need help, internet isnt working

You have a whole load of problems in your log! What have you been doing since you where last here?
Do you implement all of the stuff in How to Protect yourself from malware! as was suggested?

I'm looking at your log now.

 

Do you know what the following are:

O4 - HKCU\..\Run: [RocketPipe] C:\Program Files\RocketPipe\rpclient.exe -autorun

O14 - IERESET.INF: START_PAGE_URL=http://pcworld.idg.com.au

 

You should have learned your lesson from your previous infection.

 

You should have run all of the READ ME FIRST and then possible some of the Alterantive Scans. But let's see if we can make a dent in this. This may take some work and some repetition.

First goto Add/Remove programs and check for uninstalls to WareOut and RocketPipe.
Uninstall if found. I'm leaving fixes in below too just incase there are no uninstalls.

Make sure you have system restore disabled and viewing of hidden files enabled.

Please bring up Task Manager by hitting CTRL-ALT-DEL and click the Processes tab. Find the below processes and End them:
IPCFG
SCANDS32
SNNPAPI

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = http://fastsearchweb.com/srh.php?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\SYSTEM\SNNPAPI.DLL/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\SYSTEM\SNNPAPI.DLL/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\SYSTEM\SNNPAPI.DLL/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\SYSTEM\SNNPAPI.DLL/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\SYSTEM\SNNPAPI.DLL/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\SYSTEM\SNNPAPI.DLL/sp.html (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R3 - URLSearchHook: (no name) - {3793D6D1-4522-0534-AE28-11BBFB5737B7} - clamav.dll (file missing)
O3 - Toolbar: FreshBar - {06ABAA2D-34AB-4902-A326-409BD9B9A7A5} - C:\WINDOWS\SYSTEM\IECUST.DLL
O4 - HKLM\..\Run: [ipcfg.exe] C:\WINDOWS\SYSTEM\IPCFG.EXE
O4 - HKLM\..\Run: [scands32.exe] C:\WINDOWS\SYSTEM\SCANDS32.EXE
O4 - HKLM\..\Run: [SysTray] C:\WINDOWS\SYSTEM\SNNPAPI.EXE
O4 - HKLM\..\Run: [pizda] msag.exe
O4 - HKLM\..\Run: [NukeSpan] Shaitan1678.exe
O4 - HKCU\..\Run: [RocketPipe] C:\Program Files\RocketPipe\rpclient.exe -autorun
O4 - HKCU\..\Run: [WareOut] "C:\Program Files\WareOut\WareOut.exe"
O4 - HKCU\..\Run: [10010] EXE32EXE.exe
O4 - HKCU\..\Run: [MON76234] bhoserv.exe
O4 - HKCU\..\Run: [MNTP] driver32.exe
O9 - Extra button: Start spyware remover - {BF69DF00-2734-477F-8257-27CD04F88779} - C:\Program Files\WareOut\WareOut.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Start spyware remover - {BF69DF00-2734-477F-8257-27CD04F88779} - C:\Program Files\WareOut\WareOut.exe (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://pcworld.idg.com.au
O15 - Trusted Zone: http://*.63.219.181.7
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://c:\nosuch.mht!http://ultimately-yours.com/dl/files.chm::/file.exe
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O18 - Filter: text/html - {8698C5C0-6E48-11D9-BF4A-4445F9519AB2} - C:\WINDOWS\SYSTEM\SNNPAPI.DLL
O18 - Filter: text/plain - {8698C5C0-6E48-11D9-BF4A-4445F9519AB2} - C:\WINDOWS\SYSTEM\SNNPAPI.DLL

After clicking Fix, exit HJT.

Boot into safe mode and use Windows Explorer to delete:
C:\Program Files\WareOut <--- the whole folder
C:\Program Files\RocketPipe <--- the whole folder
C:\WINDOWS\SYSTEM\IPCFG.EXE
C:\WINDOWS\SYSTEM\SCANDS32.EXE
C:\WINDOWS\SYSTEM\SNNPAPI.EXE
C:\WINDOWS\SYSTEM\IECUST.DLL

These next 5 files must be deleted too. They could be in c:\windows or c:\windows\system or even somplace else. If you do not find them in one of the two windows folders mentioned, use the built-in windows search and see if you can located them and delete them.
msag.exe
Shaitan1678.exe
EXE32EXE.exe
bhoserv.exe
driver32.exe


Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

Yeah but it shows processes by default but I forgot to remove the comment about system restore which does not apply to Win98

 

OK! Better! But I missed one the first time.

Make sure you have system restore disabled and viewing of hidden files enabled.


Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O2 - BHO: (no name) - {8698C5C1-6E48-11D9-BF4A-4445961D3F29} - C:\WINDOWS\SYSTEM\SNNPAPI.DLL

After clicking Fix, exit HJT.

Boot into safe mode and use Windows Explorer to delete:
C:\WINDOWS\SYSTEM\SNNPAPI.DLL

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

Your log is clean but did you forget to shut this down before running HJT:

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

or is it running on its own. If running on its own, that would be a problem.

You should take all the steps in the below link:
How to Protect yourself from malware!

You said "my computers running alright but not perfect". What makes you say that? What problems are you experiencing?

 

I believe have referred you to How to Protect yourself from malware! at least three times within this thread and I know I also did in the past too. Please read step 2 again and note at the end of that step these works "Only run ONE AV!"

Why did you install AVG if you hav VET?

Which on do you want to keep? Right now it looks like you broke Vet. You should probably uninstall it, but are you saying there is no uninstall program?

I have no idea what files AVG found and what you deleted. You never provided me with any info on that.

 

Yes! Tell me what trojans AVG is finding. Are you scanning in safe mode too? And are you saying it finds them but does not fix them?

Did you get the latest update to AVG which just came out today or yesterday?

 

Post another HJT log. You said you deleted all the Vet files and folders....right?
Also, didn't you say you could not find Vet in add/remove programs to uninstall?

 

I would start by renaming those thread files as below:
m.exe to m.xxx
LaCqaRha.exe to LaCqaRha.xxx
maSszDni.exe to maSszDni.xxx

Then reboot and perform a full virus scan with your antivirus application. You log was clean.

Are you noticing any problems with your computer?

 

Where are all these coming from? Are these all new problems or where they always here and you never mentioned them?

Run a full scan with AVG and then do these:

Bitdefender online scan
RavAntivirus online scan <-- select Auto Clean then click Scan My PC
TrojanScan online scan

 

Rename that later (if still necessary) after doing all the scans. Run all the scans in normal boot mode. If AVG cannot fix any problems it finds then re run AVG in safe mode.