First, let me thank everyone who volunteers their time to help everyone with computer problems. It's awesome to see people helping strangers without hope of financial gain. Thanks so much to all.
I'm stumped, so I'm turning to the experts for help. Since Sunday, my Google results (I'm using IE v. 7.0.5730.11) appear normal, but the links redirect me to a different website. The redirect site has changed: I've gotten reliablewindow.com, z43523673.cn, tulsamusic.com, and web-cincinnati.com. Often, there is a "Not Found" message. Another time (when I searched for "dell") there was a scammy ad for a MacBook deal.
Other details:
(1) The problem is intermittent. I just did three or four google searches (espn, target, amazon), and the correct page loaded (espn.com, target.com, amazon.com) when I clicked on a link. Then, on the next search (dell), the MacBook deal site came up when I clicked on the result link for dell.com.
(2) The problem occurs in Yahoo, also.
I've tried the following steps to cure the problem:
(1) AVG Free, which is installed and supposedly always running in the background: no malware found.
(2) TrendMicro Free Online Scan: no malware found.
(3) CWShredder: no malware found.
(4) AdAware: the program claimed that it was already scanning and refused to start a new scan. AdAware also could not update its malware profile.
(5) Safe Mode: I could not start the computer in safe mode--it kept looping back to the DOS prompt until I chose "Normal Startup." I'm not sure if I've ever had to start this machine in safe mode, and I've had problems with this computer associated with shut down/standby, so this is very possibly not the result of the malware.
I'm terribly sorry that I can't offer any more clues, but I'm happy to test out anything that may provide helpful information.
Here is the DDS log:
DDS (Ver_09-09-29.01) - NTFSx86
Run by C at 18:00:24.23 on Wed 10/07/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.477 [GMT -5:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
============== Running Processes ===============
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRAY.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mspaint.exe
C:\Documents and Settings\C\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = about:blank
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
mWinlogon: Userinit=c:\windows\system32\userinit.exe,Ir32_c.exe
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Thunder Browser Helper: {63b2d652-ead9-4d6e-93ed-2cc51d22cf02} - c:\windows\system32\XunLeiBHO_001.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime alternative\qttask.exe" -atboottime
mRun: [BJCFD] c:\program files\broadjump\client foundation\CFD.exe
mRun: [Motive SmartBridge] c:\progra~1\sbcsel~1\smartb~1\MotiveSB.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mExplorerRun: [AAAA] c:\windows\system32\hf1001.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: att.net
Trusted Zone: sbcglobal.net
Trusted Zone: yahoo.com\clientapps
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} - hxxp://site.ebrary.com/lib/stanford/support/plugins/ebraryRdr.cab
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper20073151.dll
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo.walgreens.com/WalgreensActivia.cab
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1167672898468
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167673156905
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Notify: __c00B8E8C - c:\windows\system32\__c00B8E8C.dat
SEH: N/A: {3fdeb171-8f86-0005-0001-69b8db553683} - c:\windows\system32\sysff11.dll
SEH: N/A: {3fdeb171-8f86-0002-0001-69b8db553683} - c:\windows\system32\systemtl2jp.dll
SEH: N/A: {3fdeb171-8f86-1107-0001-69b8db553683} - c:\windows\system32\sysjpred.dll
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-28 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-11-28 27784]
R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2006-9-6 337592]
R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2006-9-6 54968]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-1-29 297752]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2007-5-11 106808]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20070208.017\naveng.sys [2007-2-8 80472]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20070208.017\navex15.sys [2007-2-8 852600]
S2 download02;Remote Access;c:\windows\system32\svchost.exe -k netsvcs [2001-8-23 14336]
S2 Wingms;Wingms;c:\windows\system32\msn.exe -u --> c:\windows\system32\msn.exe -u [?]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-9-27 116464]
S3 usbmouseb;usbmouseb;\??\c:\windows\system32\drivers\msn.sys --> c:\windows\system32\drivers\msn.sys [?]
S4 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-7-19 192160]
S4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-7-19 169632]
S4 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-9-27 1813232]
=============== Created Last 30 ================
==================== Find3M ====================
2009-08-23 20:24 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-23 20:24 11,952 a------- c:\windows\system32\avgrsstx.dll
============= FINISH: 18:02:46.48 ===============
Thanks so much!