Think I may still have a virus...

[JB543]

Details
A few weeks ago, my laptop was infected by a virus (a trojan I think) which messed up my internet. Firefox (the program I was using at the time, which is now uninstalled) & Internet Explorer 8 refuse to load up any webpages. However, my A.V programs,
Avast 4.8,
Malwares Anti-Bytes,
Spybot Search & Destroy,
can still update properly. E-mail & Lime-wire can also still connect.

Have run antivirus scans multiple times since in normal & safe modes, with & without my LAN cable connected. Avast found several trojans when scanning & it said they had been successful dealt with. Have since installed Super Antispyware & Spyware Doctor. The former comes up clean but the latter says my laptop still has a trojan. Not sure whether it's correct though as you have to buy the software to remove viruses.

Summary
Web browsers no longer work
Most other programs requiring net connection do
4 free A.V products currently find no viruses
1 free scan but pay to remove program finds 1 trojan


Any help would be highly appreciated.

[Asyn]

Details
A few weeks ago, my laptop was infected by a virus (a trojan I think) which messed up my internet. Firefox (the program I was using at the time, which is now uninstalled) & Internet Explorer 8 refuse to load up any webpages. However, my A.V programs,
Avast 4.8,
Malwares Anti-Bytes,
Spybot Search & Destroy,
can still update properly. E-mail & Lime-wire can also still connect.

Have run antivirus scans multiple times since in normal & safe modes, with & without my LAN cable connected. Avast found several trojans when scanning & it said they had been successful dealt with. Have since installed Super Antispyware & Spyware Doctor. The former comes up clean but the latter says my laptop still has a trojan. Not sure whether it's correct though as you have to buy the software to remove viruses.

Summary
Web browsers no longer work
Most other programs requiring net connection do
4 free A.V products currently find no viruses
1 free scan but pay to remove program finds 1 trojan


Any help would be highly appreciated.

1. Drop Spybot and Spyware Doctor..!!!
2. Update to the latest build of avast, which is 5.0.545
3. Run a boot time scan with avast. (I guess you're on a 32bit system..!??)
4. Report back here.
asyn

[Pondus]

i would remove spyware doctor and spybot SD

Then i would follow this guide from Essexboy, and post the MBAM and OTL log`s here
http://forum.avast.com/index.php?topic=53253.0

he will then fix this when he arrives in the forum, usually late UK time


post the logs as attachments

see down left corner > additional options > attach

[JB543]

Thanks for your quick replies.
Installing Avast 5 off my USB stick now. Will run Avast & Malware bytes scan shortly. Lan cable's in so it should be able to update if necessary.
Just realised that I didn't post my system specs, don't know if they'll be any help but here they are:

Acer Travelmate 4062LMI
Wins XP SP3
1.73GHZ
2GB Ram
120GB Hardisk (Partitioned, about 90 in C, 20 in D)
Intel Graphics Media Accelerator 900

Its a few years old now, but this is the biggest problem it's ever had so I can't complain.

[Asyn]

Thanks for your quick replies.

You're welcome..!
Awaiting your reply...
asyn

[JB543]

Afraid scanning with Avast 5 & Malware Bytes hasn't changed the situation.
I hope you can see the screenshots & there's a log attached.

EDIT - Screenshots now attached to

[Asyn]

Afraid scanning with Avast 5 & Malware Bytes hasn't changed the situation.
I hope you can see the screenshots & there's a log attached.

No, can't see your screenshots, use the attach function to post them..!
Your Mbam log is clean..!
What actions did you take exactly..? (refering to my first reply..!!)
asyn

[JB543]

What actions did you take exactly..? (refering to my first reply..!!)

Removed Spybot & Spyware Doc

Ran a full scan with Avast & Malwares in normal windows operating mode


That's all I've so far. Downloaded the OTL program but haven't chance to try it yet.

Thanks for the help.

[Asyn]

What actions did you take exactly..? (refering to my first reply..!!)

Removed Spybot & Spyware Doc
Ran a full scan with Avast & Malwares in normal windows operating mode
That's all I've so far. Downloaded the OTL program but haven't chance to try it yet.
Thanks for the help.

So did you also run a boot time scan (as suggested) with avast yet..??
If not, please do so..!!
asyn

[essexboy]

Before you run OTL do this :

Go to Control Panel and select Internet Options
Select the Connections TAB
Select LAN settings button
Ensure there is no tick in the Proxy Server box
Select OK and restart Internet explorer


And for Firefox there are instructions on this page and you want the setting to be no proxy

THEN

Run OTL and post the log 

[JB543]

Good News - Ran Avast boot scan & it removed 1 trojan. Internet still didn't work after point though. However, followed essexboy's advice on the proxy server & now internet connection seems fine.

Will run OTL shortly & post log. Hopefully the problem is now solved though.

Thanks for all your help. Usually I'm able a sort out any malware on P.Cs in my house but this one was nastier than all the others i'd encountered.

If any more problems are discovered, I'll post back here.

[Asyn]

Thanks for all your help. Usually I'm able a sort out any malware on P.Cs in my house but this one was nastier than all the others i'd encountered.

If any more problems are discovered, I'll post back here.

You're welcome..!
asyn

[JB543]

Ok, I've done a full scan with OTL. Logs attached. I've had a quick look through it but I'm not sure what to look for.

Hopefully there's no problems.

[essexboy]

One minor element to kill - What problems do you have now ?

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

Code: [Select]

:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done

[JB543]

One minor element to kill - What problems do you have now ?

Run OTL

    * Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

    * Then click the Run Fix button at the top
    * Let the program run unhindered, reboot the PC when it is done

Ok, have ran the OTL fix & rebooted. Only took 30secs to remove the data.
Having no problems at all.

Thanks for the help you guys have given me although I'm hoping I won't have to post here again for a while!