Nasty redirect trojan nothing is catching!!

[Mackailey]

I too am having this same issue. I had that nasty Anti virus pro that activated as soon as I loaded explorer 8 onto my computer. It prevented all .exe files to execute!! There was a small window upon logging in that I was quickly able to load up malwarebytes before it stopped all executable programs. However, now I have this page redirect trojan that nothing seems to catch. Ran malawarebytes again, AVG and I do have Hijack this, however I am not a computer guru and the logs are confusing and I am afraid I will delete something not meant to delete. I open up any browser, I can't use the toolbar search or it will redirect me to other sites. Or if I manage to get to the site I am wanting, It will auto redirect me to another site as soon as I click the link or in the middle of my browsing session. Any help would be wonderful!! My children also use this computer for games. I am wondering if they downloaded something from a site.

Hijack this Log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 7:38:04 AM, on 7/25/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17055)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\syst

[Mackailey]

somehow this got posted twice.. no idea how

[Mackailey]

Logs didnt get all posted. Here is the Hijack this log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 7:38:04 AM, on 7/25/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17055)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\WLTRYSVC.EXE

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\OEM13Mon.exe

C:\WINDOWS\system32\WLTRAY.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\D-Link\SharePort Network USB Utility\SharePort Network USB Utility.exe

C:\Program Files\Synaptics\SynTP\SynToshiba.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\AIM\aim.exe

C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:%

[Mackailey]

Hijack this log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 7:38:04 AM, on 7/25/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17055)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\WLTRYSVC.EXE

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\OEM13Mon.exe

C:\WINDOWS\system32\WLTRAY.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\D-Link\SharePort Network USB Utility\SharePort Network USB Utility.exe

C:\Program Files\Synaptics\SynTP\SynToshiba.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\AIM\aim.exe

C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\AVG\AVG9\avgnsx.e

[Mackailey]

Sorry, Guess I'm stuck is there another way to post this log? Everytime I try to post it i get this message: This webpage is not available.

The webpage at http://forums.malwarebytes.org/index.php? might be temporarily down or it may have moved permanently to a new web address.

More information on this error

[screen317]

Hi and welcome to Malwarebytes.

My apologies for the extended delay; do you still need help?

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!