Have you tried a scan with combofix?
Also, what about internet explorer, is it also hijacked?
First of all I suggest backup your important files before going for anything because these malware sometimes go to the worst extent.
Download and run combofix: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
See if that works.
Download and install chrome browser: http://www.google.com/chrome
See if the same happening here. Let me know.
Wow. Much of a issue.
Restart the computer in safe mode and do a full scan using malwarebytes as well as combofix, give me the log of scan here.
Paste it into this site: http://pastebin.com/
Send me the link.
No infections. You are still getting hijacked?
Hello, please shut down the computer and turn it off. Then power it back on and lets go into Safemode with Networking.
1) Turn on the computer
2) Start tapping/pressing F8 until you see Advanced Options Menu
3) Select Safemode with Networking and press enter
4) Press enter for OS/XP
5) Choose your account (not admin)
6) Click yes to continue in safemode
Now, please download and run SmitFradFix.
http://tinyurl.com/smitfradfix <<<<<<< CLICK TO DOWNLOAD
1) Download SmitFradFix
2) Run SmitFradFix (Safemode Recommended)
3) Press 2 (and press enter)
4) Press Y (for clean registry) and press enter
5) Wait for the notepad with your log report.
AFTER THIS DO THIS.
1) Run SmitFradFix again
2) Press 5 (Search and Clean DNS HiJack) and press enter
3) When complete press Q for quit and press enter
Now restart your computer and test it out.
BEST OF LUCK!GOD BLESS!
Thanks. Please try this.
1) Click Start
2) Click Control Panel
3) Click User Accounts
4) Click Create A New User (with admin rights)
Now after you have your new account created, restart the computer and log into the account and test your computer out to see if its working now.
If it is working now, go back to the control panel / user acconts, and delete the old account out (BUT KEEP FILES) and your data will transfer into a single folder and it will be placed on the new desktop.
Created a new user account with admin rights and the I went into Internet Explorer and was redirected a few times to various sites so it appears the browser is still hijacked.
Thanks. Do this.
2) Click Run
3) Type Drivers and press enter
4) Open the ETC folder
5) Look for hosts.
This is where is it located directly (C:\Windows\System32\drivers\etc)
For the HOSTS file, on the right hand side, what is the FILE SIZE? Its is 1KB or what?
Thanks. Then its not a virus or spyware causing this. If you are getting redirected this would have been a bigger file.
It sounds to me like the OS is corrupted or having registry issues. I would suggest CCLEANER but you have already done that. ComboFix is extremely poweful to remove anything and yet you got nothing.
So there is only 1 thing left to do.
1) Backup all of your important data
2) Re-Install Windows XP
3) Install Security Protection
4) Download Windows Updates