Windows updates blocked and Google redirected

[bjkd2002]

Hi there,
I have been having a problem recently with Google search results being redirected. I am also unable to download windows updates or the latest virus definitions for ANY anti virus software.

I had a similar problem a few months ago that I managed to fix with Microsoft’s online malicious software removal tool. The same process found a Trojan this time (Win32/Alureon!inf) but removing it doesn't seem to have worked.

I have done the 8 recommended steps and have attached the required log files. Please bear in mind that I am unable to automatically update Malwarebytes Anti Malware or SUPERAnti spyware, and can find no way to do it manually (a manually updated AVG found nothing!)

Any help would be VERY much appreciated.

Many thanks

 

[touch]

Hello bjkd2002

See if you can download and install the manual malwarebyte update ->
http://www.malwarebytes.org/mbam/database/mbam-rules.exe
This manual updater should get you fairly recent.

Doubleclick on the file, updates should be installed, run malwarebyte and attach that log

 

[bjkd2002]

Thanks for the reply. I'm not sure if the manual updater has done anything, my virus database version is still dated 3/24/09. Is there a more recent one?

In anycase, scan still came up clean, log attached:

 

[touch]

No, I´m afraid not.

See if you can download and run combofix -

Please download combofix here -> https://www.techspot.com/downloads/5587-combofix.html << rightclick on the link - save as
Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

Nb. If you can´t do it from normal mode.
Reboot to safe mode with network and try from there.

Reboot to safe mode with network ->
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows Xp Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode with network.

 

[bjkd2002]

Nope, Combifix DOES NOT run, even in safe mode. A DOS window flashes on screen for a second and then dissapears, nothing else seems to happen. When I tried to download it, IE wanted to save it as an HTML file, is this normal?

 

[touch]

No, it should be saved as an exe file.

Please download http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)
and save it to your desktop.

When you have done this, please boot into Safe Mode (Tap F8 during startup).

Open the extracted folder - C:\ SDFix and doubleclick on RunThis.bat to start the script.

Type Y to begin the script. It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot. When you hit any key, your computer will reboot. Your system will take longer that normal to restart as the fixtool will be running and removing files.

When your desktop loads, the utility will complete the removal and display Finished. Press any key again to end the script and load your desktop icons.


Open the SDFix folder on your desktop and attach the contents of Report.txt

 

[bjkd2002]

Nope.

After waiting quite a long time for safe mode to boot up, when I try to run SDFix the same windows message appears about working in safemode that usually displays when you first boot up. The one about clicking 'Yes' to work in safe mode or 'No' to go back to a restore point. Clicking yes again doesnt do anything. If I try to run SDFix again the process just repeats. No log file is saved, so I'm guessing its just not doing anything at all.

Interestingly enough I can now web update both MBAB and Ad-Aware, but my browser is still being redirected.

Edit: No I can't update MBAB. Not anymore. Damn

 

[touch]

Ok. Please follow the instructions in post #3 here:
https://www.techspot.com/vb/topic115811.html

When you have done that, please tell if there any improvements ?

 

[bjkd2002]

Doesn't work. A dos window briefly appears and then vanishes. No apparent effect.

 

[touch]

Go here and download to Desktop: http://www.adrive.com/public/97c4357...cd68a0107.html

And download Fixer exe

Doubleclick Fixer.exe to run it. This will extract a Fixer folder to the desktop.

Now before running boot to Safe Mode with Networking.

Then Doublick to enter the Fixer Folder .

Double click Daft.exe, then click scan and check any found items and click fix and then exit.

Next boubleclick on click Fixit.cmd to run it.

When it completes try again to update MBAM and SAS

 

[bjkd2002]

"The file you are trying to download is no longer publicly available"

Nothing is working mate. Thanks for all your help, but I'm gonna have tp format/reinstall.