Search in Google, click a result and it doesnt take me to the page I wanted

Sorry I took so long to get back...I've been busy with finals. I really appreciate the time your taking to help me : )

ComboFix 10-12-16.05 - Bryson Price 12/17/2010 9:55.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1982.996 [GMT -6:00]
Running from: c:\users\Bryson Price\Desktop\ComboFix.exe
Command switches used :: c:\users\Bryson Price\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2010-11-17 to 2010-12-17 )))))))))))))))))))))))))))))))
.

2010-12-17 16:02 . 2010-12-17 16:04 -------- d-----w- c:\users\Bryson Price\AppData\Local\temp
2010-12-17 16:02 . 2010-12-17 16:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-13 18:35 . 2010-12-13 18:41 -------- d-----w- c:\users\Bryson Price\ch extra
2010-12-13 18:35 . 2010-12-13 18:35 -------- d-----w- c:\users\Bryson Price\ch. 14
2010-12-13 18:33 . 2010-12-13 18:43 -------- d-----w- c:\users\Bryson Price\ch 11
2010-12-13 18:30 . 2010-12-13 18:30 -------- d-----w- c:\users\Bryson Price\ch 10
2010-12-10 21:30 . 2010-12-10 21:30 477184 --sh--w- c:\windows\system32\rassvc10.dll
2010-12-10 21:30 . 2010-12-10 21:30 62464 --sh--w- c:\windows\system32\catapi.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-06 00:02 . 2010-11-06 00:02 33019 ----a-w- c:\windows\system32\CoreAAC-uninstall.exe
2010-10-09 21:22 . 2008-06-30 06:14 164880 ---ha-w- c:\users\Bryson Price\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Bryson Price\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-06-15 136176]
"Nokia Internet Modem"="c:\program files\Nokia\Nokia Internet Modem\WellPhone2.exe" [2009-07-29 1962648]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-12-18 307200]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"iTunesHelper"="c:\itunes\iTunesHelper.exe" [2009-07-13 292128]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-04 198160]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"PLFSet"="c:\windows\PLFSet.dll" [2007-04-24 45056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128]

c:\users\Bryson Price\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Clean Access Agent.lnk - c:\program files\Cisco Systems\Clean Access Agent\CCAAgent.exe [2007-9-6 2056275]
Suitcase 11.0.lnk - c:\windows\Installer\{7451C9B5-3E10-4E59-AD37-AB7438D84288}\_01D57C9244869186542E24.exe [2010-10-9 9062]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=catapi.dll rassvc10.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi4"=KORGUMDD.DRV

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2007-03-12 18:54 50696 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-02-17 06:11 49152 ----a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]
2007-03-20 22:23 1773568 ----a-w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-02-28 18:26 7770112 ----a-w- c:\windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-02-28 18:26 81920 ----a-w- c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-02-28 18:26 90191 ----a-w- c:\windows\System32\nvsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-03-29 00:45 176128 ----a-w- c:\program files\Hp\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-01-13 03:36 827392 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2006-11-02 12:34 2159104 ----a-w- c:\windows\System32\oobefldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3107727049-4258720162-1291377375-1000]
"EnableNotificationsRef"=dword:00000002

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-28 133104]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\Drivers\KORGUMDS.SYS [2008-10-29 21720]
R3 nokiacpo;Nokia Internet Stick Wireless Modem Service Install;c:\windows\system32\DRIVERS\nokiacpo.sys [2009-06-22 19968]
R3 nokiappo;Nokia Internet Stick Wireless Modem Power Policy Service;c:\windows\system32\DRIVERS\nokiappo.sys [2009-06-22 27648]
R3 UKS11LDR;M-Audio USB Keystation Loader;c:\windows\system32\drivers\uks11ldr.sys [2007-11-14 20168]
S3 CLEDX;Team H2O CLEDX service;c:\windows\system32\DRIVERS\cledx.sys [2005-05-10 33792]

.
Contents of the 'Scheduled Tasks' folder

2010-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-28 23:51]

2010-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-28 23:51]

2010-12-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3107727049-4258720162-1291377375-1000Core.job
- c:\users\Bryson Price\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-01 20:46]

2010-12-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3107727049-4258720162-1291377375-1000UA.job
- c:\users\Bryson Price\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-01 20:46]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1572363
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Bryson Price\AppData\Roaming\Mozilla\Firefox\Profiles\klrwl6uh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1572363&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ooVoo Chat Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - d:\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - d:\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Google Gears: {000a9d1c-beef-4f90-9363-039d445309b8} - c:\program files\Google\Google Gears\Firefox
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-17 10:07
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3107727049-4258720162-1291377375-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÿ**‘%\OpenWithList]
@Class="Shell"

[HKEY_USERS\S-1-5-21-3107727049-4258720162-1291377375-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*V%µ**%]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-3107727049-4258720162-1291377375-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*V%µ**%\OpenWithList]
@Class="Shell"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1308)
c:\program files\Common Files\SmartCom\DragnDropCopyHook.dll
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Extensis\Extensis Suitcase 11\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehmsas.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
c:\program files\Extensis\Extensis Suitcase 11\Suitcase.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLSched.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\WerCon.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\conime.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC.exe
c:\windows\system32\lpremove.exe
c:\windows\system32\lpksetup.exe
.
**************************************************************************
.
Completion time: 2010-12-17 10:19:42 - machine was rebooted
ComboFix-quarantined-files.txt 2010-12-17 16:19
ComboFix2.txt 2010-12-13 18:22

Pre-Run: 22,467,051,520 bytes free
Post-Run: 21,709,959,168 bytes free

- - End Of File - - 5DE81C17709325DAB19BE1E0F6F62F8C

MBAM report::::


Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5343

Windows 6.0.6000
Internet Explorer 7.0.6000.16386

12/17/2010 10:38:17 AM
mbam-log-2010-12-17 (10-38-17).txt

Scan type: Quick scan
Objects scanned: 150226
Time elapsed: 3 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\WINDOWS\System32\catapi.dll (Trojan.P2P.Agent) -> Delete on reboot.
c:\WINDOWS\System32\rassvc10.dll (Trojan.P2P.Agent) -> Delete on reboot.

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.P2P.Agent) -> Bad: (catapi.dll) Good: () -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.P2P.Agent) -> Bad: (rassvc10.dll) Good: () -> Delete on reboot.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\System32\catapi.dll (Trojan.P2P.Agent) -> Delete on reboot.
c:\WINDOWS\System32\rassvc10.dll (Trojan.P2P.Agent) -> Delete on reboot.

Please give me an update on how the system is running. Before we move on.

The symptoms are not happening anymore, but in an earlier post, it said that just because the symptoms aren't there, doesn't mean the virus is gone. But everything is running fine and there are no more pop ups or weird stuff happening when I search in google.

again, thanks for your help!

The symptoms are not happening anymore, but in an earlier post, it said that just because the symptoms aren't there, doesn't mean the virus is gone.

We are not done yet....Please run this online scan to help look for remnants.

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here.

• Please go here then click on:
  
• Select the option YES, I accept the Terms of Use then click on:
  
• When prompted allow the Add-On/Active X to install.
  
• Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  
• Now click on Advanced Settings and select the following:
  

• Scan for potentially unwanted applications
  
• Scan for potentially unsafe applications
  
• Enable Anti-Stealth Technology
  


• Now click on:
  
• The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  
• When completed the Online Scan will begin automatically.
  
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  
• When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  
• Now click on:
  
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  
• Copy and paste that log as a reply to this topic.
  

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
: