Posted 06 July 2010 - 11:55 AM
If you have been cleaning and scanning for hours and hours working with the team on this site and can't find anything, check your router! There is apparently a new piece of malware that attempts to hack into your wireless or standard router and add rogue DNS servers to it. If you search google with certain keywords (IP lookup for example), and notice "results5.google.com" when you click a link then this is likely part of the problem.
First eliminate your personal router from the equation either by directly plugging into your ISP's device or by using someone else's internet connection at another location. If you find the problem goes away then this is likely your problem. Most routers have a reset switch on the back, see your manual for instructions on how to reset to default. Once reset then you MUST change the default password on it. Do not store the password in any browser.
The IP's used for DNS were in the Russian Federation, 188.8.131.52 and 184.108.40.206.
Probably a good idea to change ALL your passwords if this fixes everything.
Keep in mind this likely only solves a portion of the issues you may have. Posting logs and working with the team on this site is still essential to ensure your system is clean.