router issues and win32 trojan-gen

[Corrine]

That being the case, it sounds like it is a problem with the router, the NIC card, the setup, or a combination thereof.,

[live4me]

okay well i ran the fixes on his computer too and it at first did not want to get on the net but finally we now have both of them on but I still will not know if they will manage to both get back online after a reboot I will post back here ina day when i know for sure this all worked out  finally
thank you for the help and now i have a standard of formated instructions which may take a good 2 or 3 hours to follow but in the event I get stuck like this again I will go right to the steps first without trying to take a short cut
I did not take any chances and walked through all of this in safe mode
here i what i did:
I downloaded all programs listed below and then booted into safe mode and ran each program back to back....

Click here: http://www.cexx.org/lspfix.htm to get LSP-Fix.
You may not need it, but go ahead and download it.

That should restore the internet connection.

Save smitRem.exe http://noahdfear.geekstogo.com/click%20counter/click.php?id=1 and extract the contents to your Desktop
Restart your computer in Safe Mode: (keep tapping F8 on startup)
Open the smitRem folder and double-click RunThis.bat. Follow the on-screen instructions

Restart your computer when its finished. Find the log file C:\smitRem.txt

Please download Vundofix.exe to your desktop http://www.atribune.org/ccount/click.php?id=4

Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.
Please post the contents of C:\vundofix.txt and a fresh HijackThis log.

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

Download the trial version of Ewido Security Suite http://www.ewido.net/en/download/
don't run yet
Please download SmitfraudFix (by S!Ri) http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Extract the content (a folder named SmitfraudFix) to your Desktop.

Next, please reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.
Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted: "Registry cleaning - Do you want to clean the registry?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.

A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply along with a new hijack log.

The report can also be found at the root of the system drive, usually at C:\rapport.txt


· Install ewido.
· Run the application
· Clickon scanner
· then select the "Settings" tab.
· Once in the Settings screen click on "Recommended actions" and then select "Delete".
· Select "Automatically generate report after every scan"
· Un-Select "Only if threats were found"
· Click Complete System Scan and the scan will begin.
· When the scan is finished, Set all items to delete
· Apply all actions
· look at the bottom of the screen and click the Save report button.
· Save the report to your C: Drive
This will take some time to run!
RE-Boot

I will post the reports once I know for sure they are working right or not .. then I will know what to add in...
thank you again so much for your help
Linda

[live4me]

You may close this issue it appears that it was a router issue and not an infection of any sort

It seems the router was working fine for a year (even with a change of computers all around) before it recognized that the new owner was me (on one computer) and both my sons had a new computer added (seems it had one computer being used by two different people) but never changed his ip and computer title. I have manually gone in and updated this information and we are all able to get on now.. totally a router issue...
thank you for the input.. but this was not spyware or virus issue as we thouht it was in the first place.. seems the router needed to be manually reset even (now all computers have there own address and title) after we were using it for a year the way it was .. ?? oh well live and learn...never ave us a problem until we moved and had the internet set up in a new house!
Strange things happening everywhere...
;-(
Linda

[Corrine]

I'm happy to hear that all is finally well.  You did get SunJava updated which is a good thing. 

Stop back any time.  :rose: