Hijacked yet fresh install?

Hi Guys

I have a Toshiba Equium laptop that was badly infected with spyware so I decided the best way to clean it was to do a fresh install from the Recovery Option.

Unfortunately after doing this I still can't use Windows Update and as soon as you open an IE browser it redirects to Gameo.

I have reinstalled 3 times now, including installing AVG and MalwareBytes anti malware which both scan as clean, yet it is still redirecting to Gameo and giving error 8007041D when trying to use Windows Update.

Any ideas or suggestions?

 

That error code seems to be related to AVG
AVG has been causing problems
Look here http://forums.majorgeeks.com/showthread.php?t=229347

 

I received the error without anything installed, as well as with AVG.

 

Just tried again and this time I am getting error 80072EFE when trying to update windows.

 

I would hazard a guess that the version of AVG you have installed isn't AVG at all but from one of the rogue sites that masquerades as AVG. Could this be possible? If so you should reinstall again and then install something different, such as MS Security Essentials.

 

I have installed AVG direct from Grisoft so that is unlikely, especially as I have used the same link to install it on another machine with no problems. That also does not explain why I cannot use Windows update on a fresh install without anything else installed.

 

Not too many possibilities left in that case, though AVG must remain the prime suspect. Still recommend you restore your recovery disk/partition again and try it with MSSE or another AV product. Otherwise it's saying your recovery partition is infected - never heard of that though it could be possible I s'pose

 

It's possible the malware did spread to the recovery partition, or worse, is present on the MBR or boot partition of the hard drive. In that case, completely formatting the drive will be the only way to rid yourself of the malware. I had a malware infection like this once. Even after reformatting the drive with the Windows install disk, the infection remained. The ONLY way I was able to get rid of it was to low level format the drive.

 

Reinstalled with Panda Cloud - same situation

Trying now with a Vista DVD to see what happens.

 

"Windows installation has encountered an error and needs to close"

 

Did you let the Vista install format the drive?

 

Installing MSE would have had a good chance of fixing Windows (actually 'upgrading' it to Microsoft) Update; it checks and resets the neccessary Services during the install process because it uses MS Update to get its' own updates.

It does read a lot like a boot/MBR infection though.

 

Didn't get that far - received that message as soon as I entered code, which I know is legit.

 

If you can get into the Vista recovery environment you could use bootrec to restore a clean mbr -

http://support.microsoft.com/kb/927392