dugly2ugly

Ran Malwarebytes, Now No Internet

7 posts in this topic

I ran the program and it seemed to sucessfully remove some problems. However, I can no longer access the internet either from IE or Firefox. I have tried to follow fixes suggested to others in this and other forums, but they seemingly get specific to those users. So far I have used winsockxpfix with no luck.

Below is the log from the scan that I ran. I am comfortable around computers and am happy to take any suggestions, but if anybody can help me without too much geek speak, that would be especially appreciated.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 5010

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

11/1/2010 5:29:06 PM

mbam-log-2010-11-01 (17-29-06).txt

Scan type: Quick scan

Objects scanned: 163402

Time elapsed: 29 minute(s), 15 second(s)

Memory Processes Infected: 2

Memory Modules Infected: 0

Registry Keys Infected: 4

Registry Values Infected: 4

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 4

Memory Processes Infected:

C:\Documents and Settings\Doug\Application Data\Microsoft\svchost.exe (Trojan.Agent) -> Unloaded process successfully.

C:\Documents and Settings\Doug\Application Data\Microsoft\Windows\shell.exe (Trojan.Shell) -> Unloaded process successfully.

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lqfiihts (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lqfiihts (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe,C:\Documents and Settings\Doug\Application Data\Microsoft\Windows\shell.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Doug\Application Data\Microsoft\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Documents and Settings\Doug\Local Settings\Temp\i8oukp27.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Documents and Settings\Doug\Local Settings\Temp\CTnD.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Documents and Settings\Doug\Application Data\Microsoft\Windows\shell.exe (Trojan.Shell) -> Quarantined and deleted successfully.

Share this post


Link to post
Share on other sites
but they seemingly get specific to those users.
Hi -

This can be the case depending on the actual problems and the computer - Not all systems and problems are usually 100% the same -

You have a very badly infected system and it may take several other tools to fully fix it - If it can be fixed -

Your XP SP3 has been hit very hard by the infections and you may have lost internet connection due to this -

  • Open Control Panel > Internet Options
  • Click on the Connections tab
  • Click on the LAN settings button
  • Under Automatic configuration make sure that the box next to Automatically detect settings is checked, if it is not, then click the box next to it to check it
  • Click on the OK button to close the Local Area Network (LAN) Settings window
  • Click on the OK button to close the Internet Options window
  • Use this diagram as a guide
  • Try this first and then post back -

Thank You -

Share this post


Link to post
Share on other sites

Hi -

It was worth a try as a first option (sometimes works) - Good: (Explorer.exe)Bad: (explorer.exe, this infected item may have cancelled your connection -

As we do not work on Malware removal or diagnostics in the general forums please follow these directions -

Please print out, read and follow -->What do I do now? <-- , skipping any steps you are unable to complete.

The next step is post a -->New Topic Here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that

you're alerted when someone has replied to your post - Please allow at least 48 hours for a reply as the experts can get busy at times -

Also add a brief note to the experts as to your problems -

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or via This Link

Always use the ADD REPLY Tab at the bottom of the page when you reply -

Thank You - :D

Share this post


Link to post
Share on other sites

dugly2ugly, did you look at the "Proxy Server" settings section of the doc that noknojon pointed you to? Perhaps the "use a proxy server....." has been checked off? If so, then Un-check it, click OK, and then OK again.

Does that help?

RandyC

Share this post


Link to post
Share on other sites

The steps in the link did not work. The Defogger worked, but then DDS kept freezing up and GMER was "encountering errors" that forced close outs and an automatic restart of the computer.

Randy, the proxy served box was not checked.

Any other ideas?

Unforntuately, now that I'm dealing with this, I'm pretty sure that I have had this problem using Malwarebytes before a little while back. Too bad I can't remember how I fixed it. Even worse, I didn't remember until it was too late, otherwise I would have used a different program.

Share this post


Link to post
Share on other sites

Hi -

With the 15 infected items listed in the scan above , they can do a lot of damage to any system -

This is why my item at Post #4 is your best option - Skip any items that can not be done and post a new topic as listed -

By now one of the experts may have looked at your problem and helped you better than we can on the General forum -

Here we only post "general quick fixes" without fully diagnosing any specific related problems -

The problem is not with Malwarebytes , but with all the infections you had - One or two can cause a minor problem but you have 15 major problems all at the same time - If there are still items showing in any Antivirus or Malware scan , you may be still badly infected -

Thank You -

EDIT -

There have been about 30 updates since your scan and you may still have items in there to be removed -

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.