Started with many virii, worms, adware that were hard to ID

I would recommend to contact your Internet Service Provider. It seems like a router or modem issue.

OK. I was always able to connect before the infection so it makes me wonder. Do you think the rest of my infection has been cleared?

Please re-open Malwarebytes, select Perform Full Scan, and press Scan. Remove selected, and post the log in your next reply.

Because I cannot connect to the internet on that machine, I just ran MBs scan after install. Here is the log:

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 2

11/9/2009 10:42:41 PM
mbam-log-2009-11-09 (22-42-41).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 185311
Time elapsed: 21 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 1
Registry Data Items Infected: 7
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\UACd.sys (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Framework Windows (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\win32hlp.cnf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsaupdater.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\winlogon.scr (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Please do a full scan with Malwarebytes again, and post a log.

Are you running any antivirus software or any other security software?

I don't know of any antivirus or security software that would be running. Keep in mind that I am not running the latest DB version of MBs as I can't update it with the latest updates. When I rerun MB I get the following log. When I run the "Remove Selected", it says it removed them, however another scan shows that they are still there. I will also post my running processes.

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 2

11/10/2009 11:05:08 AM
mbam-log-2009-11-10 (11-05-00).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 184163
Time elapsed: 20 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Call your Internet Service Provider (ISP) and see if it is a network problem. There may be a lot of things wrong, such as:

-Issues with the line from your home to the service station.
-Issues with the service quality, which may be overload on a network.
-Ethernet cable is bad.
-Router / modem is of poor quality or is dying.
-Line running in to your house is damaged.
-Too much interference, if on a wireless network.

All of these are ideas you may want to bring up with your ISP.

Will do. Thank you for all your help.

One last question regarding the following from Malwarebytes:

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> No action taken.

Does something still need to be done?

Not at all. Once you can get the connection restored, update the database and post a log if anything is found.

Latest update

I am still not able to browse the web from IE or Firefox. I reset my wireless, verified all computers (ethernet desktop, wireless laptop, and the problem wireless desktop) were all given IP addresses. All three computers have the correct mac addresses listed in the router's log and all show connected. I can ping to other computers, they can ping my problem computer, I can ping the localhost--all come back with no loss. Looks like I can do everything, except for browsing the web. I am mystified.

What antivirus or other security software is installed. Please list any.

Norton Antivirus 2005 was installed at one time, but as far as I can tell, I removed that. I also have checked for proxies and unless I missed something, I am not using any.

Did you run the Norton Removal Utility yet?

If not, please grab it from this page: http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039

Thanks for the link, but no change. I just ran the utility and rebooted the computer, but neither browser can still use the internet. Here is part of the router's log showing that I am connected using the right mac address:

Nov/21/2009 13:46:09 DHCP lease IP 192.168.0.102 to acer-3b6299156d 08-10-74-18-c2-98
Nov/21/2009 13:46:05 Authentication Success 08-10-74-18-c2-98
Nov/21/2009 13:46:04 Authenticating...... 08-10-74-18-c2-98
Nov/21/2009 13:46:04 Wireless PC connected 08-10-74-18-c2-98

Maybe my new tool can find the issue:

Please download RenewMyDNS by DragonMaster Jay.

• Save it to your Desktop.
  
• Right-click on the file and select Extract All...
  
• Choose a location to save extracted files and keep pressing Next until Finish.
  
• Double-click RenewMyDNS folder, then double-click RenewMyDNS.bat to start the program.
  
• Follow the prompts, and when finished it will launch a log.
  
• Post that log in your next reply.
  
• After posting the log, delete the folder RenewMyDNS.