Neep help removing remnants of "AntiMalware Doctor" infection

[piratesteve83]

okay, i hate to say it, but since following the closing directions (updates recommended by secunia, windows update, etc) i noticed that my computer was connecting only sporadically to the internet.  i started a thread in the internet section of this site (http://www.computerhope.com/forum/index.php/topic,112104.0.html), and they referred me back to you.  i tried resetting the IP address, and it would not do it.  moreover it will now not connect at all.  i'm wondering if the virus i had messed up my internet somehow, or if it was something from the updates.  any ideas?

[SuperDave]

Please run Notepad (start > All Programs > Accessories >
Notepad) and copy and paste the text in the code box into a new file:

Code: [Select]

@echo off
>Log1.txt (
ipconfig /all
nslookup google.com
nslookup yahoo.com
ping -n 2 google.com
ping -n 2 yahoo.com
route print
)
start Log1.txt
del %0

•Go to the File menu at the top of the Notepad and select Save as.

•Select save in: desktop

•Fill in File name: test.bat

•Save as type: All file types (*.*)

•Click save.

•Close the Notepad.

•Locate and double-click test.bat on the desktop.

•A notepad opens, copy and paste the content it (log1.txt) to your reply.

[piratesteve83]

Windows IP Configuration



        Host Name . . . . . . . . . . . . : steve

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection 7:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter #6

        Physical Address. . . . . . . . . : 00-14-6C-B4-1C-5D

Server:  UnKnown
Address:  127.0.0.1

Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Ping request could not find host yahoo.com. Please check the name and try again.

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x20003 ...00 14 6c b4 1c 5d ...... NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter #6
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1     1
  255.255.255.255  255.255.255.255  255.255.255.255           20003     1
===========================================================================
Persistent Routes:
  None

FYI, my adapter IS connected.  just thought you should know.

[SuperDave]

Did you try resetting your modem. Disconnect the power for 30 secs and then reconnect it. Did you try hardwiring your computer to the modem?

[piratesteve83]

i called the person who provides internet to the building i'm in, and they reset the modem to see if that would help.  it did not.  i live in a hotel, so i don't have access to the modem.  i'm just trying to connect through wi-fi.  i have a laptop that connects with no problem, so i'm sure that it's not a problem with the modem.

[SuperDave]

The ping tests shows that the signals are not getting through. Is your laptop connecting through WiFi?

[piratesteve83]

yeah, my laptop connects to the wi-fi just fine.  my desktop (the computer in question) has always been a little sketchy at connecting due to low signal strength, but just recently (after resetting the TCP/IP and Winsock) does not connect at all.  I'm wondering if maybe buying a wi-fi antenna with longer reception distance would fix the issue.  But at the same time, I'd hate to buy a new antenna only to have it be a problem with my computer.  Any thoughts?

[SuperDave]

Winsock

What's this about Winsock? Did you run some Winsock repair tool?

[piratesteve83]

Yes, in talking to the person who manages the hotel's wireless network, he recommended running a tool called "TCP/IP Repair" which includes a TCP/IP reset, as well as Winsock reset.  The download site for it is here:

http://download.cnet.com/XP-TCP-IP-Repair/3000-2094_4-10410929.html

I don't have the technical knowledge to know what TCP/IP or Winsock are, but the internet guy recommended that I reset both to see if it would fix the problem.

[SuperDave]

And, did it help?

[piratesteve83]

no, not at all

[SuperDave]

You will need to download this on another computer and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

Download WinSockXPFix to fix broken LSP chain for XP (if needed).

• Double click on WinsockXPFix.
  
• Click Fix.
  

[piratesteve83]

I ran the program, and it rebooted my computer.  No log.  It did change one thing:  I am now picking up signal (I wasn't before, for a while), but am still unable to connect.

FYI, the link you provided does not work.  Here is the correct address:  http://www.spychecker.com/program/winsockxpfix.html

Also, now that I actually have signal, I ran the test.bat from the previous post, and this is the result:

Windows IP Configuration



        Host Name . . . . . . . . . . . . : steve

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection 7:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter #6

        Physical Address. . . . . . . . . : 00-14-6C-B4-1C-5D

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        Autoconfiguration IP Address. . . : 169.254.190.237

        Subnet Mask . . . . . . . . . . . : 255.255.0.0

        Default Gateway . . . . . . . . . :

Server:  UnKnown
Address:  127.0.0.1

Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Ping request could not find host yahoo.com. Please check the name and try again.

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 14 6c b4 1c 5d ...... NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter #6
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1     1
      169.254.0.0      255.255.0.0  169.254.190.237  169.254.190.237     20
  169.254.190.237  255.255.255.255        127.0.0.1       127.0.0.1     25
  169.254.255.255  255.255.255.255  169.254.190.237  169.254.190.237     25
        224.0.0.0        240.0.0.0  169.254.190.237  169.254.190.237     25
  255.255.255.255  255.255.255.255  169.254.190.237  169.254.190.237     1
===========================================================================
Persistent Routes:
  None

[SuperDave]

Here is the correct address

Thank you.

I am now picking up signal (I wasn't before, for a while), but am still unable to connect.

What makes you think you're picking up a signal? The ping test failed.

Open Internet Explorer, click the Tools menu, select Internet Options, Programs
Click "Reset Web Settings". Click Apply/OK to exit the internet options and verify if the desktop shortcuts work now (to be sure everything is in place, restart your browser after changing the settings).

We need to clear your DNS cache.

Please navigate to Start>Run and type cmd

in the window that pops up type ipconfig /flushdns

[piratesteve83]

What makes you think you're picking up a signal? The ping test failed.

well, my internet connection manager has a yellow screen instead of a red screen, which indicates that it is at least picking up a signal, although not able to connect (green indicates connection).  so i don't really know if it's picking up a signal, but it says it is picking up signal from the network i'm trying to connect to at 44%.

after running the command prompt, the DOS window responded with this:

Windows IP Configuration

Could not flush the DNS Resolver Cache:  Function failed during execution.