malware prevent my internet connection

Hi...my name is Tim and I will be helping you with this.

You needed to remove all your browser toolbars!! Look at your counterspy log!!
Please use add/remove programs to uninstall:
Enhanced Ads by Think-Adz removal
J2SE Runtime Environment 5.0 Update 10
Think-Adz Search Assistant removal

Re-boot and install:
Java Runtime 6

Did you notice this in the HJT log:
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\rlls.dll' missing ----> restore C:\!KillBox\rlls.dll
C:\!KillBox\rundll32.exe

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now download The Avenger by Swandog469, and save it to your Desktop.

* Extract avenger.exe from the Zip file and save it to your desktop
* Run avenger.exe by double-clicking on it.
* Check the 'Input script manually' box.
* Click on the magnifying glass icon.
* Copy everything in the Quote box below, and paste it in the box that opens:

* Now click the 'Done' button.
* Click on the traffic light icon and OK the prompt.
* You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt
Please attach new logs for:
ShowNew
GetRun
HJT
Avenger

 

You will find the files in C:\!KillBox\ -->(backup files), you should be able to do a restore of those files.

Run HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

* Run avenger.exe by double-clicking on it.
* Check the 'Input script manually' box.
* Click on the magnifying glass icon.
* Copy everything in the Quote box below, and paste it in the box that opens:

* Now click the 'Done' button.
* Click on the traffic light icon and OK the prompt.
* You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt
Please attach new logs for:
ShowNew
GetRun
HJT
Avenger

 

Forgive me...some days are better than others....

Please download LSPfix from here:
http://www.downloads.subratam.org/lspfix.zip
Unzip it to the desktop and run it. Check "I know what I'm doing", and then select each instance of "rlls.dll" in the left-hand panel and click >> to move it to the right-hand panel. Then click Finish to allow LSPfix to rebuild the LSP chain.

Run avenger.exe by double-clicking on it.
* Check the 'Input script manually' box.
* Click on the magnifying glass icon.
* Copy everything in the Quote box below, and paste it in the box that opens:

* Now click the 'Done' button.
* Click on the traffic light icon and OK the prompt.
* You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt

Download SDFix and save it to your Desktop.

• Run the SDFix.exe by double clicking on it.
• Allos it to install into the default location which is c:\SDFix
• Now please reboot your computer into Safe Mode (see this if you don't know how: Starting your computer in Safe mode )
• When you have booted into safe mode, open the C:\SDFix folder and double click RunThis.bat to start the script.
• Type Y to begin the cleanup process.
• It will remove any Trojan Services or Registry entries found and then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
• Attach the Report.txt file to your next message.

Please attach new logs for:
SDFix
Avenger
HJT

 

Run HJT and have it fix this item:
02 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\khfefdc.dll (file missing)
After clicking fix, exit HJT

Try these to repair your connection.

IEFix:
http://www.majorgeeks.com/download4467.html

Tell me how things are running.

 

You get no ipconfig info? This is a desktop? Sounds like the eternet card is dead ....you can purchase a card....or a USB connection ....have you tried powering down and removing and then reinstalling the card?

 

No it doesn't ...its a left over from when you uninstall the symatec programs ...I also notice you still have Counterspy installed ...unless you plan on purchasing it, uninstall it also.

The cheapest thing you can purchase is a USB connector (@$30) ....or a USB Wireless connector (@$50) ....

Are you saying that you moved the card to a different connection on the motherboard?
This is a hardware issue at this point and I would suggest you post in Hardware ..you will get far more suggestions and troubleshooting in that forum.

Good luck.

 

What have you done???

1. Download this file - Combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Attach this log to your next reply

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

* Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.
* On the page that opens, scroll down to Command Service
* then right click the entry, select Properties and press Stop Service.
* When it shows that it is stopped, next please set the Start-up Type to 'Disabled'.
* noW DO THE SAME FOR Network Monitor
* Click OK until you get back to Windows.

Tell me if you have problems with this!!

* Next, run HJT, but instead of scanning, click on the None of the above, just start the program button at the bottom of the choices.
* At the lower right, click on the Config button
* Then click the Misc tools button
* Select Delete an NT Service
* Copy/paste cmdService into the box that opens, and press OK
* If you receive any error messages just ignore them and continue.
* Now exit HJT but do not reboot when it tells you it needs to. We will do that further down after running HJT again to fix some other items.


Now re-Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

Run avenger.exe by double-clicking on it.
* Check the 'Input script manually' box.
* Click on the magnifying glass icon.
* Copy everything in the Quote box below, and paste it in the box that opens:

* Now click the 'Done' button.
* Click on the traffic light icon and OK the prompt.
* You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt

Attach new logs for:
ShowNew
GetRun
HJT
Avenger
ComboFix

 

The problems you had were not a problem....some of the nasties were already removed.

Please use add/remove to uninstall:
Outerinfo
Now re-Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking fix, exit HJT

Run avenger.exe by double-clicking on it.
* Check the 'Input script manually' box.
* Click on the magnifying glass icon.
* Copy everything in the Quote box below, and paste it in the box that opens:

* Now click the 'Done' button.
* Click on the traffic light icon and OK the prompt.
* You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt

Attach new logs for:
ShowNew
GetRun
HJT
Avenger

 

OK ...your logs look clean...now keep it that way!!!!!!