Help With ComboFix Log - for internet problem - incorrect website come

Attached is the log produced after I ran ComboFix. The problem I have is that when I search on google and then click on the link, I am taken to a completely different website, and not the one related to the link.

ComboFix 11-10-09.01 - Administrator 10/10/2011 17:57:27.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.645 [GMT 11:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Application Data\PriceGong
c:\documents and settings\Administrator\Application Data\PriceGong\Data\1.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\5938.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\a.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\b.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\c.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\d.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\e.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\f.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\g.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\h.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\i.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\j.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\k.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\l.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\m.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Administrator\Application Data\PriceGong\Data\n.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\o.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\p.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\q.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\r.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\s.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\t.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\u.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\v.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\w.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\wlu.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\x.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\y.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\z.txt
c:\documents and settings\Administrator\Favorites\Games.url
c:\documents and settings\Tahnee\Application Data\PriceGong
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\1.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\2229.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\5938.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\a.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\b.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\c.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\d.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\e.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\f.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\g.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\h.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\i.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\j.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\k.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\l.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\m.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\n.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\o.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\p.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\q.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\r.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\s.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\t.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\u.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\v.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\w.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\wlu.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\x.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\y.txt
c:\documents and settings\Tahnee\Application Data\PriceGong\Data\z.txt
.
.
((((((((((((((((((((((((( Files Created from 2011-09-10 to 2011-10-10 )))))))))))))))))))))))))))))))
.
.
2011-10-10 03:42 . 2011-10-10 03:42 -------- d-----w- c:\documents and settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-10-10 03:06 . 2011-10-10 03:06 -------- d-----w- c:\windows\system32\wbem\Repository
2011-10-10 02:57 . 2011-10-10 02:57 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\PackageAware
2011-10-10 02:35 . 2011-10-10 03:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\Systweak
2011-10-10 02:35 . 2011-09-30 04:37 17280 ----a-w- c:\windows\system32\roboot.exe
2011-10-08 12:10 . 2011-10-08 12:10 101376 --sha-r- c:\windows\system32\normnfck.dll
2011-10-03 07:59 . 2011-10-03 07:59 -------- d-----w- C:\etax2008
2011-10-03 05:56 . 2011-10-03 05:56 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\etax2011
2011-10-03 05:55 . 2011-10-03 06:15 -------- d-----w- c:\program files\etax2011
2011-10-03 01:05 . 2011-10-03 01:05 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Help
2011-10-03 00:37 . 2011-10-03 00:37 -------- d-----w- c:\documents and settings\All Users\Application Data\regid.1986-12.com.adobe
2011-10-03 00:35 . 2011-10-03 00:35 -------- d-----w- c:\documents and settings\All Users\Application Data\ALM
2011-10-03 00:11 . 2011-10-03 00:26 -------- d-----w- c:\documents and settings\Administrator\Adobe Illustrator CS5.1
2011-10-03 00:10 . 2011-10-03 00:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
2011-10-03 00:09 . 2011-10-03 00:09 -------- d-----w- c:\program files\Adobe Download Assistant
2011-10-02 02:48 . 2011-10-02 02:48 1786 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-09-28 05:22 . 2011-09-28 05:22 -------- d-----w- c:\windows\Sun
2011-09-28 05:15 . 2011-09-28 05:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-09-19 01:37 . 2009-08-06 09:23 215920 ----a-w- c:\windows\system32\muweb.dll
2011-09-19 01:37 . 2009-08-06 09:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-09-19 01:23 . 2011-09-19 01:26 -------- d-----w- c:\windows\LastGood(3)
2011-09-19 01:07 . 2011-09-19 01:28 -------- d-----w- c:\windows\LastGood(2)
2011-09-19 01:02 . 2011-09-19 01:29 -------- d-s---w- c:\documents and settings\Kevin
2011-09-18 08:59 . 2011-09-18 08:59 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Conduit
2011-09-18 08:59 . 2011-09-19 01:29 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\BitTorrentBar
2011-09-18 08:56 . 2011-09-18 08:56 -------- d-----w- c:\documents and settings\Administrator\Application Data\Apple Computer
2011-09-18 05:10 . 2011-09-18 05:13 -------- d-----w- c:\documents and settings\All Users\Application Data\WindSolutions
2011-09-18 04:53 . 2011-09-18 04:53 -------- d-----w- c:\program files\MSBuild
2011-09-18 04:52 . 2011-09-19 01:29 -------- d-----w- c:\windows\system32\XPSViewer
2011-09-18 04:52 . 2011-09-18 04:52 -------- d-----w- c:\program files\Reference Assemblies
2011-09-18 04:32 . 2011-09-18 04:32 -------- d-----w- C:\extensions
2011-09-18 04:32 . 2011-09-19 01:30 -------- d-----w- c:\program files\ConduitEngine
2011-09-18 04:32 . 2011-09-18 04:32 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-09-18 04:32 . 2011-09-19 01:30 -------- d-----w- c:\program files\BitTorrentBar
2011-09-18 04:31 . 2011-09-19 01:30 -------- d-----w- c:\program files\iPod
2011-09-18 04:31 . 2011-09-19 01:30 -------- d-----w- c:\program files\iTunes
2011-09-18 04:31 . 2011-09-18 04:32 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-09-18 04:30 . 2011-09-19 01:30 -------- d-----w- c:\program files\QuickTime
2011-09-18 04:30 . 2011-09-19 01:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2011-09-18 04:30 . 2011-09-19 01:30 -------- d-----w- c:\program files\Apple Software Update
2011-09-18 04:28 . 2011-09-19 01:31 -------- d-----w- c:\program files\Bonjour
2011-09-18 04:28 . 2011-09-18 04:31 -------- d-----w- c:\program files\Common Files\Apple
2011-09-18 04:21 . 2011-09-19 01:30 -------- d-s---w- c:\documents and settings\Tahnee
2011-09-14 00:12 . 2008-04-14 08:00 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-09-11 13:13 . 2008-04-14 08:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-09-11 03:49 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-09-11 03:36 . 2010-12-09 13:42 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-09-11 03:36 . 2010-12-09 13:38 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-09-11 03:36 . 2010-12-09 13:07 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-09-11 03:36 . 2010-12-09 13:07 2069376 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-09-11 03:35 . 2011-02-17 12:32 5120 ----a-w- c:\windows\system32\xpsp4res.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2008-04-14 08:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45 . 2011-09-06 00:56 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-09-06 00:56 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-09-06 00:58 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-09-06 20:38 . 2011-09-06 00:56 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-09-06 00:58 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:37 . 2011-09-06 00:56 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-09-06 20:36 . 2011-09-06 00:56 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-09-06 00:56 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-09-06 00:56 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2011-09-06 00:56 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2011-09-06 00:58 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2011-09-06 00:56 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-06 07:38 . 2011-09-06 07:38 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 00:55 . 2011-09-06 00:55 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-06 00:55 . 2011-09-06 00:55 410984 ----a-w- c:\windows\system32\deploytk.dll
2011-07-15 13:29 . 2008-04-14 08:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-07-12 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-11 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2011-09-06 148888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RTHDCPL"="RTHDCPL.EXE" [2011-01-03 20025960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-10-05 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-10-05 114688]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-10-05 94208]
"Lexmark X6100 Series"="c:\program files\Lexmark X6100 Series\lxbfbmgr.exe" [2003-09-23 57344]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-11 1523360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [9/6/2011 11:56 AM 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [9/6/2011 11:56 AM 195416]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [9/6/2011 11:58 AM 111320]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9/6/2011 11:56 AM 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/6/2011 11:58 AM 320856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/6/2011 11:58 AM 20568]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [9/6/2011 11:56 AM 127192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9/6/2011 12:14 PM 1691480]
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-03 c:\windows\Tasks\AdobeAAMUpdater-1.0-KEVIN-280E1A68F-Administrator.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-10-03 06:42]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.au/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\documents and settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-10 18:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\## aswSnx private storage
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
Completion time: 2011-10-10 18:12:21
ComboFix-quarantined-files.txt 2011-10-10 07:12
.
Pre-Run: 12,354,473,984 bytes free
Post-Run: 12,791,992,320 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 088DB815FB689407B14368C483636945

Attached Files

ComboFix.txt 16.55KB 144 downloads

Help With ComboFix Log - for internet problem - incorrect website come

#1
KPIPRA

Posted 10 October 2011 - 01:48 AM

Attached Files

Advertisements

#2
blmadara

Posted 17 October 2011 - 12:16 PM

#3
Essexboy

Posted 24 October 2011 - 10:53 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Help With ComboFix Log - for internet problem - incorrect website come

#1 KPIPRA Posted 10 October 2011 - 01:48 AM

Attached Files

Advertisements

#2 blmadara Posted 17 October 2011 - 12:16 PM

#3 Essexboy Posted 24 October 2011 - 10:53 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
KPIPRA

Posted 10 October 2011 - 01:48 AM

#2
blmadara

Posted 17 October 2011 - 12:16 PM

#3
Essexboy

Posted 24 October 2011 - 10:53 AM