Google is screwed and it's driving me insane

Sorry in advance for the long post, but I wanted to include as much info as possible.

Here's the problem:
When I go to google and search for something I get redirected to a page which looks pretty much like google, but isn't, and has a page or so of ads or 'undesirable' weblinks. Once I get to the second or third page the results seem to be normal. The address of this imitation Google is 61.131.54.618.cc

I have had some spyware stuff on this pc before, in the last month, which a combination of ad-aware and spybot have removed.

I have read the 'READ ME FIRST BEFORE ASKING FOR SUPPORT' thread and follwed the instructions.

The Trend Micro and Symantec online scans were done in NORMAL mode instead of SAFE as I couldn't connect in safe mode. (I have dial-up AOL -rubbish I know) Neither found anything.

In SAFE mode I ran: AVERT Stinger, Ad-Aware, Spybot, CWShredder, Kill2me about:Buster . They all found nothing.

I also ran CCleaner. HSRemove said it removed 8 items, I don't know what they were.

Rebooting in Normal mode showed that the problem was still there, so I then ran:
a2 (a-squared) which found 1 malware: C:\WINDOWS\unstall.exe which apparently was something called Spyware.Win32.MediaMotor.a

avast Virus Cleaner which found nothing

and ADS-spy which found 4 ADS all are located in C:\bundle\Netscape\Win95_NT I can type the details in full if needed.

If you need a hijackthis log file, let me know and I'll post it.

Thanks.

 

Ok, here's the log file. I think I did everything how I was supposed to.

 

Hi Bek,

Not too much in your HJT Log.

Fix these lines in HJT:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
O2 - BHO: Explorer Class - {962F12AE-2773-4BEB-99EA-B5C3AB9A6606} - C:\WINDOWS\system32\DSMANA~1.DLL
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

Then, boot to Safe Mode with Viewing of Hidden Files Enabled and DELETE the following if it remains:

C:\WINDOWS\system32\DSMANA~1.DLL

NOW:
Run CCleaner and Spybot S&D and have Spybot fix what it finds.

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

Reboot, attach a fresh HJT Log and tell us how things are running now. I'm sure Chas will check back when he can.

PP

 

Thanks PP, you're a star! (And Chas too, obviously)
I can happily Google again.
Here's the HJT file anyway.