Ran TDSSKiller and now no internet

Last week it started with the XP antivirus 2012 virus and I easily took that out, but I still had Malware on my computer. To make a long story short, I got rid of most of it, but I still had the Google Redirect virus on my computer. Malwarebytes, MSN Spysweeper, and TrojanRemover all couldn't find it on my computer so I used TDSSKiller to fix the problem. I can't be sure if its fixed because now the internet won't work on my computer. I can use my laptop so I know the issues stem from my desktop computer.

I can't copy the exact TDSSKiller log, but here is what I can copy. I have an XP if it helps.

NetBT (534795b713eb1b302abcdef92b478f4) C:\WINDOWS\system32\Drivers\netbt.sys
Suspicious file (Forged): C:\WINDOWS\system32\Drivers\netbt.sys. Real md5: 534795b713eb1b302abcdef92b478f4, Fake md5: 8bb6a19d66525ec5183ele57455c95ab
NetBT ( Rootkit.win32.ZAccess.aml ) - Infected
NetBT- detected Rootkit.win32.ZAccess.aml ) (0)


\MBR (0x1B8) (1f753b394439269a3484aecd505b79bd) \Device\Harddisk0\DR0
\Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.B ) - infected
\Device\Harddisk0\DR0 - detected rootkit.Boot.Pihar.b (0)

Detected object count: 2
Actual detected object count: 2
Backup copy found, using it..
C:\WINDOWS\system32\DRIVERS\netbt.sys - will be cured on reboot
NetBT ( Rootkit.win32.zaccess.aml ) - user select action: Cure
\Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - Will be cured on reboot
\Device\Harddisk0\Dr0 - ok
\Device\Harddisk0\Dr0 ( Rootkit.Boot.Pihar.b ) - user select action: Cure
Deinitialize success

 

Hate to bump this, but I need to add another log. This is from Farbar service scan.

Internet Services:
Dhcp service is not running. Checking service configuration:
the start type of Dhcp service is ok
the imagepath of Dhcp service is ok
The servicedll of Dhcp service is ok

Netbt service is not running. Checking service configuarion:
The start type of Netbt service is ok
The imagepath of netbt: "system32\drivers\tskED.tmp".

Connection Status:
Localhost is accessible
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Yahoo IP returned error: Yahoo IP is unreachable

File Check:
[All of them said they were ok. Here is what was listed:

Dhcpcsv.dll
afd.sys
netbt.sys
tchpip.sys
ipsec.sys
dnsrslvr.dll
svchost.exe
rpcss.dll
services.exe

All of the above said => MD5 is legit

 

Hi and welcome to Major Geeks, mikej62!

http://img205.imageshack.us/img205/4783/regeditb.gif Open Notepad and copy everything in the code box below into it.

Code:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT]
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
  52,00,49,00,56,00,45,00,52,00,53,00,5c,00,6e,00,65,00,74,00,62,00,74,00,2e,\
  00,73,00,79,00,73,00,00,00

• File -> Save As -> Save as type: "All Files" -> File Name: fixme.reg > Save.

Now merge this into the registry by double-clicking it.
Let me know if the merge was successful or not.
If it was successful, then reboot your PC and test internet.

 

That fixed the problem. Thank you so much. I really appreciate the good work you are doing!

 

:cool Glad to hear it.
You're welcome and thank you for the kind words.
Merry Christmas

 

Thanks for the help. My internet is fixed now, but the google redirect/zeroaccess virus is still infecting my computer. I'm not sure how I can fully 100% get rid of it. Is there a program that fully rids of it?

 

In this case, you need to follow the following guide: Fixing Google Redirection/hijacking and other redirection problems

Do not forget to complete the link at the very bottom of the page entitled: READ & RUN ME FIRST. Malware Removal Guide

When finished, attach your logs to this thread for analysis.

 

Here is my Goored log

GooredFix by jpshortstuff (03.07.10.1)
[Edit: thisisu > removed inline gooredfix log]

 

Remember to attach your logs instead of copy / pasting them into here. See the following for more details: How to attach