Hello,
Plan of Action -
1) Disable the System Restore http://support.microsoft.com/kb/283073
2) Disable the Browser Helper Objects on all Installed Browsers
3) Check the Host file of the machine if it has been tampered with. If yes, make the necessary changes to the host file.
4) Login to the machine as a Different User and check if this issue is occurying?
If this issue is not occurying, you may like to delete the Infected User Profile after taking a back up of necessary files.
5) To check if there are any Suspicious files on the machine, work on the steps provided in the article below:
Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.
https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec
Also, Check these Threads with similar issue -
https://www-secure.symantec.com/connect/forums/help-removing-virus-redirects-web-page
https://www-secure.symantec.com/connect/forums/popup-and-redirect-virus
https://www-secure.symantec.com/connect/forums/help-re-direct-virus
Hope that helps!!