:\Documents and Settings\Vangie\Desktop\Leap letter.jpg
[2011/12/29 15:01:44 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/22 18:28:07 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Vangie\Desktop\Curse Client.appref-ms
[2011/12/18 15:20:47 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/15 20:03:20 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Vangie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/15 19:18:27 | 000,004,600 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\WINDOWS\System32\sihimelu
[2012/01/10 12:01:49 | 000,041,385 | ---- | C] () -- C:\Documents and Settings\Vangie\Desktop\2368485044_DR_morupzij.3d2.TIFF
[2012/01/10 12:00:57 | 000,037,127 | ---- | C] () -- C:\Documents and Settings\Vangie\Desktop\2368485700_DR_tt32l0lw.r04.TIFF
[2012/01/03 12:53:52 | 000,244,770 | ---- | C] () -- C:\Documents and Settings\Vangie\Desktop\Leap letter.jpg
[2011/12/29 15:01:44 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/05 16:39:52 | 000,012,284 | -HS- | C] () -- C:\Documents and Settings\Vangie\Local Settings\Application Data\2s18yw0b74o842
[2011/12/05 16:39:52 | 000,012,284 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2s18yw0b74o842
[2011/06/13 10:05:02 | 001,015,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/12 01:29:08 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/02/12 01:29:06 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/02/12 01:29:06 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/01/23 03:45:16 | 000,397,856 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1051316268-97930376-468757803-1005-0.dat
[2011/01/23 03:45:14 | 000,334,418 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/10/12 17:35:12 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/10/12 17:35:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/07/18 17:36:39 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/01 17:32:56 | 000,000,174 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2010/04/19 19:40:31 | 000,010,600 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\x3Cg6jfw84
[2009/12/27 13:00:14 | 031,557,664 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/10/04 09:36:40 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/10/04 09:36:40 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2009/10/04 09:36:40 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/10/04 09:36:40 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/09/27 15:12:22 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/08/30 17:56:04 | 000,016,982 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2009/06/26 00:31:34 | 000,000,003 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2009/06/07 14:24:13 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/06/07 14:24:13 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/03/19 09:20:15 | 000,000,147 | ---- | C] () -- C:\WINDOWS\AvDetected.ini
[2008/09/17 17:17:21 | 000,000,529 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2008/09/17 17:04:33 | 000,000,281 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2008/04/04 23:18:55 | 000,000,023 | ---- | C] () -- C:\WINDOWS\settings.ini
[2008/02/11 02:13:10 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldninsr.dll
[2008/02/11 02:13:04 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldncur.dll
[2008/02/11 02:12:40 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldnjswr.dll
[2008/02/11 02:09:54 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldninsb.dll
[2008/02/11 02:09:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldncub.dll
[2008/02/11 02:07:36 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldncu.dll
[2008/02/11 02:07:32 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldnins.dll
[2008/02/11 02:05:20 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\dldnutil.dll
[2008/02/11 02:04:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldngrd.dll
[2008/01/29 19:49:04 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\dldndrs.dll
[2008/01/23 11:08:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dldncaps.dll
[2008/01/22 01:05:56 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldncfg.dll
[2007/12/12 20:32:40 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\dldncoin.dll
[2007/10/02 13:51:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldncnv4.dll
[2007/07/27 22:30:06 | 000,283,648 | ---- | C] () -- C:\WINDOWS\uninst.exe
[2007/07/05 00:03:44 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/04/28 13:41:50 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldnvs.dll
[2007/04/19 10:26:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007/04/19 10:26:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/02/16 22:51:47 | 000,145,494 | ---- | C] () -- C:\Documents and Settings\Vangie\Application Data\Cosmos Prefs
[2007/01/25 19:25:45 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/01/03 15:24:06 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/12 16:04:03 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Vangie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/24 22:08:18 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\385196AA1C.sys
[2006/11/15 17:33:28 | 000,000,076 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/11/15 16:42:54 | 000,049,238 | ---- | C] () -- C:\Documents and Settings\Vangie\Application Data\wklnhst.dat
[2006/11/15 16:10:12 | 000,000,528 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2006/11/15 16:05:46 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006/11/15 16:05:46 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006/11/15 11:23:41 | 000,004,600 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/11/15 10:58:37 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/11/15 10:17:25 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Vangie\Local Settings\Application Data\fusioncache.dat
[2006/10/19 21:05:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/19 20:58:59 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/10/19 20:55:40 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/19 20:53:29 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/10/19 20:50:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/19 20:23:12 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlccutil.dll
[2006/10/19 20:23:12 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlccinsb.dll
[2006/10/19 20:23:12 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlccins.dll
[2006/10/19 20:23:12 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlccjswr.dll
[2006/10/19 20:23:12 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlccinsr.dll
[2006/10/19 20:23:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcccub.dll
[2006/10/19 20:23:12 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcccu.dll
[2006/10/19 20:23:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcccfg.dll
[2006/10/19 20:23:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlccvs.dll
[2006/10/19 20:23:12 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcccur.dll
[2006/10/19 20:22:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/10/19 20:22:06 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 06:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/16 02:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 02:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 02:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 02:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 02:27:59 | 000,348,200 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 02:18:54 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2005/08/16 02:18:54 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2005/08/16 02:18:54 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2005/08/16 02:18:54 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2005/08/16 02:18:54 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2005/08/16 02:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 02:18:33 | 000,533,554 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 02:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 02:18:33 | 000,099,520 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 02:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 02:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 02:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 02:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 02:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 02:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 02:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 02:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 12:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 12:00:16 | 000,000,611 | ---- | C] () -- C:\WINDOWS\System32\dlccplc.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:810FAD5F
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >


Last edited by Dragoness on 14th January 2012, 5:37 pm; edited 1 time in total (Reason for editing : forgot otl file report)

descriptionNot sure whats wrong but I can not do a search in yahoo or google or any search  EmptyRe: Not sure whats wrong but I can not do a search in yahoo or google or any search

more_horiz
Hi.Welcome to the forum





Please download Malwarebytes' Anti-Malware from one of these places:

Majorgeeks or Besttechie


Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.Do so.
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire report in your next reply.



===============================================



Download Combofix from Bleepingcomputer or Geekstogo and place it on your Desktop

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Combofix may be slow to start and appear to be doing nothing before it starts scanning.Just leave it,it will start.

You can get help on disabling your protection programs here : http://www.bleepingcomputer.com/forums/topic114351.html

Please include the C:\ComboFix.txt in your next reply for further review.


Caution.....
Never use this program to remove files.Only use it with help from an experienced user.Wrongful use can damage your computer.This tool is not a toy and not for everyday use. ComboFix SHOULD NOT be used unless requested by a qualified helper







descriptionNot sure whats wrong but I can not do a search in yahoo or google or any search  EmptyRe: Not sure whats wrong but I can not do a search in yahoo or google or any search

more_horiz
ComboFix 12-01-13.05 - Vangie 01/14/2012 16:39:46.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.1791 [GMT -7:00]
Running from: c:\documents and settings\Vangie\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\Tarma Installer
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Vangie\Application Data\PriceGong
c:\documents and settings\Vangie\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Vangie\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Vangie\Desktop\Setup.exe
c:\documents and settings\Vangie\GoToAssistDownloadHelper.exe
c:\documents and settings\Vangie\Local Settings\Application Data\._Revolution_
c:\documents and settings\Vangie\WINDOWS
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-15 to 2012-01-15 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 22:24 . 2009-12-30 20:46 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-21 23:08 . 2011-06-19 17:35 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2011-07-22 23:53 787744 ----a-w- c:\program files\Yontoo Layers Runtime\YontooIEClient_2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tweak UI"="TWEAKUI.CPL" [2000-06-18 106544]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Zboard"="c:\program files\Ideazon\ZEngine\Zboard.exe" [2009-06-05 57344]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-25 460872]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-06-10 249856]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
.
c:\documents and settings\Vangie\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-4-1 0]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlccmon.exe]
2005-10-21 07:40 430080 ----a-w- c:\program files\Dell Photo AIO Printer 924\dlccmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2006-05-03 11:12 98304 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-09-29 19:01 67584 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2006-07-06 12:15 151552 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2006-07-07 23:15 600896 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 15:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 15:44 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2006-07-07 23:14 576320 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 19:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 23:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 23:24 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 15:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2006-07-24 22:20 282624 ----a-w- c:\windows\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tweak UI]
2000-06-18 22:03 106544 ----a-w- c:\windows\system32\TWEAKUI.CPL
