Google redirect virus

[thebizbuilder]

Hi,
I have got some kind of redirector at work that keeps sending me too all sorts of sites, through all sorts of redirection websites.
I have run norton antivirus, AVG and malwarebytes which all picked up many different things and removed them however none of them have removed this from my system.
The logs are below.

.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Run by Owner at 11:53:40 on 2011-06-22
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1534.624 [GMT 1:00]
.
AV: Norton Internet Security Online *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security Online *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS.0\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS.0\System32\svchost.exe -k netsvcs
C:\WINDOWS.0\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS.0\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS.0\system32\svchost.exe -k imgsvc
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\vsnpstd2.exe
C:\WINDOWS.0\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Greenshot\Greenshot.exe
C:\Program Files\PeerBlock\peerblock.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS.0\system32\sistray.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
svchost.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\WINDOWS.0\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uInternet Connection Wizard,ShellNext = ftp://homejob@ftp.homejobinfo.co.uk/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: N/A: {9cb65206-89c4-402c-ba80-02d8c59f9b1d} - c:\program files\asktbar\srchastt\1.bin\A5SRCHAS.DLL
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\18.1.0.37\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\18.1.0.37\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Ask Search Assistant BHO: {9cb65201-89c4-402c-ba80-02d8c59f9b1d} - c:\program files\asktbar\srchastt\1.bin\A5SRCHAS.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Ask Toolbar BHO: {fe063db1-4ec0-403e-8dd8-394c54984b2c} - c:\program files\asktbar\bar\1.bin\ASKTBAR.DLL
TB: Ask Toolbar: {fe063db9-4ec0-403e-8dd8-394c54984b2c} - c:\program files\asktbar\bar\1.bin\ASKTBAR.DLL
TB: NuSphere ToolBar: {0f62d223-9206-4ea3-9ea8-d0f3c7c82aca} - c:\program files\nusphere\phped\NuSphereIEBar.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\18.1.0.37\coIEPlg.dll
uRun: [ctfmon.exe] c:\windows.0\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Google Update] "c:\documents and settings\owner.22ndstre-cffdc6\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [Greenshot] c:\program files\greenshot\Greenshot.exe
uRun: [PeerBlock] c:\program files\peerblock\peerblock.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SNPSTD2] c:\windows.0\vsnpstd2.exe
mRun: [IgfxTray] c:\windows.0\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows.0\system32\hkcmd.exe
mRun: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [QuickTime Task] "c:\program files\k-lite codec pack\quicktime\qttask.exe" -atboottime
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg"&"inst=NzctNjU2NjQ0ODMyLUZMMTArMS1ERFQrMA"&"prod=90"&"ver=10.0.1382
dRun: [ctfmon.exe] c:\windows.0\system32\CTFMON.EXE
dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\owner~1.22n\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\owner~1.22n\startm~1\programs\startup\no-ipd~1.lnk - c:\program files\no-ip\DUC20.exe
StartupFolder: c:\docume~1\alluse~1.0\startm~1\programs\startup\utilit~1.lnk - c:\windows.0\system32\sistray.exe
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: NuSphere PhpED :: Debug this page - c:\program files\nusphere\phped\NuSphereIEBar.dll/1000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268159012453
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5B1B99BB-C1E9-4E68-8B62-0E68C3BD72C4} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{AFAD3C9F-F603-49C2-BC4B-4B7085B9B02B} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows.0\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 213.203.216.114 http://www.marketsamurai.com
Hosts: 213.203.216.114 marketsamurai.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner.22ndstre-cffdc6\application data\mozilla\firefox\profiles\xt2qn30p.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\documents and settings\owner.22ndstre-cffdc6\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\owner.22ndstre-cffdc6\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\owner.22ndstre-cffdc6\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin2.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin3.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin4.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin5.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin6.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin7.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows.0\system32\drivers\nis\1206000.01d\symds.sys [2011-6-21 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows.0\system32\drivers\nis\1206000.01d\symefa.sys [2011-6-21 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users.windows.0\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\bashdefs\20110616.003\BHDrvx86.sys [2011-6-16 810616]
R1 SymIRON;Symantec Iron Driver;c:\windows.0\system32\drivers\nis\1206000.01d\ironx86.sys [2011-6-21 136312]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\18.6.0.29\ccsvchst.exe [2011-6-21 130008]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users.windows.0\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\ipsdefs\20110622.001\IDSXpx86.sys [2011-6-22 355256]
R3 NAVENG;NAVENG;c:\documents and settings\all users.windows.0\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\virusdefs\20110621.035\NAVENG.SYS [2011-6-22 86008]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users.windows.0\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\virusdefs\20110621.035\NAVEX15.SYS [2011-6-22 1542392]
R3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2011-4-25 19056]
