Redirected searches.

Searching with Firefox / Google, Internet Explorer / Bing, or any combination of the above, I continue to receive maybe one or two good searches but then I'm redirected to another web site.
The redirected searches will sometimes open a new tab but not always. For example, I made a search to CNN news, after 30 seconds I was then was redirected. The search history looked like this: CNN News > 2 search.php > blue gills Prices. The search history always looks similar to this after a redirected search. The commonality of most redirected searches is "they all sell things" somewhat related to my original search or to a previous search I had made. There have been some redirected searches made to blank websites. The redirected searches continue to happen after going through the "Malware Removal Guide".
I was able to generate logs except from the ComboFix program. ComboFix would run up to the blue window which stated "scan time for badly damaged machines may easily double", the screen showed a yellow blinking "under-bar", I left it for 60 minutes, the screen never changed and the computer was frozen. I tried this several times with the same results.

 

I re-ran CCleaner.
I ran TDS SKIller, attached is it's log file.

Thanks

 

Yes, I'm running through a router, sharing the router with a Mac which has no re-direct issues.

 

Yes I have reset the router, but I still have the re-direct problem.

 

1) I have cleaned out the browser cache since your last note.
2) When I type in an web site address I don't receive a redirect initially, I can get to the correct web site. But after a minute or two a second browser tab will open and takes me to an redirected web site.
3) With a word search in Google I continue to get redirected. What happens is if I simply mouse click select one of the selections from the word search I'll get redirected. But if I cut and past the address of one of the selections it works OK but may open a second browser tab (same thing that happens with number 2 above).
4) I ran CCleaner 3 times since your last message. I'll run it before any scans.
5) I ran ATF, 1st time it cleaned 15.4MBs, 2nd time it cleaned 2,868 KBs, and the 3rd time it cleaned 1,096 bytes.
6) I ran BitDefender On-Line. The 1st time I ran it, after a hour a power interruption canceled the scan. Up to that point it had found 6 viruses and had deleted them. The second time I ran it, it found no viruses. The txt file ID was not available when I tried to save the log. The only option was html, that's what I used, see attachment. (I could not attach a html file, I renamed it as a txt file, not sure it will do any good.)

Current Status: searches still being redirected, see number 2 & 3 above.

Thanks

 

Ran MBR Check, log attached.

 

I ran my last backup 3 weeks back, I disconnected the external drive when I first noticed problems about 2 weeks back. I have not done anything important since my last backup.
I just ran MBRCheck, and C:\MGtools\GetLogs.bat. Here are the attachments:

The computer is still redirecting from the search block.

 

Not sure, the first time I ran the MBR Check file yesterday at the point after I did a save all text, I tried to open the Notebook application to paste the data but the computer froze. I had to boot the computer. After it restarted I started the process all over again. I'll go through the process from your "yesterday 16:25" message again. Before I do I'll place all previous logs and .txt files in a folder and isolate them, possibly old and new are getting mixed together.

 

Re ran MBRCheck.exe and C:\MGtools\GetLogs.bat see attachments.
Having a problem attaching the MRBfix.txt file, error message keeps warning file has already been attached to this thread. I'll try to attach it in the next message.
Still experiencing redirected searches.

Thanks

 

I can't get the MRBfix.txt file to attach, I even tried to rename it, still no luck.
I decided to paste it's contents here:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x00000074

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 3DD27C7EE9B2D8B2CB511843C79460E5DB3CA995


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit: y

Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: 2

Enter the physical disk number to fix (0-99, -1 to cancel): 0
Available MBR codes:
[ 0] Default (Windows XP)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 0
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: yes
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.


Done!
Press ENTER to exit...

 

Tim
I have decided to stop trying to clean out the virus, I will be doing a clean install. I had said in a previous message that the change in files from my last back-up were very small. Thank You for your time and effort and I did learn a few things.
Thanks.