Yahoo redirect and Mbam wont run

I see I'm not the only one to have this problem. I tried for the last couple of days to try and get malwarebytes to run but it just starts up and then shuts down. No error messages, and it won't update either. I probably did a bad thing by trying to get it to run with various programs but I have finally given up.
I did my best to run through the "run me first" section but mbam won't run, root repeal wont run and although mgtools extracted nothing ran. I ran analyze.exe that was inside the mg tools folder and am attaching that log.
I can't seem to find the Superantispyware log but it said no files found.
I'm sure that I forgot something, and sorry in advance, I'm very frustrated from trying for 2 days to get malwarebytes to run to no avail.

 

I know that you hear "thank you" alot but I do want to take a second and say thank you for your time before I continue.

I didn't get any error messages when running the command prompt. Here are the logs created. I'm not sure if the "winfiles" was created or not so I included it too.

again...thanks

 

The only thing that it found was 35 tracking cookies.

As far as the redirects go, I really don't use much other than Yahoo and it only seems to redirect me 1/2 of the time. I guess what's really unsettling it the fact that I cant get some of my programs to run (including Malwarebytes and Rootrepeal) I don't get error messages, they just don't start. Malwarebytes will start for 5 seconds then shut down.

Before I signed up here, I ran housecall and it found a couple of things , one being a file in my temp folder called "urwrbda.bak" that I can't make go away. It keeps coming back. Unfortunately the log has got deleted amongst the massive cleaning effort before I posted here. Also I have 3-4 svchosts running that when I try shutting them down, they keep restarting.

I know that I haven't given you much to work with. Sorry about that. It's not intentional I can assure you. It's just kind of tough when all of the tools don't want to run. I haven't and won't try to run anything without intructions since my first posting.... I can always just reformat and be done with it if need be but I was really trying to avoid that. I do it once every couple of years (around Thanksgiving or Christmas) just to tidy up things, and it's such a pain. Thank you again for your time.

 

ok, I uninstalled MBAM and downloaded it again (calling it mb.exe before saving).
Then I ran the windows tab of cc cleaner. I didn't know if I was supposed to run other tabs or the registry cleaner so I didn't.
Then I ran ATF cleaner (with everything checked) and it removed 44.8 mb more.
I reinstalled mbam and tried a quick scan. It ran 5 seconds and then shut down. Same as before, no error reports, just shut down.
I then ran GetLogs.bat and have attached the zip file.

 

I couldn't follow the link that you had from my "infected" computer. I had to use my laptop and transfer the file over. (version 2.2.8)
I ran it as you asked and it didn't ask me to delete anything. The log is attached.
I then tried MBAM again. Same results. It runs for 5 seconds and then shuts down.

 

I got the same result. MBam was on the new users desktop so I uninstalled it and then reinstalled it (all from the new users account) but when I tried a quick scan it ran for about 4-5 seconds then shut off.

The biggest reason that I thought (or think) that it's a virus is because of the redirects from yahoo. If I type in "majorgeeks" in yahoo and click on the first result, I get a "superpages" site asking about plumbers in my area...(or something similar). It's not just mbam that won't run, I've got an rc simulator that wont run and my nvidia video settings screen won't open. My computer doesn't run slow or anything like that though....

Sorry, I'm babbling now. If you can't see anything and believe that it's not a virus, do you have any suggestions what I should do next ? I'm starting to feel bad for taking up your time. I'm usually not one to ask for much help.

 

I ran scannow twice turning my computer off in between. I can't get the eset scanner to come up though. It's the same problem that I had when I tried to download the tdsskiller. I have attached the screenshot to help explain better.

 

Whew, not very good news but....

I downloaded and installed Firefox but got the same result. I did a search and did find a site that would try to start but when asked to install the eset installer it would say "Unknown Process" or something like that so I couldn't run it. The sites address was:

http://www.esetgr.com/


I then tried the other scanners on the page you linked too. Only HouseCall would show up. I ran it and have attached the file that it found in a txt file. It's the same one as before and when I try to delete it , it shows back up in less than 10 seconds. All of the others said "Page not found" or something similar. The Strange thing is that I then searched for each one and on clicking the result, I would get redirected to a strange totally unrelated page.....Anytime after that I've searched and click on the result I get... "Page Not Found". Even with Mcaffee and the Windows one which suprised me. I've tried Google and Yahoo.

I then tried some of the rootkit checkers on the page. Only Panda would run and it gave me an error upon reboot..."Instruction XXX referenced at memory XXX could not be read" , but it found nothing. SysProtect would open but then shut down.

The only glimmer of hope that I had was when I moved to the offline scanners. I did not try them all but I did manage to get the Avast virus cleaner to run (Log Attached) and the "Trojan Scan" to run. (Log Attached) The "Trojan Scan" didn't leave a very good log but I manually typed in what it found at the bottom (Minus the tracking cookies).

I'll probably keep trying to get something to run but I figured that I'd give you an update. I know it's a strange question but can I load one of the scanners onto my laptop (which is working fine) and then transfer it to my Desktop to run it ? If so , would you prefer one over another ?... Ok , enough dumb questions from me..... Thanks again !!

 

Sorry to double post but I can't see a way to edit my last one...

I have managed to get at least some of the rootkit revealers to open by right clicking and using "run as" current user. Unfortunately when I try to actually run the processes I get various errors as follows :

SysProtect - Failed to start service. SysProtect needs admin privileges....Then - error writing to log
RootkitRevealer - Error copying image to ramdom service image file. Access is denied.
Rootkit buster - Intregity test failed. Please download a new copy.
BitDefender - shows an hourglass for a couple of seconds then it goes away. If I look in my task manager it says that its still running using 50 of my cpu.

I don't know if any of that helps.

 

Sorry , Urwbda.bak was detected by houscall and It didnt save a log. It was in my local settings / Temp folder.

I'm not exactly sure how to do that but I have my cd. (its an oem that came with my computer.) I'll probably back up my hard drive programs and documents onto an external drive first in case I screw it up.

 

Ok. I've backed up my program files , document and email....Here goes nothing. I'll get back to you as soon as I have results one way or another.

And thanks for the quick instructions on the repair install. I wasn't too sure about how to do it but it seems easy enough.

 

Well, I think that I messed that up. I never saw the "R" option to repair windows. I just saw the partitions to place windows on. I knew that installing over the partition that I was using (the other one is only 8kb or mb or something like that) that I would keep my program files and previous user so I "installed" over the old version of windows .... deleting the current version. My programs and files still are there and I've also backed them up but I have to reinstall my video drivers, sound drivers, network , e-mail..ect....I had to reinstall MBAM but it ran and I have attached the log. I also ran the Eset online scanner and attached the log.

I am probably going to reformat my hard drive at this point because I have nothing to lose and I still see the 4 svchosts running in task manager , but before I do I wanted to give you the option of continuing if you think it might help someone else later or just for curiosities sake. I'm still convinced that it was some evil virus and that I probably messed things up by trying to fix it myself before signing up here. I just don't want to waste your time trying to help me when I'm just going to do a fresh install anyway. I saved a backup of my registry on the external hard drive before I did my bad repair job but I don't really know how to scan a backup of a registry or if it's even possible. I won't run any more scans or mess with this until I hear from you or until Thursday morning shows up with no response. Either way though, thanks again very much for your help.

 

Oops, sorry about that. Here you go.

 

Everything seems ok now. I got retro-fitted back to Explorer_6 (which I always liked better than 7 anyway). I can visit all of those online scanning sites that were "blocked" before (although I've only run esets online scan) and other than a couple of unscheduled visits to microsoft's home page, everything seems to be running fine. No real redirect issues yet that I can see. I haven't done much searching but I've been trying to go to all of my normal sites through yahoo instead of the address bar to see what happens. I also haven't tried reloading a couple of my games that had quit running in the process of all of this. (Mainly my rc simulator) I'll let you know if it runs when I try it.

I ran MGtools\GetLogs.bat and have attached the log. I then ran SAS and it found nothing again. I didn't attach the log for that , ( I saved it though if you want it.)

 

Awsome!

Will do on the AV and AS stuff. I was just waiting for the all clear. After I do the final steps I'll put them back in. Thank you again for all of your patience. It's kind of funny that I just noticed the "Thank You" button in the posts. I'll be sure to push it.