Browser redirects and AVG not updating - regedit and cmd issues

I am working on my friend's computer. He had the prepurchase version of antivirus2008 a while back and it was deleted manually by myself. All of the tools I have run have found traces of AV2008 and removed them which has not fixed the problem. As best he can recall, the new issue has been happening for about a month, it is as follows:

Whenever a search is done in google or yahoo, most reliably for spyware removal software, the browser gets redirected. Clicking the back button will bring us back to the page we clicked to. This occurs in both IE7 and FF3. He also had Mcafee installed and it stopped working properly. I uninstalled that and installed AVG, which also will not update. I can visit the avg site with no issue, but the updater constantly fails. As a side note, FF crashes when visiting a site like myspace, but IE does not. I uninstalled, rebooted, then reinstalled a fresh download of FF to no avail.

When I tried to get a dos prompt (run>cmd and using the program in accessories) the explorer resets. The same thing happens when trying to run regedit. Both conditions exist in safe mode as administrator as well. Before finding this site, I ran adaware, spybot S&D, CCleaner, and did a scan with AVG. Spybot removed 94 wildtangent items and some remnant of AV2008. after the reboot from doing this, explorer stopped booting up. Explorer magically starting opening at boot time after running the diagnostics from your site. The provided tools brought me back to square one and I am toast. combofix could not be run because the forums that it is hosted on will not load in FF or IE. IE opens the page and the progress bar says done but nothing happens. This happens no matter what page of their forum I try to visit. FF tries to download but then says the source is unavailable. I am reluctant to put the file on my thumb drive and then use it in his computer as I don't have any issues of my own and I like it that way.

Anyway.. here are the logs that I was able to make. Thanks in advance!

 

There's an idea! I will burn that to a disk and get it to my buddy as soon as possible. I should see him at work tomorrow. Is there an issue with the order that the scans are done? I seem to recall seeing some things about that in other threads while I was trying to answer the issues myself. If you require a full rescan, It will take me a bit to get over there and run them all. I should be able to walk him through combofix on the phone after I give him the cd though. I will get you that log as soon as possible!

No problem on the wait, I am very grateful that you guys take your time as pros to serve the unwashed masses like this. Let me know if you need anything else, log should be here by Thursday night.

Thanks

 

I got the disc to my buddy and he attempted to run combofix. The first attempt just caused the computer to hang, on the second attempt after a reboot, he got a dialog box saying that the files could not be written because combofix was only made for 98/2000/me/xp and he has the wrong operating system. He is running windows xp. Not sure what could be going on. The file that I burned to the disc came right from bleepingcomputer.

 

I created the disc on vista and it prompted the finalizing when I attempted to eject the disc, I complied with the finalizing (I think it was more just a notice, not a prompt) after 10-15 seconds it ejected, saying finalization was complete. When I was on the phone walking him through it, I instructed him to drag combofix.exe to the desktop and then close the window from the CD. I then had him remove the disc from the computer (verifies he didn't make a shortcut to the disc) and the first attempt hung with no explanation, attempt two after reboot (as mentioned) said invalid OS. I can't truly verify this info is good since we were on the phone, but as far as I can tell, that is an accurate representation of what happened.

Lemme know if there is anything more I can do to help you help me while ya'll research it!

Thanks

 

Awesome! I will let him know and get over there as soon as I can to run all this stuff. I am also glad to have a post from a pro telling him to buy more RAM! :-D Thanks again for all your time!

 

Sorry so late for the reply. Things got crazy at work for both of us, but i was finally able to get here and run the instructions you gave. It turns out that AVG might have been messing with combofix. It did the same thing it was doing when he tried to run it, but when I ran it in safe mode, it came up and told me to disable avg. I rebooted into normal mode and ran it with avg disabled.. worked fine then. cmd and regedit are both able to be opened now. IE and FF3 have stopped the forwarding issue. AVG and windows update are now able to connect and bleepingcomputer.com opens with no issue. I would say that it is a mission accomplished! I do have the logs for you to review. Thanks for all the help! Awesome service.