malware bytes has stopped me gaining internet access

[woolly123]

can someone help me, after downloading malware bytes software and running it successfully on my laptop.. i found that my laptop had lots of adware ect on it..having deleted them. I then restarted my laptop, this is when the problems began, it took about 10 minutes for me to gain access to the log in page, and a further 10 minutes for anything to happen ( all my thumbnails to appear on my screen) i clicked onto the internet explorer thumnail, and i cannot get onto the net..i have looked on your forums and this seems like a common problem...as my laptop was in top condition prior to malware bytes running... i have enclosed the mbam log that was created by the software...I am not very competant with computers and jargon...help me please someone..

Malwarebytes' Anti-Malware 1.41

Database version: 2775

Windows 5.1.2600 Service Pack 3

25/10/2009 12:56:49

mbam-log-2009-10-25 (12-56-46).txt

Scan type: Full Scan (C:\|D:\|)

Objects scanned: 219441

Time elapsed: 30 minute(s), 8 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 2

Registry Keys Infected: 45

Registry Values Infected: 2

Registry Data Items Infected: 5

Folders Infected: 21

Files Infected: 25

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

C:\WINDOWS\system32\LSPGUI.DLL (Trojan.Agent) -> No action taken.

C:\Program Files\System Search Dispatcher\1.2.0.750\ssd.dll (Adware.DoubleD) -> No action taken.

Registry Keys Infected:

HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.

HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> No action taken.

HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.

HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> No action taken.

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Anti-Virus Professional (Rogue.Anti-VirusProfessional) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1fb52ab3-5987-45a2-85e0-f3ec30dddc29}}_is1 (Adware.DoubleD) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-virus professional 5.0_is1 (Rogue.Anti-VirusProfessional) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> No action taken.

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: c:\windows\system32\sdra64.exe -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: system32\sdra64.exe -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (Userinit.exe) -> No action taken.

Folders Infected:

C:\Program Files\Anti-Virus Professional (Rogue.Anti-VirusProfessional) -> No action taken.

C:\Program Files\Anti-Virus Professional\logs (Rogue.Anti-VirusProfessional) -> No action taken.

C:\Program Files\Anti-Virus Professional\NoAdwareBackup (Rogue.Anti-VirusProfessional) -> No action taken.

C:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\Desktop Smiley Toolbar (Adware.DoubleD) -> No action taken.

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken.

C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440 (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440\FF (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440\FF\chrome (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440\FF\chrome\content (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440\FF\components (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440\Data (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.2.0.750 (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.2.0.750\Data (Adware.DoubleD) -> No action taken.

C:\Documents and Settings\All Users\Start Menu\Programs\Anti-Virus Professional (Rogue.Anti-VirusProfessional) -> No action taken.

C:\WINDOWS\system32\lowsec (Stolen.data) -> No action taken.

C:\Documents and Settings\user\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> No action taken.

C:\Documents and Settings\user\Local Settings\Application Data\DoubleD\Desktop Smiley Toolbar (Adware.DoubleD) -> No action taken.

Files Infected:

C:\WINDOWS\system32\LSPGUI.DLL (Trojan.Agent) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440\NPIEAddOn.dll (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.2.0.750\ssd.dll (Adware.DoubleD) -> No action taken.

C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> No action taken.

C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{840F8D40-D2B2-4CA1-A56C-AE9B7E3B083F}\RP201\A0169837.dll (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{840F8D40-D2B2-4CA1-A56C-AE9B7E3B083F}\RP201\A0169838.dll (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{840F8D40-D2B2-4CA1-A56C-AE9B7E3B083F}\RP201\A0169850.DLL (Trojan.Agent) -> No action taken.

C:\Program Files\Anti-Virus Professional\UninstlDll.dll (Rogue.Anti-VirusProfessional) -> No action taken.

C:\Program Files\Anti-Virus Professional\nutilities.dll (Rogue.Anti-VirusProfessional) -> No action taken.

C:\Program Files\Anti-Virus Professional\unins000.exe (Rogue.Anti-VirusProfessional) -> No action taken.

C:\Program Files\Anti-Virus Professional\Anti-Virus Professional.exe (Rogue.Anti-VirusProfessional) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440\NPCommon.dll (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440\unins000.exe (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440\FF\chrome.manifest (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\2.0.0.2440\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.2.0.750\unins000.exe (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.2.0.750\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.

C:\Documents and Settings\All Users\Start Menu\Programs\Anti-Virus Professional\Uninstall Anti-Virus Professional .lnk (Rogue.Anti-VirusProfessional) -> No action taken.

C:\Documents and Settings\All Users\Start Menu\Programs\Anti-Virus Professional\Anti-Virus Professional .lnk (Rogue.Anti-VirusProfessional) -> No action taken.

C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> No action taken.

C:\WINDOWS\system32\lowsec\user.ds.lll (Stolen.data) -> No action taken.

C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> No action taken.

C:\Documents and Settings\mother hen......glen\Desktop\Anti-Virus Professional.lnk (Rogue.Anti-VirusProfessional) -> No action taken.

C:\WINDOWS\system32\sdra64.exe (Trojan.FakeAlert) -> No action taken.

[Jacktivity]

Hi wooly123, and welcome to Malwarebytes.org

From the log, I can see that you did NOT delete the files like you thought you did, as evidenced by the notation -> No action taken.

You need to run a Quick Scan again and this time make sure the files/registry entries you want to take action on are selected with a check mark and click Remove Selected.

Also, your definition database is way out of date. It should be 3043 or newer. Yours is 2775. After the scan, see if you can get Internet access again, and have MBAM run an update and do another quick scan to see if it finds anything else.

If you can't get Internet access, setup MBAM on the machine you are working with and then run an update. Then copy the following file to a CD or External Drive such as a flash drive and replace the existing one on the infected machine at the same location and do another Quick Scan.

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

Note:

The Application Data directory is hidden by default so you may need to change your settings to view hidden files and folders.

• Open Windows Explorer (not Internet Explorer) using one of the following methods: Double click My Computer if it is on the Desktop
  or
  go to Start -> My Computer
  or
  go to Start -> All Programs -> Accessories -> Windows Explorer
  
  
• Double click Local Disk C:
  
  
• From the drop down menu at the top of the window, select
  Tools -> Folder Options
  
  
• A window with multiple tabs will open where you can set various options. Select the
  View
  tab.
  
  

1. In the scroll box labeled
   Advanced Settings
   , under
   Files and Folders
   , place a check mark in the box next to
   Display the contents of system folders
   .
   
   
2. Under
   Hidden Files and Folders
   , place a dot in the radio button next to
   Show hidden files and folders
   .
   
   
3. Remove
   the check mark for
   Hide extensions for known file types
   .
   
   
4. Remove
   the check mark for
   Hide protected operating system files
   .
   
   

• Click the Apply to All Folders button near the top and then the Apply button in the lower right.
  

Optional Tip

- Before proceeding, you may find it easiser to navigate and make sense of the directory/folder tree and files if you click the Folders icon to turn it on and select Details in the Views icon. Both of these icons are on the toolbar. Once you've done this, go back to

Tools -> Folder Options

and click the

Apply to All Folders

button and

Apply

button again.

If this still doesn't get you fixed up, you'll need to move to the Malware Removal - HijackThis Logs forum since we don't work on malware removal removal in the general forums.

See below

Please read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here. One of the expert helpers there will give you one-on-one assistance when one becomes available.

For future reference, please just open one post at a time for the current ongoing problem. You had just posted this same thing 5 minutes earlier in this same forum. I will go ahead and close that post to help eliminate confusion.