TechSpot

Windows updates blocked and Google redirected

By bjkd2002
Mar 30, 2009
  1. Hi there,
    I have been having a problem recently with Google search results being redirected. I am also unable to download windows updates or the latest virus definitions for ANY anti virus software.

    I had a similar problem a few months ago that I managed to fix with Microsoft’s online malicious software removal tool. The same process found a Trojan this time (Win32/Alureon!inf) but removing it doesn't seem to have worked.

    I have done the 8 recommended steps and have attached the required log files. Please bear in mind that I am unable to automatically update Malwarebytes Anti Malware or SUPERAnti spyware, and can find no way to do it manually (a manually updated AVG found nothing!)

    Any help would be VERY much appreciated.

    Many thanks
     

    Attached Files:

  2. touch

    touch TS Rookie Posts: 978

    Hello bjkd2002

    See if you can download and install the manual malwarebyte update ->
    http://www.malwarebytes.org/mbam/database/mbam-rules.exe
    This manual updater should get you fairly recent.

    Doubleclick on the file, updates should be installed, run malwarebyte and attach that log
     
  3. bjkd2002

    bjkd2002 TS Rookie Topic Starter

    Thanks for the reply. I'm not sure if the manual updater has done anything, my virus database version is still dated 3/24/09. Is there a more recent one?

    In anycase, scan still came up clean, log attached:
     
  4. touch

    touch TS Rookie Posts: 978

    No, I´m afraid not.

    See if you can download and run combofix -

    Please download combofix here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe << rightclick on the link - save as
    Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

    Now, please make sure no other programs are running, close all other windows.

    Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
    Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
    It may take a while to complete scanning and this is normal.

    You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
    scanning has completed.

    Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

    Nb. If you can´t do it from normal mode.
    Reboot to safe mode with network and try from there.

     
  5. bjkd2002

    bjkd2002 TS Rookie Topic Starter

    Nope, Combifix DOES NOT run, even in safe mode. A DOS window flashes on screen for a second and then dissapears, nothing else seems to happen. When I tried to download it, IE wanted to save it as an HTML file, is this normal?
     
  6. touch

    touch TS Rookie Posts: 978

    No, it should be saved as an exe file.

    Please download http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
    and save it to your Desktop.

    Double click SDFix.exe and it will extract the files to %systemdrive%
    (Drive that contains the Windows Directory, typically C:\SDFix)
    and save it to your desktop.

    When you have done this, please boot into Safe Mode (Tap F8 during startup).

    Open the extracted folder - C:\ SDFix and doubleclick on RunThis.bat to start the script.

    Type Y to begin the script. It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot. When you hit any key, your computer will reboot. Your system will take longer that normal to restart as the fixtool will be running and removing files.

    When your desktop loads, the utility will complete the removal and display Finished. Press any key again to end the script and load your desktop icons.


    Open the SDFix folder on your desktop and attach the contents of Report.txt
     
  7. bjkd2002

    bjkd2002 TS Rookie Topic Starter

    Nope.

    After waiting quite a long time for safe mode to boot up, when I try to run SDFix the same windows message appears about working in safemode that usually displays when you first boot up. The one about clicking 'Yes' to work in safe mode or 'No' to go back to a restore point. Clicking yes again doesnt do anything. If I try to run SDFix again the process just repeats. No log file is saved, so I'm guessing its just not doing anything at all.

    Interestingly enough I can now web update both MBAB and Ad-Aware, but my browser is still being redirected.

    Edit: No I can't update MBAB. Not anymore. Damn
     
  8. touch

    touch TS Rookie Posts: 978

  9. bjkd2002

    bjkd2002 TS Rookie Topic Starter

    Doesn't work. A dos window briefly appears and then vanishes. No apparent effect.
     
  10. touch

    touch TS Rookie Posts: 978

    Go here and download to Desktop: http://www.adrive.com/public/97c4357...cd68a0107.html

    And download Fixer exe

    Doubleclick Fixer.exe to run it. This will extract a Fixer folder to the desktop.

    Now before running boot to Safe Mode with Networking.

    Then Doublick to enter the Fixer Folder .

    Double click Daft.exe, then click scan and check any found items and click fix and then exit.

    Next boubleclick on click Fixit.cmd to run it.

    When it completes try again to update MBAM and SAS
     
  11. bjkd2002

    bjkd2002 TS Rookie Topic Starter

    "The file you are trying to download is no longer publicly available"

    Nothing is working mate. Thanks for all your help, but I'm gonna have tp format/reinstall.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...