R4 AVGIDSDriver;AVGIDSDriver;c:\windows.0\system32\drivers\avgidsdriver.sys --> c:\windows.0\system32\drivers\AVGIDSDriver.Sys [?]
R4 AVGIDSEH;AVGIDSEH;c:\windows.0\system32\drivers\avgidseh.sys --> c:\windows.0\system32\drivers\AVGIDSEH.Sys [?]
R4 AVGIDSFilter;AVGIDSFilter;c:\windows.0\system32\drivers\avgidsfilter.sys --> c:\windows.0\system32\drivers\AVGIDSFilter.Sys [?]
R4 AVGIDSShim;AVGIDSShim;c:\windows.0\system32\drivers\avgidsshim.sys --> c:\windows.0\system32\drivers\AVGIDSShim.Sys [?]
R4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows.0\system32\drivers\avgrkx86.sys --> c:\windows.0\system32\drivers\avgrkx86.sys [?]
R4 Avgtdix;AVG TDI Driver;c:\windows.0\system32\drivers\avgtdix.sys --> c:\windows.0\system32\drivers\avgtdix.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows.0\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-19 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-19 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows.0\system32\drivers\mbamswissarmy.sys --> c:\windows.0\system32\drivers\mbamswissarmy.sys [?]
S3 mv2;mv2;c:\windows.0\system32\drivers\mv2.sys [2010-4-4 10688]
S3 mvvideodemo;MaxiVista Virtual Video Demo;c:\windows.0\system32\drivers\mvvideodemo.sys --> c:\windows.0\system32\drivers\mvvideodemo.sys [?]
S3 SaiH0BAC;SaiH0BAC;c:\windows.0\system32\drivers\SaiH0BAC.sys [2010-3-20 135168]
S3 UKBFLT;UKBFLT;c:\windows.0\system32\drivers\UKBFLT.sys [2010-1-8 11672]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows.0\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-06-21 19:23:54 369784 ----a-w- c:\windows.0\system32\drivers\nis\1206000.01d\symtdi.sys
2011-06-21 19:23:54 331384 ----a-w- c:\windows.0\system32\drivers\nis\1206000.01d\symtdiv.sys
2011-06-21 19:23:54 296568 ----a-w- c:\windows.0\system32\drivers\nis\1206000.01d\symnets.sys
2011-06-21 19:23:53 744568 ----a-w- c:\windows.0\system32\drivers\nis\1206000.01d\symefa.sys
2011-06-21 19:23:53 516216 ----a-w- c:\windows.0\system32\drivers\nis\1206000.01d\srtsp.sys
2011-06-21 19:23:53 50168 ----a-w- c:\windows.0\system32\drivers\nis\1206000.01d\srtspx.sys
2011-06-21 19:23:53 340088 ----a-w- c:\windows.0\system32\drivers\nis\1206000.01d\symds.sys
2011-06-21 19:23:53 136312 ----a-w- c:\windows.0\system32\drivers\nis\1206000.01d\ironx86.sys
2011-06-21 19:23:29 -------- d-----w- c:\windows.0\system32\drivers\nis\1206000.01D
2011-06-21 18:17:58 -------- d-----w- c:\program files\NortonInstaller
2011-06-21 17:47:39 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2011-06-21 17:47:39 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2011-06-21 07:27:34 -------- d-----w- c:\documents and settings\owner.22ndstre-cffdc6\application data\Malwarebytes
2011-06-21 07:27:25 -------- d-----w- c:\documents and settings\all users.windows.0\application data\Malwarebytes
2011-06-19 16:44:26 -------- d-sh--w- c:\documents and settings\owner.22ndstre-cffdc6\PrivacIE
2011-06-19 16:43:28 -------- d-sh--w- c:\documents and settings\owner.22ndstre-cffdc6\IETldCache
2011-06-19 07:31:09 -------- d-----w- c:\windows.0\ie8updates
2011-06-19 07:21:47 -------- dc-h--w- c:\windows.0\ie8
2011-06-19 07:14:39 -------- d-----w- c:\documents and settings\owner.22ndstre-cffdc6\application data\ElevatedDiagnostics
2011-06-19 07:08:24 602112 -c----w- c:\windows.0\system32\dllcache\msfeeds.dll
2011-06-19 07:08:23 55296 -c----w- c:\windows.0\system32\dllcache\msfeedsbs.dll
2011-06-19 07:08:22 743424 -c----w- c:\windows.0\system32\dllcache\iedvtool.dll
2011-06-19 07:08:21 247808 -c----w- c:\windows.0\system32\dllcache\ieproxy.dll
2011-06-19 07:08:20 12800 -c----w- c:\windows.0\system32\dllcache\xpshims.dll
2011-06-19 07:08:16 1991680 -c----w- c:\windows.0\system32\dllcache\iertutil.dll
2011-06-19 07:07:44 7680 -c----w- c:\windows.0\system32\dllcache\iecompat.dll
2011-06-18 17:13:15 -------- d-----w- c:\documents and settings\owner.22ndstre-cffdc6\application data\AVG10
2011-06-18 17:08:18 -------- d-----w- c:\documents and settings\all users.windows.0\application data\AVG10
2011-06-18 17:07:47 -------- d-----w- c:\program files\AVG
2011-06-18 07:54:49 -------- d--h--w- c:\documents and settings\all users.windows.0\application data\Common Files
2011-06-18 07:54:15 -------- d-----w- c:\documents and settings\all users.windows.0\application data\MFAData
2011-06-17 08:11:30 -------- d-----w- c:\documents and settings\all users.windows.0\application data\PCSettings
2011-06-16 18:35:09 -------- d-----w- c:\windows.0\system32\wbem\repository\FS
2011-06-16 18:35:09 -------- d-----w- c:\windows.0\system32\wbem\Repository
2011-05-30 23:07:15 -------- d-----w- c:\documents and settings\owner.22ndstre-cffdc6\.get_iplayer
2011-05-30 23:07:13 -------- d-----w- c:\documents and settings\all users.windows.0\get_iplayer
2011-05-30 23:07:07 -------- d-----w- c:\program files\get_iplayer
2011-05-30 22:55:45 -------- d-----w- c:\documents and settings\owner.22ndstre-cffdc6\eee
2011-05-25 14:39:12 -------- d-----w- c:\program files\MSECache
.
==================== Find3M ====================
.
2011-06-21 19:23:55 60872 ----a-w- c:\windows.0\system32\S32EVNT1.DLL
2011-06-21 19:23:55 126584 ----a-w- c:\windows.0\system32\drivers\SYMEVENT.SYS
2011-06-19 16:44:19 0 ----a-w- c:\windows.0\Cjehitokesikomej.bin
2011-04-25 22:21:39 1 ----a-w- c:\windows.0\system32\InprocServer32.dll
2011-04-25 16:11:12 916480 ----a-w- c:\windows.0\system32\wininet.dll
2011-04-25 16:11:11 43520 ------w- c:\windows.0\system32\licmgr10.dll
2011-04-25 16:11:11 1469440 ------w- c:\windows.0\system32\inetcpl.cpl
2011-04-25 12:01:22 385024 ------w- c:\windows.0\system32\html.iec
2011-04-06 15:20:16 91424 ----a-w- c:\windows.0\system32\dnssd.dll
2011-04-06 15:20:16 75040 ----a-w- c:\windows.0\system32\jdns_sd.dll
2011-04-06 15:20:16 197920 ----a-w- c:\windows.0\system32\dnssdX.dll
2011-04-06 15:20:16 107808 ----a-w- c:\windows.0\system32\dns-sd.exe
2011-04-01 18:55:30 3 ----a-w- c:\windows.0\system32\OutN64proc64.dll
2011-04-01 18:55:30 3 ----a-w- c:\windows.0\system32\InN64proc64.dll
.
============= FINISH: 11:54:48.70 ===============

Thank you all in advance
Kind Regards
Ash

[shelf life]

Hi,

Your post is a few days old. If you still need help simply reply back.

[thebizbuilder]

Hi Shelf life,
Thank you for your reply, yes I am still having trouble with this.
It seems to redirect through sites like this http://www.state.lewisburg.us/
However the site that it redirects through changes everyday!
Thank you in advance
Regards
Ash

[shelf life]

We will get a download to use. Its called combofix. There is a guide to read first. Read through the guide then apply the direction on your own machine. Combofix will not run with AVG installed. You will have to uninstall AVG via the add/remove programs panel before running combofix.

You also have Norton installed. A machine only needs one antivirus installed, two is not better in this case.

It looks like you may have already uninstalled AVG, if not then remove via the add/remove programs panel and reboot, If you already removed AVG then read the combofix guide and run combofix. If combofix gives you a warning about AVG being installed then stop and go here and download the first thing in the list;
AVG remover 32bit. Download and run the uninstaller, reboot then proceed with combofix.
Post the combofix log in your reply.

Guide to using Combofix

[thebizbuilder]

Hi Shelf Life,
I disabled norton and AVG has been uninstalled with no problems.
However when I run combofix I agree to the terms etc and then it just shows a blue screen with a yellow blinking cursor and nothing else at all?
I'm not sure what the issue may be here.
Any help will be much appreciated.
Kind Regards
Ash

[thebizbuilder]

Hey I got it to run in the end, I just had to disable peerblock.
I have attached the log file.
Thank you in advance.
Ash

[thebizbuilder]

Sorry just to add, it appears to have stopped the redirect!

[shelf life]

Ok good.You can reinstall AVG or keep Norton, only need one resident active AV on a machine, not two. You can also update malwarebytes and do a full scan with it. Should look good. Then we can call it quits.