Cant run search engines of any kind

I went to the internet part of your page and they had me check my dns and it appears fine so they sent me to you. I cannot get any search engine to work my internet works great but if I try to use any search engine like Google, yahoo, or bing I get this message "Internet Explorer cannot display the webpage" and when I use the diagnose the connection problem it shows no problem at all, and the page its self just won’t load. I can get it to work if I use http://74.125.157.99/ but I can’t log into to Google to change search settings or search images or anything. It doesn’t matter where I follow the link from, no search engine works. what follows is all the logs asked for.

OTL logfile created on: 5/7/2012 4:57:53 PM - Run 2
OTL by OldTimer - Version 3.2.42.1 Folder = C:\Documents and Settings\Vangie\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 78.53% Memory free
3.82 Gb Paging File | 3.20 Gb Available in Paging File | 83.90% Paging File free
Paging file location(s): C:\pagefile.sys 1000 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.99 Gb Total Space | 13.58 Gb Free Space | 9.43% Space Free | Partition Type: NTFS

Computer Name: PAIN | User Name: Vangie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/07 16:54:28 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vangie\Desktop\OTL.com
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/11/28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/08 21:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 07:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2009/06/04 18:56:20 | 000,057,344 | ---- | M] (Ideazon, Inc.) -- C:\Program Files\Ideazon\ZEngine\Zboard.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/04 22:42:40 | 000,595,184 | ---- | M] ( ) -- C:\WINDOWS\system32\dldncoms.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/12 01:38:23 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll
MOD - [2012/04/12 01:38:02 | 001,591,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll
MOD - [2012/04/12 01:34:18 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/04/12 01:34:09 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012/04/12 01:34:09 | 000,113,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2012/02/15 09:37:57 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.ni.dll
MOD - [2012/02/15 09:37:57 | 000,280,064 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.Wrapper.dll
MOD - [2012/02/15 09:37:55 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll
MOD - [2012/02/15 09:37:49 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012/02/15 09:01:10 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012/02/15 09:00:13 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
MOD - [2012/02/15 08:58:09 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012/01/23 16:31:12 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/11/03 09:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/13 09:22:47 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2009/06/04 18:55:46 | 000,018,432 | ---- | M] () -- C:\Program Files\Ideazon\ZEngine\AxInterop.WBOCXLib.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/03/24 22:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2008/01/22 11:48:56 | 000,115,200 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldndrpp.dll
MOD - [2008/01/22 02:05:56 | 000,077,906 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldncfg.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem) Google Update Service (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate) Google Update Service (gupdate)
SRV - [2012/05/05 11:36:26 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/03/04 22:42:40 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\dldncoms.exe -- (dldn_device)
SRV - [2005/10/27 22:41:52 | 000,491,520 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\system32\dlcccoms.exe -- (dlcc_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- -- (InCDPass)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (FreshIO)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Vangie\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/03 23:36:15 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/02/03 23:36:15 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/10/07 07:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/05 01:42:44 | 000,023,608 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wmamp3DriverV32.sys -- (wmamp3DriverV32)
DRV - [2011/10/04 07:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 07:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/09/09 12:10:19 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011/08/08 07:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 02:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 02:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/07/11 02:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/09/19 10:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010/09/19 10:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010/09/19 10:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010/09/19 10:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010/09/19 10:01:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2010/06/21 16:07:39 | 000,091,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2009/11/04 17:54:12 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/11/04 17:54:12 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/11/04 17:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/04 17:54:12 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/11/04 17:53:40 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/07/23 10:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007/03/20 12:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2006/11/15 16:06:56 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/11/15 15:49:49 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dtscsi.sys -- (dtscsi)
DRV - [2006/11/15 15:46:36 | 000,642,560 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2006/10/19 21:51:23 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/07/24 16:20:00 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/06/05 02:39:56 | 000,024,064 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006/01/10 11:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/12/04 13:55:40 | 000,034,944 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Alpham.sys -- (Alpham)
DRV - [2004/06/09 08:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
DRV - [2004/04/14 23:13:00 | 000,339,488 | R--- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB20XP.sys -- (PRISM_A02)
DRV - [2003/11/17 20:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 20:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 20:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0061019
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0061019
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm486PBUS&fl=0&ptb=iQG2DsRA8hhH9h.jWBdlbQ&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=sb&searchfor={searchTerms}&gcht=sy
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 94 6C 73 12 40 29 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {BB393236-47EA-49E7-A314-633C63BD7B24}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{BB393236-47EA-49E7-A314-633C63BD7B24}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7ADRA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox\ [2012/02/29 18:28:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/02/29 18:28:35 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/01/14 17:59:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Tweak UI] C:\WINDOWS\System32\TWEAKUI.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FC0B975-D563-4B08-8B35-66804778B163}: DhcpNameServer = 68.87.85.102 68.87.69.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A3F0D92-0D36-45F8-9AD8-B83F444A49BD}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\SEARCH~1\datamngr.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\SEARCH~1\IEBHO.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Vangie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Vangie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 03:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/12/16 16:46:54 | 000,049,244 | ---- | M] () - C:\autoruns.chm -- [ NTFS ]
O32 - AutoRun File - [2009/04/02 16:47:50 | 000,648,064 | ---- | M] (Sysinternals - www.sysinternals.com) - C:\autoruns.exe -- [ NTFS ]
O32 - AutoRun File - [2009/04/02 16:47:48 | 000,540,560 | ---- | M] (Sysinternals - www.sysinternals.com) - C:\autorunsc.exe -- [ NTFS ]
O33 - MountPoints2\{69761b70-4424-11dd-92be-001676b715a7}\Shell - "" = AutoRun
O33 - MountPoints2\{69761b70-4424-11dd-92be-001676b715a7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{69761b70-4424-11dd-92be-001676b715a7}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{6bca5e37-e48c-11e0-9978-001676b715a7}\Shell - "" = AutoRun
O33 - MountPoints2\{6bca5e37-e48c-11e0-9978-001676b715a7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6bca5e37-e48c-11e0-9978-001676b715a7}\Shell\AutoRun\command - "" = K:\TLBootstrap_WPP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/07 16:56:56 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Vangie\Desktop\aswMBR.exe
[2012/05/07 16:54:28 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Vangie\Desktop\OTL.com
[2012/05/03 08:52:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Vangie\Recent
[2012/05/03 08:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/05/03 08:12:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vangie\Desktop\Mics
[2012/04/21 10:47:33 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/20 01:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft Beta
[2012/04/20 01:03:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft Beta
[2012/04/20 00:58:44 | 031,727,744 | ---- | C] (Blizzard Entertainment) -- C:\Documents and Settings\Vangie\Desktop\World of Warcraft Beta Setup.exe
[2012/04/13 18:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vangie\Application Data\AVG
[2012/04/13 18:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/04/13 17:45:27 | 000,000,000 | ---D | C] -- C:\Rbackup
[2012/04/07 17:19:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Battle.net
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/07 16:57:21 | 000,879,714 | ---- | M] () -- C:\Documents and Settings\Vangie\Desktop\SecurityCheck.exe
[2012/05/07 16:56:56 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Vangie\Desktop\aswMBR.exe
[2012/05/07 16:54:28 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vangie\Desktop\OTL.com
[2012/05/07 16:36:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/07 14:17:10 | 097,383,047 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/05/07 07:51:06 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/05/07 07:50:39 | 000,052,448 | ---- | M] () -- C:\Documents and Settings\Vangie\Application Data\wklnhst.dat
[2012/05/07 06:44:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/07 06:42:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/07 06:42:30 | 3219,165,184 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/05 11:36:24 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/05/05 11:36:24 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/05/03 18:33:47 | 000,221,105 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/05/03 08:52:17 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/05/03 08:23:32 | 000,004,600 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012/04/27 02:20:17 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/04/20 01:03:53 | 000,000,993 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft Beta.lnk
[2012/04/20 00:58:56 | 031,727,744 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\Vangie\Desktop\World of Warcraft Beta Setup.exe
[2012/04/13 18:55:44 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/13 10:56:50 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/04/12 01:34:27 | 000,599,772 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/12 01:34:27 | 000,119,612 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\WINDOWS\System32\sihimelu
[2012/05/07 16:57:21 | 000,879,714 | ---- | C] () -- C:\Documents and Settings\Vangie\Desktop\SecurityCheck.exe
[2012/04/21 10:47:35 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/20 01:03:19 | 000,000,993 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft Beta.lnk
[2012/02/15 01:17:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/14 17:33:05 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/14 17:33:05 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/14 17:33:05 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/14 17:33:05 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/14 17:33:05 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/12/05 17:39:52 | 000,012,284 | -HS- | C] () -- C:\Documents and Settings\Vangie\Local Settings\Application Data\2s18yw0b74o842
[2011/12/05 17:39:52 | 000,012,284 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2s18yw0b74o842
[2011/06/13 11:05:02 | 001,248,048 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/12 02:29:08 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/02/12 02:29:06 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/02/12 02:29:06 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/01/23 04:45:16 | 000,397,856 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1051316268-97930376-468757803-1005-0.dat
[2011/01/23 04:45:14 | 000,334,418 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/10/12 18:35:12 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/10/12 18:35:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/07/18 18:36:39 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-07 17:14:59
-----------------------------
17:14:59.155 OS Version: Windows 5.1.2600 Service Pack 3
17:14:59.155 Number of processors: 2 586 0x407
17:14:59.155 ComputerName: PAIN UserName:
17:15:01.296 Initialize success
17:15:18.296 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
17:15:18.296 Disk 0 Vendor: SAMSUNG_ ZM10 Size: 152587MB BusType: 3
17:15:18.328 Disk 0 MBR read successfully
17:15:18.328 Disk 0 MBR scan
17:15:18.328 Disk 0 unknown MBR code
17:15:18.328 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
17:15:18.343 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 147448 MB offset 96390
17:15:18.359 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 5090 MB offset 302070195
17:15:18.359 Disk 0 scanning sectors +312496380
17:15:18.437 Disk 0 scanning C:\WINDOWS\system32\drivers
17:15:28.031 Service scanning
17:15:28.718 Service ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys **LOCKED** 32
17:15:42.859 Modules scanning
17:15:48.125 Disk 0 trace - called modules:
17:15:48.156 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys >>UNKNOWN [0x8a92e411]<<
17:15:48.156 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b3526b0]
17:15:48.156 3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0x8ae46030]
17:15:48.156 Scan finished successfully
17:16:03.203 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Vangie\Desktop\MBR.dat"
17:16:03.203 The log file has been saved successfully to "C:\Documents and Settings\Vangie\Desktop\aswMBR.txt"


Checkup
Results of screen317's Security Check version 0.99.32
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG 2012
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
CCleaner
Java(TM) 6 Update 31
Adobe Flash Player 10.0.42.34 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
``````````End of Log````````````

My pc also seems to be almost full and running slower then normal and I cant figure out why. It seems to have gotten full without adding anything new to it. I do have world of warcraft on this pc but I have had it for 5 + years. I have also had problems redownloading my Curse client to go with my WoW

Please visit this webpage for a tutorial on downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

See the area: Using ComboFix, and when done, post the log back here.

ComboFix 12-05-07.03 - Vangie 05/07/2012 22:02:38.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2261 [GMT -6:00]
Running from: c:\documents and settings\Vangie\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
.
.
((((((((((((((((((((((((( Files Created from 2012-04-08 to 2012-05-08 )))))))))))))))))))))))))))))))
.
.
2012-05-03 14:51 . 2012-05-04 19:35 -------- d-----w- c:\program files\Google
2012-04-21 16:47 . 2012-05-05 17:36 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-20 07:03 . 2012-04-20 18:10 -------- d-----w- c:\program files\World of Warcraft Beta
2012-04-14 00:07 . 2012-04-14 00:30 -------- d-----w- c:\documents and settings\Vangie\Application Data\AVG
2012-04-13 23:45 . 2012-04-13 23:45 -------- d-----w- C:\Rbackup
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 17:36 . 2011-06-19 17:35 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 21:56 . 2009-12-30 20:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-24 21:34 . 2012-01-21 03:38 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-24 21:34 . 2008-11-23 00:22 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-01 11:01 . 2005-08-16 09:18 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2005-08-16 09:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2005-08-16 09:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2005-08-16 09:18 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2005-08-16 09:18 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2005-08-16 09:18 385024 ----a-w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tweak UI"="TWEAKUI.CPL" [2000-06-18 106544]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"Zboard"="c:\program files\Ideazon\ZEngine\Zboard.exe" [2009-06-05 57344]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlccmon.exe]
2005-10-21 07:40 430080 ----a-w- c:\program files\Dell Photo AIO Printer 924\dlccmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2006-05-03 11:12 98304 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-09-29 19:01 67584 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2006-07-06 12:15 151552 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2006-07-07 23:15 600896 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 15:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 15:44 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2006-07-07 23:14 576320 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 19:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 23:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 23:24 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 15:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2006-07-24 22:20 282624 ----a-w- c:\windows\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tweak UI]
2000-06-18 22:03 106544 ----a-w- c:\windows\system32\TWEAKUI.CPL
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Ideazon\\ZEngine\\Zboard.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\dldncoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldnpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldntime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldnjswx.exe"=
"c:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Steam\\steamapps\\carnath1\\synergy\\hl2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\gPotato.com\\Allods Online\\bin\\Launcher.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
"c:\\Program Files\\World of Warcraft\\wow-4.2.1.2730-enUS-tools-downloader.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.524\\Agent.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.868\\Agent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"57803:TCP"= 57803:TCP:Pando Media Booster
"57803:UDP"= 57803:UDP:Pando Media Booster
"56894:TCP"= 56894:TCP:Pando Media Booster
"56894:UDP"= 56894:UDP:Pando Media Booster
"58696:TCP"= 58696:TCP:Pando Media Booster
"58696:UDP"= 58696:UDP:Pando Media Booster
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [7/11/2011 2:14 AM 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/13/2011 7:30 AM 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [10/7/2011 7:23 AM 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7/11/2011 2:14 AM 295248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [8/2/2011 7:09 AM 192776]
R2 dldn_device;dldn_device;c:\windows\system32\dldncoms.exe -service --> c:\windows\system32\dldncoms.exe -service [?]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/30/2009 2:46 PM 654408]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [7/11/2011 2:14 AM 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [7/11/2011 2:14 AM 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/4/2011 7:21 AM 16720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/30/2009 2:46 PM 22344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2/12/2011 2:33 AM 91496]
R3 Pcouffin;Low level access layer for CD devices;c:\windows\system32\drivers\Pcouffin.sys [12/29/2006 6:34 PM 47360]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [10/15/2011 5:02 PM 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [10/15/2011 5:02 PM 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [10/15/2011 5:03 PM 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [10/15/2011 5:03 PM 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [10/15/2011 5:03 PM 25704]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [10/12/2011 7:25 AM 4433248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/21/2012 10:47 AM 257696]
S3 Alpham;Ideazon Merc Composite Keyboard Driver;c:\windows\system32\drivers\Alpham.sys [12/4/2005 1:55 PM 34944]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2/3/2012 11:36 PM 106104]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe /medsvc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 wmamp3DriverV32;wmamp3DriverV32;c:\windows\system32\drivers\wmamp3DriverV32.sys [10/15/2011 4:49 PM 23608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/15/2006 3:46 PM 642560]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 17:36]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm486PBUS&fl=0&ptb=iQG2DsRA8hhH9h.jWBdlbQ&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=sb&searchfor={searchTerms}&gcht=sy
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
MSConfigStartUp-dvd43 - c:\program files\dvd43\dvd43_tray.exe
MSConfigStartUp-Yahoo! Pager - c:\program files\Yahoo!\Messenger\YahooMessenger.exe
AddRemove-PDF Reader - c:\program files\PDFReader\Uninstall\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-07 22:08
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7a,f7,25,ea,ad,9e,0c,4d,91,63,c7,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7a,f7,25,ea,ad,9e,0c,4d,91,63,c7,\
.
[HKEY_USERS\S-1-5-21-1051316268-97930376-468757803-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1051316268-97930376-468757803-1005\Software\SecuROM\License information*]
"datasecu"=hex:a2,3d,27,13,b6,93,b7,67,36,4f,2c,62,a7,9c,18,48,0c,9b,7e,dc,25,
bc,9f,55,fc,c7,d6,b3,df,31,d2,0f,3d,e7,45,2a,9c,49,b5,76,78,fb,b1,20,e2,58,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(172)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2012-05-07 22:10:48
ComboFix-quarantined-files.txt 2012-05-08 04:10
.
Pre-Run: 14,544,506,880 bytes free
Post-Run: 14,611,574,784 bytes free
.
- - End Of File - - 38CB1296B18355A21B45219B02E10D47

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=709c68ea9213894f835cd3cc02c5a4d7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-08 08:57:07
# local_time=2012-05-08 02:57:07 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777215 100 0 0 0 0 0
# compatibility_mode=1024 16777175 100 0 1218381 1218381 0 0
# compatibility_mode=1536 16777215 100 0 0 0 0 0
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=109592
# found=0
# cleaned=0
# scan_time=6190

Few questions...

1. Has this been tested on al browsers? What browser(s) are giving off this issue?

2. What are all the ways you have tried Google Search? (Toolbar, Firefox Search Box, Google.com, Google custom box)...

3. Other than Curse Client/WoW not working right, what other signs of issues are there?

I only use one browser. I have tried to access all major search engines from links, typing in the URL myself, following links from other sites. I have tried every which way I can. As for another browser, I have no desire to have a second one.

As I see in the ESET OScan there, you use Internet Explorer.

Please download the latest version of Kaspersky GetSystemInfo (GSI) from Kaspersky and save it to your Desktop.

Note: please close all other applications running on your system.

Double click GetSystemInfo.exe to open it. It will display an agreement. Click on I Agree to continue.

Click the Settings button.



Set the slider to Maximum.



IMPORTANT! Then, click Customize - choose Driver / Ports tab and uncheck Scan Ports.




On the General tab, make sure all of the boxes are checked.




On the Misc tab, make sure all the checkboxes are checked.

Then, click OK on the windows that you launched.



Click Create Report to run it.


It will begin scanning.

It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop.

It should automatically upload it to http://www.getsysteminfo.com. If it does not, then please submit it manually by going to the site and doing the upload process.

It will redirect to a page, where it will provide a sharing URL for specialists. Copy and paste the url of the GSI Parser report in your next reply.

ok the last direction are very veg do I unzip that folder? How do I get the url you want from the site. The web site opened up by its self but the page did not load it said the page was done loading but the page was blank.

Upload that ZIP file in to GetSystemInfo.com

ok just as I said that page will not load it says the page is done loading but the page is blank thus there is no place to upload that zip file =( I am so ready to cry from frustration. This has been a problem for many months now and nothing seems to fix it.

No biggie. Keep calm! I'm very persistent!

Please re-run aswMBR and post a new log.

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-10 08:20:23
-----------------------------
08:20:23.968 OS Version: Windows 5.1.2600 Service Pack 3
08:20:23.968 Number of processors: 2 586 0x407
08:20:23.984 ComputerName: PAIN UserName:
08:20:25.046 Initialize success
08:20:44.062 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
08:20:44.062 Disk 0 Vendor: SAMSUNG_ ZM10 Size: 152587MB BusType: 3
08:20:44.078 Disk 0 MBR read successfully
08:20:44.078 Disk 0 MBR scan
08:20:44.078 Disk 0 unknown MBR code
08:20:44.078 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
08:20:44.093 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 147448 MB offset 96390
08:20:44.109 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 5090 MB offset 302070195
08:20:44.109 Disk 0 scanning sectors +312496380
08:20:44.187 Disk 0 scanning C:\WINDOWS\system32\drivers
08:20:52.015 Service scanning
08:20:52.671 Service ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys **LOCKED** 32
08:21:06.578 Modules scanning
08:21:12.593 Disk 0 trace - called modules:
08:21:12.609 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys >>UNKNOWN [0x8a1ab2a9]<<
08:21:12.609 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ae436b0]
08:21:12.609 3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0x8ae42030]
08:21:12.609 Scan finished successfully
08:21:30.703 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Vangie\Desktop\MBR.dat"
08:21:30.703 The log file has been saved successfully to "C:\Documents and Settings\Vangie\Desktop\aswMBR.txt"

We need to fix the Master Boot Record using aswMBR now.

• Double click aswMBR.exe to run it like before
  
• Once the scan finishes click FixMBR to remove the infection as illustrated below
  

• Once the scan finishes click Save log to save the log to your Desktop
  
  
  
• Copy and paste the contents of aswMBR.txt back here for review
  

Once you are done with that, please do the following:

Please download TDSSKiller from here and save it to your Desktop.

• Doubleclick TDSSKiller.exe to run the tool
  
• Click the Start Scan button
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory.

aswMBR wont do what you want =( I can scan with it but when I try to run the fix it asks me if I am sure I want to with a big explanation when I click yes it freezes my pc dead in its tracks and I then have to do a hard shut down. I tried 3 times, same thing every time.

Was the Recovery Console installed when you ran ComboFix?

If not, do you have a XP Disc or Recovery Disc?

The Master Boot Record will need to be fixed. Please let me know that info before we continue.

no xp or recovery disk =( and I dont remember which got installed first

When you boot the computer (and if you see the operating systems selection menu), is the Windows Recovery Console listed there, or is it just Windows XP...?