There are also Yahoo! links redirects to other sites such as searching for Spybot: S&D would take me to a fake site posing as Spybot S&D instead of the Cnet download site. When I had to find a zip program to unzip the zip file, it took me to a different site than Winzip.
AVG 2011 Free is installed. Windows Vista Home Premium. Both report that they are up to date.
Earlier in the week, I removed a proxy setting that should not have been on there and removed an attached file to Rundll32.exe. The redirects appeared to stop for me then but later came back when the primary user used the computer. I think the infection is re-infecting the computer upon reboot as there are suspicious files in the temp folder. I think akamai may have been an infection I tried to clear two months ago with a rootkit killer from Kaspersky. I do not know it's name. I do not know if it is still there or not.
Primary user of the computer says that she uses it for Facebook (farmville) and email. I looked through the history and it looks like she is telling the truth. A house guest did use the computer to access television shows linked through Surfthechannel.com over Christmas.
If I am missing anything, please tell me.
Edit: For some reason, I cannot access a flash drive through my computer by clicking on the icon but I can access it if I type in the address. Probably nothing.
Editx2: The redirects from Yahoo! links may be isolated to Firefox only. IE does not seem to be having any redirects when I click on the search links. My computer that connects the same method to the router (wireless) does not have any redirect issues.
Editx3: I appear to have fixed it. I ran the tdsskiller and it removed a rootkit. I also finished a scan by Spybot S&D and it came back with these infections and there were a few tracking cookies: Fraud.HDDDefragmenter (registry value), Fraud.sysguard (registry value), and Win32.Fraudload.edt(3 files in C:\windows\tasks\~.job) I will reboot after malwarebytes finishes its scan, but I may post back tomorrow on whether or not the redirects are gone. Malwarebytes has found 2 infections so far.
Edited by misplaceddreamer, 08 January 2011 - 12:16 AM.