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Ideazon\\ZEngine\\Zboard.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\dldncoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldnpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldntime.exe"=
"c:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\Vangie\\Local Settings\\Apps\\2.0\\Q8HXQDY5.JVQ\\MQOXQM36.PWK\\coho..tion_4fdd38d166a17713_0001.0001_2ea3ae6aea32b9ef\\CoHOLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\carnath1\\synergy\\hl2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\gPotato.com\\Allods Online\\bin\\Launcher.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldnjswx.exe"=
"c:\\Documents and Settings\\Vangie\\Local Settings\\Apps\\2.0\\Q8HXQDY5.JVQ\\MQOXQM36.PWK\\curs..tion_eee711038731a406_0004.0000_2ad57791d5c42008\\CurseClient.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"57803:TCP"= 57803:TCP:Pando Media Booster
"57803:UDP"= 57803:UDP:Pando Media Booster
"56894:TCP"= 56894:TCP:Pando Media Booster
"56894:UDP"= 56894:UDP:Pando Media Booster
"58696:TCP"= 58696:TCP:Pando Media Booster
"58696:UDP"= 58696:UDP:Pando Media Booster
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/25/2011 8:18 PM 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12/27/2009 3:15 PM 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/27/2009 3:15 PM 19544]
R2 dldn_device;dldn_device;c:\windows\system32\dldncoms.exe -service --> c:\windows\system32\dldncoms.exe -service [?]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/30/2009 1:46 PM 652872]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/30/2009 1:46 PM 20464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2/12/2011 1:33 AM 91496]
R3 Pcouffin;Low level access layer for CD devices;c:\windows\system32\drivers\Pcouffin.sys [12/29/2006 5:34 PM 47360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/1/2010 5:45 PM 135664]
S3 Alpham;Ideazon Merc Composite Keyboard Driver;c:\windows\system32\drivers\Alpham.sys [12/4/2005 12:55 PM 34944]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/1/2010 5:45 PM 135664]
S3 wmamp3DriverV32;wmamp3DriverV32;c:\windows\system32\drivers\wmamp3DriverV32.sys [10/15/2011 3:49 PM 23608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [10/15/2011 4:02 PM 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [10/15/2011 4:02 PM 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [10/15/2011 4:03 PM 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [10/15/2011 4:03 PM 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [10/15/2011 4:03 PM 25704]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/15/2006 2:46 PM 642560]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm486PBUS&fl=0&ptb=iQG2DsRA8hhH9h.jWBdlbQ&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=sb&searchfor={searchTerms}&gcht=sy
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{7A3F0D92-0D36-45F8-9AD8-B83F444A49BD}: DhcpNameServer = 75.75.76.76 75.75.75.75
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll
Toolbar-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-TaskTray - (no file)
MSConfigStartUp-dvd43 - c:\program files\dvd43\dvd43_tray.exe
MSConfigStartUp-Yahoo! Pager - c:\program files\Yahoo!\Messenger\YahooMessenger.exe
AddRemove-NVIDIA nView Desktop Manager - c:\program files\NVIDIA Corporation\nView\nViewSetup.exe
AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\docume~1\ALLUSE~1\APPLIC~1\TARMAI~1\{889DF~1\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-14 17:00
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7a,f7,25,ea,ad,9e,0c,4d,91,63,c7,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7a,f7,25,ea,ad,9e,0c,4d,91,63,c7,\
.
[HKEY_USERS\S-1-5-21-1051316268-97930376-468757803-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1051316268-97930376-468757803-1005\Software\SecuROM\License information*]
"datasecu"=hex:a2,3d,27,13,b6,93,b7,67,36,4f,2c,62,a7,9c,18,48,0c,9b,7e,dc,25,
bc,9f,55,fc,c7,d6,b3,df,31,d2,0f,3d,e7,45,2a,9c,49,b5,76,78,fb,b1,20,e2,58,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
Completion time: 2012-01-14 17:07:33
ComboFix-quarantined-files.txt 2012-01-15 00:07
ComboFix2.txt 2010-01-31 05:20
.
Pre-Run: 31,930,949,632 bytes free
Post-Run: 33,940,586,496 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 4FC67066CD5025B4F4542DA3504B8238

descriptionNot sure whats wrong but I can not do a search in yahoo or google or any search  EmptyRe: Not sure whats wrong but I can not do a search in yahoo or google or any search

more_horiz
And the MBAM log please.

descriptionNot sure whats wrong but I can not do a search in yahoo or google or any search  EmptyRe: Not sure whats wrong but I can not do a search in yahoo or google or any search

more_horiz
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.14.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Vangie :: PAIN [administrator]

1/14/2012 10:36:46 PM
mbam-log-2012-01-14 (22-36-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 230827
Time elapsed: 6 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

like I said my malware does not find anything.

descriptionNot sure whats wrong but I can not do a search in yahoo or google or any search  EmptyRe: Not sure whats wrong but I can not do a search in yahoo or google or any search

more_horiz
Ok.All done.I see no more malware.Log looks good! All that was detected is now either in quarantine or system restore, both of which we'll be cleaning out in just a minute. Congratulations, well done.


Go to :
Start > Run then copy and paste the following highlighted (blue) text below into the box and click OK.


ComboFix /uninstall






Over the course of the fix you've used a variety of special tools to help with the cleaning process - none of these are of any use to you now that you're clean, and it's best not to have them hanging around on your computer. OTC is a small program that removes all the leftover tools and logs from cleanup of malware.


Please download OTC to your desktop.


Double-click OTC to run it. (Vista users, please right click on OTC and select "Run as an Administrator")

Click on the CleanUp! button and follow the prompts.

You will be asked to reboot the machine to finish the Cleanup process, choose Yes.

After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.


Here are some tips to reduce the potential for malware infection in the future; I strongly suggest that you read them and take them to heart so that you don't have to endure the process of cleaning your computer again.

Afterwork

Malware Prevention

How Did I Get Infected

More Tips on Prevention

=============================


descriptionNot sure whats wrong but I can not do a search in yahoo or google or any search  EmptyRe: Not sure whats wrong but I can not do a search in yahoo or google or any search

more_horiz
ok I have done things such as cleaning and I still cannot do any Google searches or use any search engine of any kind and my pc is so very slow and it wasn’t like this just a week ago, so there is still something very wrong =(

I don’t know if there is some confusion going on and maybe you think I am someone else but the below statement makes no sense because you never saw any malware to begin with and anything that is in quarantine was put there by me before I even posted my problem. I only ran scans for you I did no repairing of anything since I made my first post.

Ok.All done.I see no more malware.Log looks good! All that was detected is now either in quarantine or system restore, both of which we'll be cleaning out in just a minute. Congratulations, well done.

descriptionNot sure whats wrong but I can not do a search in yahoo or google or any search  EmptyRe: Not sure whats wrong but I can not do a search in yahoo or google or any search

more_horiz
The Combofix has removed malware.It looks as if you will now need to open another thread to fix your problem as it is not malware related.

descriptionNot sure whats wrong but I can not do a search in yahoo or google or any search  EmptyRe: Not sure whats wrong but I can not do a search in yahoo or google or any search

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum