Cannot submit search queries (adware related)

[MoNi]

Hi everyone! =)
im on my computer at the moment but i have my dad's here, and im trying to figure out whats wrong with it.The problem sounds very familiar to another thread on here but for some reason it won't let me post a website in this post lol

i can connect to the net but i cannot search any web pages or connect to msn, etc. Explorer comes up with page not found. i have used ad aware and spybot to remove spyware and such.

I noticed a couple of times that when I would try to go to a web page, down the bottom it has sometimes added on an extra com or net etc to the web address. Someone mentioned it may be the windows firewall doing this but it isnt enabled.

i downloaded hijackthis and here is the log file. i fixed a few things on there so some arent there anymore but i thought id ask here before doing anything too rash as i don't want 2 stuff anything up! lol

so, does anyone have any suggestions to what i should do?? any help will be greatly appreciated! :grinthumb

 

[RealBlackStuff]

Install your HJT program in a permanent directory, e.g. \program files\hjt

Boot in Safe Mode.
Uninstall (if you can) anything to do with:
C:\Program Files\RegFreeze\rfsearchhandler.dll

Now run HJT and let it 'fix':
Look at the spelling of the program names, when you tick them!

C:\WINDOWS\System32\winlogin.exe
C:\WINDOWS\System32\spoolvse.exe
C:\WINDOWS\System32\svhost.exe
C:\WINDOWS\System32\svhost.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pop3:110
F2 - REG:system.ini: Shell=
O2 - BHO: (no name) - {BB4DB883-2C25-401C-B4CE-D4286153C409} - C:\WINDOWS\System32\afpebg.dll
O4 - HKLM\..\Run: [NConfiguration] winlogin.exe
O4 - HKLM\..\Run: [start extracting] spoolvse.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvkpz32.exe
O4 - HKLM\..\Run: [MSM] svhost.exe
O4 - HKLM\..\RunServices: [blah service] svchosts.exe
O4 - HKLM\..\RunServices: [start extracting] spoolvse.exe
O4 - HKLM\..\RunServices: [MSM] svhost.exe
O4 - HKLM\..\RunServices: [Mcafee Auto Protect] mcafeshield.exe
O4 - HKLM\..\RunServices: [NConfiguration] winlogin.exe
O4 - HKCU\..\Run: [start extracting] spoolvse.exe
O4 - HKCU\..\Run: [MSM] svhost.exe
O4 - HKCU\..\Run: [Mcafee Auto Protect] mcafeshield.exe
O4 - HKCU\..\RunServices: [start extracting] spoolvse.exe
O9 - Extra button: Search and Remove Spyware - {CDB280E8-BE43-4128-8A5A-3FCD094E2D88} - C:\Program Files\RegFreeze\rfsearchhandler.dll
O9 - Extra 'Tools' menuitem: Search and Remove Spyware - {CDB280E8-BE43-4128-8A5A-3FCD094E2D88} - C:\Program Files\RegFreeze\rfsearchhandler.dll
O18 - Filter: text/html - {B514E9EA-448B-4897-95A1-042498E4DE18} - C:\WINDOWS\System32\afpebg.dll
O18 - Filter: text/plain - {B514E9EA-448B-4897-95A1-042498E4DE18} - C:\WINDOWS\System32\afpebg.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - C:\WINDOWS\System32\vbsys2.dll

When done, delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.

 

[MoNi]

I tried this and internet explorer still isn't working, im running out of things to try. Maybe i should just reformat the computer & start fresh. I have no idea what the hell my dad has done to this poor computer!

 

[RealBlackStuff]

Show us the new HJT-log.
What did you delete in your first attempt, before you came here?

 

[MoNi]

just some reg but it keeps coming bak... something to do with about:blank in ie.

i have my friend coming around 2morrow to have a look at it, he has a lot more knowledge than me in this area of computers. if we still can't figure out what's wrong i'll post back here...

thanks for your help so far though! =)