Cannot connect to Internet after virus removal.
also attach AdwCleaner / Malwarebytes / aswMBR logs …
mbam and advcleaner log have been uploaded
Looks like a partial Zero access install
Download and Install Combofix
Download ComboFix from one of the following locations:
Link 1
Link 2
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
- IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks
http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png
http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png
[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.
Notes:
- Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
- Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
- If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.
Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
Hi, thanks for responding…
I will need to save combofix to external drive since I cannot access internet. Is this ok?
Certainly and then copy it to the desktop
After I disabled Avast Internet Security and Webroot Secure, Combofix message box showed that these programs were still running. I hit the X to stop installation to go back and see what I missed, but combofix continued to run. That being said here are the logs for Combofix…
After I rebooted, I had a few grayed out documents with this ~in front of them as well as this desktop.ini. It would not save to external drive and image was too large to send.
No other changes in laptop
I will now delete a bad driver and ask you to run another programme to check the winsock
-
Close any open browsers.
-
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
-
Open notepad and copy/paste the text in the quotebox below into it:
File:: c:\windows\System32\drivers\QaNMmpMJ.sysDriver::
QaNMmpMJ
Save this as CFScript.txt, in the same location as ComboFix.exe
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
Refering to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
THEN
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
[*]Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will produce a log called FRST.txt in the same directory the tool is run from.
[*]Please copy and paste log back here.
[*]The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Is this the correct combofix log you need?
I still have Farbar Recovery Tool Open, I did NOT select FIX after scanning and posting the log, since you did not say to do so. I will wait for further instructions…
No need to keep FRST open
Lets now reset the winsock this should hopefully restore the net connection
Download the attached Fixlist.txt to the same location as FRST
Run FRST and press Fix
On completion reboot and try the net
Am I dragging this to FRST like we did combofix? Or should it just be in the same external drive as FRST?
Here is the fixlog after running FRST
Are you able to connect now ?
What error do you get using the windows network troubleshooter
I am able to get online ;D… Windows updates are installing now. So I am waiting to see if it will finish the updates. On the desktop, there are about 5 word, and powerpoint documents that are grayed out with ~symbol in front of them. When I opened them it gives me an error message “the docx cannot be opened there are problems with the contents” How can I recover these docs?
Those are actually hidden backup files that you would not normally see … They will be re-hidden when I tidy up 
After 3 hours of waiting for updates to finish I got this message after restarting computer “Failure to configure Windows update reverting changes”. Please advise
First we will try the MS fixit before we dig deeper
Run the fixit on this page http://support.microsoft.com/kb/949358#method1
Also do you have a lot of updates as there was one from last month that kept doing this
Yes there were 76 updates… I ran the microsoft fix it and it said it ran successfully and to run it again. I am still getting the same error. Can I enable antivirus and antispyware?