Browser Redirect problem in IE and Firefox

OK... Here is the ComboFix file...

Looks good.

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.
• Open JavaRa.exe again and select Search For Updates.
• Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

Please do an online scan with Kaspersky WebScanner

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure the following is checked.
   • Spyware, Adware, Dialers, and other potentially dangerous programs
     Archives
     Mail databases
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
9. Please post this log in your next reply.

OK...
The TFC was easy and ran with no problem...
JavaRa downloaded, ran the first time and deleted Older Versions with no problem.
When I selected Search For Updates, It went to the web page... I selected the JRE version for my OS and the download Java window opened. I selected the file and hit the Start button. The progress bar filled up but I am at a loss as to where the file was put!

Never mind... I think I found it...

The Kaspersky WebScanner is running awfully slowly. I started it over 4 hours ago. The time lapse counter only shows 2hrs 29min. Twice it has stalled on some script error. I let it run. It has found only 1 threat. It has only finished 14% of the scan. What do you suggest?

Can you remember what the threat was?

OK...
This thing ran for about 8 hours. About 5 or 6 times a script error message popped up. I always responded to continue to allow scripts to run. The process found one threat. It seems to be in a program that I use to read EXIF data from digital camera photos. I can kill that and find something else to read or edit this information.
Here is the file...

Ok.

You can go ahead and delete that.

Other than that.

Remove Combofix now that we're done with it.

• Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
• Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
  
• Please follow the prompts to uninstall Combofix.
• You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

This will uninstall Combofix and anything assoicated with it.

• Download OTC to your desktop and run it
• Click Yes to beginning the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

OK... This is done.
The OTC process seems to have removed some programs and files but there is a lot of other stuff left... such as Malwarebytes, SUPERAntiSpyware, Trojan Remover, etc. Should these files have been removed?
Also, is the end of the process to get rid of the problems?

Get rid of Trojan Remover, it's rubbish.

Keep MBAM, ans SAS.

Any other things left behind?

CCleaner and its installation package, ESET, RootRepeal, TCF, CrucialScan, JavaRa.zip, jre-6u17-windows-i586, LockSearch, SystemLook, w4sgeen9

Remove RootRepeal, LockSearch and SystemLook.

Edit,

Also JavaRa, jre-6u17-windows-i586

Done...
What else?
At what point do I expect a "clean bill of health"?

I already gave it to you. These last few posts were just removing tools.

OK then!
I would like to thank all of you who helped me through this critical exercise. I was on the verge of doing a reformat of two hard drives and doing a rebuild which would have taken the better part of two or three weeks, not counting backing up all of my documents and images.
Is it OK if I refer a few of my friends to this forum? One called yesterday with a similar problem. I think that I could step him through the first couple of steps, but I will probably have to turn it over to you guys towards thew end.
By the way, when I first came to this forum, McAfee did not have a problem with Techspot.com. About halfway through the removal process, McAfee started flaging this site as not safe.
Again, Thanks for all of the help!

This was the most complex virus removal thread I have seen. Did it really have to be so complex?

"I was on the verge of doing a reformat of two hard drives and doing a rebuild which would have taken the better part of two or three weeks, not counting backing up all of my documents and images"...

Isn't now a good time to back up all that important stuff? There is no good excuse not to, is there?

The fact that you even had to ask that shows how little you actually know about this.

Gone are the days when you could solve peoples problems with fixing a few things in HijackThis and deleting some files.

@Astronerd I only really help here on the harder cases, but I can be found elsewhere.

Thank you all!

I am having this exact issue, and although I read through most of this post, I am not very computer literate, so I was wondering if any of the actions listed specifically fixed the issue; A bunch of the stuff at the beginning seem to be just identifying the issue. Which program that you all used actually fixed the issue? My redirects are to the exact website astronerd mentioned, and it happens in both IE and Firefox. Can someone help, Like astronerd I have way too much data to try and reinstall if possible...

To Startiger:

Many people experience the redirects. But the malware causing it can be different. So we run programs to identify the cause and remove as much as we can. Then we follow with additional cleaning programs if needed.

This is why there is no one fix! And some malware infections are easier to remove than others. It is also very common for the user to have multiple malware infections at the same time.

IF you would like to have your system checked for malware, please start a new thread. Describe your problem. Follow the steps set up HERE.

When you have finished, please attach the 3 logs for review.
---------------------------------------------------------------------------------------------------------------------
This thread is for the use of member Astronerd only. If you have a malware problem, please follow the steps in the Preliminary Virus and Malware Removal thread first.

Start as new thread to post your problem and attach your logs.