Zlob.dnschanger spreading across home network

Hi, I am well aware of the procedure for asking for help (the readme etc and attaching logs) however I do have a question.

It seems through all the research on the site regarding this trojan (zlob.dnschanger) that it is changing settings on the router and thus as soon as it reconnects to it, it will reinfect. The question is "what to do first?" Do I run all the programs first then deal with the router or reset the router then run the programs?

I have 1 pc direct connected through the router, 2 wireless laptops and 1 pc via wireless adaptor. I don't want to go to the extent of running all the programs and find out that it was not the correct order.

Background: the BF believes that it was picked up while downloading video and a popup said something relating to the viewer or something needed updating that he clicked on. Then that direct connect pc started having issues not being able to do Norton's updates, and redirecting from Microsoft update to MSN.com homepage etc. He thought it was just that pc and reformatted it back to original only to still have the issue. I then checked the other pcs and they too can't download ANY updates (MS, Spybot, AVG, Adaware etc) even had issues opening some threads on this site.

Spybot will find and fix this, but of course it comes back.

Thanks, much. (we have a service call in to Time Warner for later today, they are supposed to be bringing a new router since that is what we thought the issue was, so any info on whether that is a waste would be helpful as well)

 

Thanks for the help.

The TWC tech was able to help me reset the dns settings as I showed him this previous thread http://forums.majorgeeks.com/showthread.php?t=173311
and the post by petes1980 which talked about resetting the dns and taking everyone offline, running the programs and then rechecking them.

I was able to get the Spybot which originally found the Zlob to remove it and then run AVG and AdAware as well. I rechecked the dns settings and then one by one took each pc back online.

I am now able to update all software as well as not being redirected from Microsoft updates to MSN home page. So far so good!!! :-D

So for anyone else having this Zlob.dnschanger it really wasn't so bad. Just make sure all pcs have the programs loaded on and then take them all offline, change the dns settings back to where they should be (in our Netgear it was "get dynamically from ISP" and "get automatically from ISP"- they'd been switched to a set number) and then run all the programs till they're clean. Then recheck the dns settings and see how it goes.

Big thanks to petes1980 as well!:wave Case closed!:-D

BTW your malware removal came in handy last year when my daughter got a nasty downloaded popup from Cartoon Network, took a whole day but your list got rid of it.

And the TWC tech said that he uses your website all the time!