Google Redirects and Can't Update Virus Software

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by jb77, Mar 25, 2009.

  1. jb77

    jb77 Private E-2

    I have two computers that are infected, and are both reacting in the same way. And I'm not sure how I caught this, I can't remember doing anything "questionable". I have gone through the cleaning procedures for XP, but I have run into some blocks.

    1. both IE and Firefox are redirecting when I search for "remove antivirus" or similar searches

    2. I cannot use auto update on Malwarebytes, and Avast, they just shutdown. And MGTools freezes (even after restart) at this same point: xrkey15.txt - updating runkeys.txt 188 bytes security - 81% deflated

    3. Scans didn't find anything either.

    4. I prefer not run Combofix since on previous attempts it has f-ed up my system and required a system restore.

    Let me know what else I can do. Any help would be greatly appreciated...Thank you!
     

    Attached Files:

    jb77, Mar 25, 2009
    #1
  2. jb77

    jb77 Private E-2

    After updating the Avast Antivirus manually, I was able to run boot scans and then it found the following viruses on both machines, I am currently running the boot time scans a second time to confirm removal (also, I didn't see any log files to export in Avast so hopefully there is enough info here to go on):

    Win32: Adware-gen [Adw]
    Win32:Delf-LXW [Trj] in C:/windows/uudu.ckt
    Win32:Fasec [Trj] in system volume info/restore
    Win32:Virtumonde-US

    Thanks again for any help guys!
     
    jb77, Mar 25, 2009
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Based on the only two logs you attached, there is nothing for us to do. We would need the logs from ComboFix and MGtools ( which probably did create at least a partial log ) for us to do anything more.

    Note you are out of date with both MBAM and SAS so it would not hurt to install the new versions and current databases and perform new scans.
     
    chaslang, Mar 28, 2009
    #3
  4. jb77

    jb77 Private E-2

    You should NOT be recommending people use ComboFix - it is a DANGEROUS program that I ran and has now rendered my computer unable to be logged into! Either it or the virus I *might have* had have now wiped out my Windows User account, and because of a set of events beyond your control I have LOST YEARS worth of Business Data - my business is ruined, and I know it is MY fault since I wasn't verifying my backups, but you should take this into consideration before recommending this to anyone else ever again!!! Data recovery people has so far been unsuccessful at recovering my data from my hard drive. My life's work is completely ruined because I decided to run that combofix without backing up all of my data (infected or not)...
     
    jb77, Mar 29, 2009
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    First I'm very sorry to hear this happen. We and many other forums use it many hundreds of times per week and we rarely have problems. Yes it can be dangerous but so are commercial antivirus programs when can just as frequently render a PC to be unbootable. This commonly happens when malware has infiltrated important key parts of the operating system and the act of cleaning the infection can sometime result in the deletion of important system files.

    I doubt your user account has been wipe out. And just because you cannot log into Windows, it does not mean your data has been erased. You may be able to log into a different user account or even the Adminstrator user account in safe boot mode and still get accces to what you need and possibly even do a repair to get back into your normal account. There are several methods to do this. If your problem is just that you cannot login because it keeps asking you to login again and again, that means your C:\Windows\system32\userinit.exe file may have been corrupted or the registry keys related to it were corrupted. This can be fixed using the below procedure.

    http://support.microsoft.com/default.aspx?scid=kb;en-us;307545&sd=tech

    You need to explain exactly what your problem is.

    In addition, as long as your hard disk has not crashed, you can put your hard disk into another PC as a slave drive and recover all of your data.

    What exactly are you doing? As I said above, you probably should have been able to use any of the methods mentioned to recover your data unless your hard disk phycially died and that would not be from ComboFix.
     
    chaslang, Mar 30, 2009
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds