Even after fixing the url prefix hijacks I mentioned above, you still may be redirected when attempting to visit particular sites (such as the sites where spyware removal tools are downloaded from). This is typically done through modifying your "hosts" file.
Here is a
discussion about the hosts file.
nkvd.us's IP is
81.211.105.25, so any line with that address is bad, but some sites possibly are being redirected to other addresses as well.
On Windows 95/98/ME the hosts file is located in the "c:\windows" directory and on Windows NT4/2000/XP/2003 in the "c:\winnt\system32\drivers\etc" directory. (A sample hosts file is supplied with Windows named "hosts.sam", located in the same directory.)
But all these hijacks will likely return after a reboot unless you hit at the source of the problem, so make sure to update & run all the removal programs mentioned, & post a hijackthis log here afterwards if need be.
Let us know how it goes.