Germany, actually, but that doesn't invalidate the conclusion.

With the old variants of OSX/Zlob, that was correct.

You appear to be infected with a new variant of the Zlob/DNSchanger malware. I've probed the name server at 87.118.92.205 and also done some sniffing around on security forums, and yes, this is a hostile name server under the control of the Russian Zlob gang. You are definitely infected.

87.118.92.205 is hosted on Keyweb.de, a black-hat German ISP that the Zlob gang has used in the past to host virus droppers and malware redirectors.

I've recently (last night, in fact) discovered that the Zlob gang is stepping up their Mac malware activities--I found a variant of the OSX/Zlob installer I haven't seen before on a domain (http://www.mac-videos.com/ -- DO NOT visit that site, it will download a .dmg installer that will, if you run it and type your password, install a variant of the DNSchanger malware) that is clearly set up to be Mac-specific.

The fact that the Zlob gang has moved to new hostile nameservers indicates that they're widening their network and making it more robust. The fact that they're hosting hostile nameservers outside Eastern Europe seems to me to indicate they're getting cocky. The fact that the DNSchanger cleaner won't see the variant you're infected with is especially troublesome.

You almost certainly became infected when you went to a site that showed you a movie player control and told you that you needed to install an Adobe Flash player upgrade or a movie CODEC upgrade in order to see the movie.

The newest variant of OSX/Zlob I have encountered arrives in the form of a 24,323-byte .dmg file named AdobeFlashPlayer.dmg, which contains a single Installer file called "install.pkg". It is downloaded from sites that claim to show movies (some porn movies, some instructional videos about using a wood-burning stove, some instructional videos about using popup camping trailers, some videos about motorcycles, and so on) which, when you visit them, show you a phony movie player control in your browser and then give you an error message and download the .dmg file. Any of that ring a bell?

Tacit and others are right. Download the remover software and run it.
http://macscan.securemac.com/dnschanger-trojan-removal-tool-for-mac-os-x/

unfortunately, none of that rings a bell. I'm actually pretty competent with computers (although I'm fairly new to macs), and I typically don't download anything that I don't know and try to stay away from such plugins. That being said, it certainly could have happened.

so now that you've identified the problem, and I am very grateful for that, how should I go about solving it? since no virus/malware scan is picking it up, is there another way of isolating and removing the infected files?

Did you try the macscan?

Yea, that was one of the first things I tried. I also re-downloaded and ran the dnschanger scan and it still turned up nothing.

There seems to be a lengthy way to remove it, delineated in
http://discussions.apple.com/thread.jspa?threadID=2066052&tstart=0
Please read to the end of the first page and then go to the second. Looks like you have a new version. They also cite free iAntiVirus as the most up-to-date.

macnerd you are my hero haha. everything seems to be fixed. I'd assume that it was a combination of iAntiVirus and simply deleting the DNS entries, but either way it seems to have worked. Thanks for all of your help and especially for that link!

Any time! I would keep an eye on this thing and periodically check the servers in Terminal. Happy surfing!