Technology Forum

I originally posted a message under the networking forum for help regarding this issue. I was told to do the 5 first steps for spyware, which i have done. My problem...I have a desktop with windows vista Home Premium thats hooked up to broadband (comcast) internet..which also has my cable and phone through the modem. With a linksys wireless router which my laptop is hooked through to the network. I have had this setup for the last 4 yrs now without any problems. A couple days ago i lost my internet connection on both computers, it said i only had local access only. I clicked diagnose and repair and as soon as i did that the internet connection would come back and then told me nothing was wrong with my connection. Then a little while later it would happen again. I then went into the cmd prompt from my laptop and pinged the desktop and router ip and the desktop said 0% loss and the router said 50% loss. I then went to my routers page and reset all the settings. Since doing that i havent lost the connection as often as it was but have lost it twice now in the last two days. I ran SUPER antispyware on my desktop and it found Trojan.DNSChanger.Codec which is removed. here is the results of the pandascan:;*************************************** ************************************************** ************************************************** ****************************************ANALYSIS: 2008-09-07 13:23:47PROTECTIONS: 1MALWARE: 11SUSPECTS: 1;************************************************ ************************************************** ************************************************** *******************************PROTECTIONSDescript ion Version Active Updated;========================================== ================================================== ================================================== =====================================Windows Defender 1.1.3903.0 No Yes;============================================== ================================================== ================================================== =================================MALWAREId Description Type Active Severity Disinfectable Disinfected Location;========================================= ================================================== ================================================== ======================================00000002 virus 101 Virus/Trojan No 1 Yes Yes C:\Users\Bob\Incomplete\PAC7TIRKTQAYYLS2ZTMFAODP4O L3F53G\DOScollection\F40 Interceptor Ega (1989)(Titus Interactive).zip[ptlload.exe]00000002 virus 101 Virus/Trojan No 1 Yes Yes C:\Users\Bob\Incomplete\PAC7TIRKTQAYYLS2ZTMFAODP4O L3F53G\DOScollection\Strategy Games 2 (1986)(Keypunch).zip[alien.exe]00009926 Tai_Pan.666 virus No 0 Yes Yes C:\Users\Bob\Incomplete\PAC7TIRKTQAYYLS2ZTMFAODP4O L3F53G\DOScollection\Doom (1993)(Id Software)(Rev).zip[sersetup.exe]00110851 adware/qoologic Adware No 0 Yes No c:\windows\downloaded program files\installer.exe00132442 Joke/Water Jokes No 0 Yes No C:\Users\Bob\Incomplete\PAC7TIRKTQAYYLS2ZTMFAODP4O L3F53G\DOScollection\Starship Invasion (1984)(Thinking Machine Associates).zip[starship.com]00132442 Joke/Water Jokes No 0 Yes No C:\Users\Bob\Incomplete\PAC7TIRKTQAYYLS2ZTMFAODP4O L3F53G\DOScollection\Fire Fighter (1999)(Freeware).zip[fire_fighter.com]00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Coo kies\Low\bob@247realmedia[2].txt00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Coo kies\bob@tribalfusion[2].txt00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Coo kies\Low\bob@ads.pointroll[1].txt00252281 Adware/Trymedia Adware No 0 Yes No C:\Downloads\ShipSimulator-dm[1].exe00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Coo kies\Low\bob@ads.addynamix[1].txt01048936 Generic Malware Virus/Trojan No 0 Yes Yes C:\Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll02990320 Application/BoontyGames HackTools No 0 Yes No C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe;======================== ================================================== ================================================== ================================================== =====SUSPECTSSent Location �|x}(�s5;========================================= ================================================== ================================================== ======================================No C:\hp\bin\KillIt.exe �|x}(�s5;========================================= ================================================== ================================================== ======================================VULNERABILIT IESId Severity Description �|x}(�s5;========================================= ================================================== ================================================== ======================================;=========== ================================================== ================================================== ================================================== ==================and here is the HJT log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:43:06 PM, on 9/7/2008Platform: windows vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\SYSTEM32\WISPTIS.EXEC:\Window s\system32\taskeng.exeC:\Program Files\Common Files\microsoft shared\ink\TabTip.exeC:\Windows\system32\Dwm.exeC: \Windows\Explorer.EXEC:\Windows\system32\WTablet\T abUserW.exeC:\Program Files\Windows Defender\MSASCui.exeC:\hp\support\hpsysdrv.exeC:\W indows\RtHDVCpl.exeC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exeC:\Program Files\PowerISO\PWRISOVM.EXEC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Windows\S ystem32\rundll32.exeC:\Program Files\AVG\AVG8\avgtray.exeC:\Windows\ehome\ehtray. exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Windows\ehome\ehmsas.exeC:\P rogram Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exeC:\hp\kbd\kbd.e xeC:\Program Files\Internet Explorer\ieuser.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\ Flash\FlashUtil9f.exeC:\Windows\system32\wuauclt.e xeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...n&pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/...ww.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/.../search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/...ww.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...n&pf=desktopR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/...ww.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dllO1 - Hosts: ::1 localhostO2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dllO2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll (file missing)O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllO2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~1.DLLO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dllO2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLLO2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInsta nce.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dllO3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll (file missing)O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~1.DLLO3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLLO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exeO4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXEO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeO4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXEO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exeO4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exeO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')O4 - Global Startup: Microsoft Office.lnk.disabledO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dllO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Sheila\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO13 - Gopher Prefix: O15 - Trusted Zone: *.west.comO15 - Trusted Zone: *.westathome.comO15 - Trusted Zone: *.westathome.netO15 - Trusted Zone: *.workathomeagent.netO16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives...2stubie.cabO16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/...staller.exeO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dllO20 - AppInit_DLLs: avgrsstx.dllO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dllO21 - SSODL: DriveSrv - {30bf4a57-75e8-4f34-b0e9-b34d55f3a30a} - C:\Windows\Installer\{30bf4a57-75e8-4f34-b0e9-b34d55f3a30a}\DriveSrv.dll (file missing)O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exeO23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exeO23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: TabletService - Wacom Technology, Corp. - C:\Windows\system32\Tablet.exeO23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe--End of file - 9606 bytes