I have seen a number of threads on this and people sending in logs with nothing wrong... no registry hacks, Malwarebytes can't find any thing wrong...
Well you may not be alone. I just reinstalled 2 PC's, simply because every site you went to was not what they clicked on. I assumed that the same person slammed one and did the other as well. After I took them back to the company, they were doing it again.
Turns out their router got hit... and DNS were programmed in:
Seems like and old trick (or proof in consept) that if you keep the default password in your router a carefuly crafted web page could change those settings behind the scenes. Linksys and D-Link are mentioned most often.
Did some more search and there is a way from the inside to put it back to factory specs and then change the DNS...
No wonder I could not find anything wrong on the PC side.
Hope this information helps those who can't find anything wrong... and change that password