I need help ridding my computer of 'Zlob.DNS Changer'

Welcome to Major Geeks!

The infection you have is known to infect router hardware. If you have a router hooked up then you need to follow the instructions for your hardware and reset it to factory default settings. Normally there is a recessed push button type switch that needs to be held down for some number of seconds to do this. After resetting to factory defaults on your router, you will need to reconfigure the router for your network if you have made any changes to the default network setup.

Uninstall the below software:
Viewpoint Media Player <-- should have been uninstalled in step 1 of the READ ME

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

After clicking Fix, exit HJT.

Now delete all files in the below folder except ones from the current date (Windows will not let you delete the files from the current day).
C:\Users\Valued Customer\AppData\Local\Temp

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below log:

• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Your MGlogs.zip file was not updated properly and show some of the same logs as last time. Run the C:\MGtools\GetLogs.bat program again and make sure that you let the program finish running before closing the command prompt window.

Then attach the new C:\MGlogs.zip file so we can properly verify the previous fix.

 

No it is not. Delete the current C:\MGlogs.zip file. Then shut down any protection software. Then run the C:\MGtools\GetLogs.bat program again and make sure you allow it to finish running. Do not close the command prompt window until you see it tell you that it is finished. See the snapshot here: Using MGtools

 

Okay this log is incomplete and shows that several scans are not even running which is why things are not getting updated. You must be getting errors like those mentioned in the Using MGtools procedure. Perhaps you are not even noticing them.

I see the below logs in your C:\MGtools folder. Please attach them here:

• hijackthis.log
• newfiles.txt
• runkeys.txt

 

Okay your logs are clean.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\combofix folder from combofix (if it exists)
3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Go to add/remove programs and uninstall HijackThis.
6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
7. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
8. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

AVG used to be at the top of the heap but AVG8 has become a big and has too many problems and false positives. You can eliminate some of the issues with AVG8 by not installing some of their included software (like LinkScanner). Stick with Avira or Avast for now. See how you like whichever you try. If you like it, buy it and get more features and support. Whatever you do, stay away from security suite packages.