This may seem like an unorthodox approach, and I might get a little fire for this, being new to the forums myself...but I suggest
if all else fails...
Go into the
Recovery Console and type DIR C:\ (or whatever letters your drive(s) use) and locate all files and folders that have been modified recently.
To look inside a folder that has a space in it's name, use quotation marks...
for Example "C:\"Documents and Settings\Administrator"
When you find files that have been modified recently, write down their names and then do a search for them on another computer. More often than not, there will be plenty of documentation on the files, and you can determine whether or not they are safe/necessary/malicious.
You may also need to
enable the SET command to have access to certain folders, but be aware that enabling this can put your computer and files at risk if other people regularly have physical access to it (so it is recommended that you disable it again when you are finished).
Oh, and check out the LISTSVC command as well, in the Recovery Console, and take a look at any services that are enabled. Any of them that don't have a description line underneath them are probably worth checking out. If you see any named
PDRELI,
PDRFRAME,
TDPIPE, or
TDTCP, those are bad. (I had the google redirect issues as well).