Multiple Problems Spyware etc.. & DSL Modem

Ok, I am trying to help out a friend who is having computer problems..
Windows XP Home Edition SP1 SBC Yahoo DSL

I know about the Read Me First please bear with me while I explain whats happening.

When I installed AVG on a friends computer it found like 5 spyware, trojans etc.. during the scan well I had to leave (the scan was still going) and she wanted to know if it would automatically take care of them or not once the scan was done. So we stopped the scan to see what would happen. Well at that point we lost the capability of her computer recognizing the modem or the modem recognizing her computer.

Now at this point I went through things checking internet connection, went through as much of the read me first as I could. Could not complete the Trend Micro or Symantec online scans as we couldn't get a internet connection. I did the Stinger, AdAware, Spybot, Kill2me, & CW Shredder all of those did find things and took care of them. In total I had about 239 infections removed if not more then that.

Still unable to get online so we called SBC Tech Support and they had her create a new network connection to connect on broadband using a username and password. Ok well she can now have internet access but the internet light on her modem still won't light up and the computer and modem don't recognize eachother. I have tried uninstalling SBC Yahoo and reinstalling it with the disk that came with it but it won't install because the computer and the modem aren't recognizing eachother.

So is it possible that when one of the viruses, trojans, spyware crap was removed from her computer during the initial AVG scan that was stopped in process that it also deleted a registry key that was needed to "support" the SBC DSL connection so the computer and modem recognize eachother? If this is possible then how do I get that registry key back? If I do a system restore will that bring it back or will I have to completely dump the computer and start out fresh?

One thing I should also mention that before she set up the new network connection as instructed by SBC we couldn't even type in the 192.168.0.1 in the IE addy bar to bring up the modem details etc.. Even connecting with the new network connection of Broadband with username and password we still can't type 192.168.0.1 in the IE addy bar to bring up modem details. It just say page can not be displayed.

I would appreciate any help anyone can give me on this.

Thanks
SW

 

No router Modem is connected directly to the PC

Ok per instructions from SBC I did a CMD (Start Run CMD IPCONFIG) and it did not bring up any IP Addys it brought up 0.0.0.0 for the IP and Gateway. Per SBC instructions I was told to reset the modem via the button to push in with pen/pencil and hold in for 2 seconds. I did that and tried the CMD again and it brought up the same thing 0.0.0.0 for the IP and Gateway.

SBC told me that this was the last resort and to uninstall and reinstall but still the computer and modem would not recognize eachother for me to be able to reinstall it.

I was going to do a HJT today but she had to leave for work so I will have to do that on Wednesday. If I do find 010 lines what should I do? I do know she is still infected with spyware because some things are still in the add remove programs that I can't get rid of and they are all similiar in name there are about 3 of them and they are blah by Hotbar such as Outlook by Hotbar as one example I can't remember what the other 2 are but they are by Hotbar. When I click to remove them from the add/remove programs the computer sits idle for a long time and then it goes back to the add/remove program but won't allow me to remove those items.

I think that once I can get this connection issue resolved then I can do scans online in safemode and update AdAware and Spybot and get rid of even more stuff. Also be able to run HJT and remove more things as well via HJT.

I would like to mention that we have it so she can use the net its just set up the way SBC told us to that its a Broadband connection that you have to enter a username and password instead of an always on connection. So, I am not sure how to run the online scans in safemode with this type of connection as I have always dealt with an always on connection (which is what she used to have before all these problems began). Which is why I would like to if possible get the connection issue resolved the best we can. I am sure that all this spyware and crap is probably a leading factor in the connection issue.

Sorry if I am rambling on.. just want to make sure that you are informed as best as possible.

Chas thanks so much for all your time and help you know how I greatly appreciate all that you, PP, and everyone else do for us.

SW

 

Ok I won't be able to get back to that computer until Wednesday so I will rerun the "ReadMeFirst" in normal bootmode with all the scans and do a HJT and the IPCONFIG/all and report back to you with what I found and attach an HJT log.

thanks again..
sw

 

Ok how do I get it set up for DHCP??

This is totally new territory for me..

Thanks..
SW

 

Chas
Here is the HJT ther is no 010 lines and currently we don't have AV or Firewall due to the fact that when we went to install the AV that is when we lost the connection between the modem and the computer for internet access..

As for the IPCONFIG/ALL did that and there is no IP Addy or ip subnet mask they are all 0.0.0.0 and the default gateway has nothing just a blank space.

The DHCP and DNS servers show 192.168.0.1

the PPP adapter sbc shows that the DHCP Enabled is NO
then that has IP, subnet mask, Default gateway, DNS servers with numbers .

NetBIOS over Tcpip is disabled.

If you want I will post this in the networking forum as well to get more help on the DNS DHCP portion.

Thanks for all your time and help
SW

ps. I will be back over there tmrw to get more stuff gone and get the bad things in the HJT log removed..

 

Chas one more thing this computer is like 4 years old never been cleaned up (defrag, spyware scans, etc.. ) if I do a "dump" of this computer would that help to eliminate all these problems so we can start fresh? I dont want these problems multiplied or still there if I go through the "dumping" process.

Thanks tons..
sw

 

Just wanted to let you know that I ended up having to "dump" the computer so it was back to factory installed state. Her son was messing around and did something or the spyware took over so everything was out of whack when she clicked on one icon it brought up another program. Such as she clicked on Yahoo Messenger Icon and it brought up her AdAware she clicked on AdAware and it brought up Internet Explorer.

Her computer is working just fine now I went over to do the HJT clean up and discovered the messed up state and she just wanted to start fresh so we did.

Thanks
SW