Forum Home
Press F1
 
Thread ID: 105252 2009-11-25 00:41:00 Some web sites won't open with Win7 jcr1 (893) Press F1
Post ID Timestamp Content User
833339 2009-11-26 03:29:00 jcr1, when you visit that blog post, does it actually say "Sweet, you're using openDNS"?

Otherwise I suspect spyware / malware ;) 		Chilling_Silence (9)
833340 2009-11-26 05:43:00 jcr1, when you visit that blog post, does it actually say "Sweet, you're using openDNS"?

Otherwise I suspect spyware / malware ;)

Yikes :eek:, you might have something there Chill.
Now when I try to open your blog site; down in the left hand corner it says "waiting for spa snap.com" and I wait and wait and nothing happens.

I can see a re-install looming which will probably be OK (just a nuisance) as I can still use XP on another HDD, on the same machine and it works fine.


The fun we have with computers:) 		jcr1 (893)
833341 2009-11-26 05:47:00 jcr1, when you visit that blog post, does it actually say "Sweet, you're using openDNS"?

Otherwise I suspect spyware / malware ;)

No it doesn't, to answer your question.

This looks bad. 		jcr1 (893)
833342 2009-11-26 18:46:00 So long story short, follow the "For my PC" instructions to change your PC to specifically use OpenDNS, see if it changes the button to "Sweet, you're using OpenDNS". If it does, then great, see if that's fixed it. If not, then it's spyware / malware cleanout time.. Chilling_Silence (9)
833343 2009-11-26 22:19:00 So long story short, follow the "For my PC" instructions to change your PC to specifically use OpenDNS, see if it changes the button to "Sweet, you're using OpenDNS". If it does, then great, see if that's fixed it. If not, then it's spyware / malware cleanout time..

I've followed your advice Chill. I still don't get to see "Sweet, you're using OpenDNS".

What would you recommend as a cleanout tool? There are many. 		jcr1 (893)
833344 2009-11-26 22:42:00 That's a jolly good question :-/
What A/V are you using? There's the likes of Microsoft Security Essentials which are pretty good? HiJack This (Though I can't diagnose them to save myself)? SUPER Anti-Spyware? 		Chilling_Silence (9)
833345 2009-11-26 23:06:00 Post a HJT log, scan it with an AV program / malwarebytes Speedy Gonzales (78)
833346 2009-11-26 23:06:00 I've used Microsoft Security Essentials on this install since day one.

Hijack This, like you I find it too difficult.

I use a-squared free, on my XP install; perhaps I'll see what that throws up. 		jcr1 (893)
833347 2009-11-27 02:58:00 Whats difficult about HJT. Just run it click on scan the system and save a log. And copy and paste the log here Speedy Gonzales (78)
833348 2009-11-27 03:47:00 Thanks Speedy & Chill. Here we go, the log;

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:43:50 p.m., on 27/11/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
C:\Users\john\Documents\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\john\AppData\Local\Google\Update\GoogleUp date.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OpenDNS Updater] "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files (x86)\Wireless Device\Versato.exe
O4 - Global Startup: Enable Wireless Mouse Driver.lnk = C:\Program Files (x86)\Wireless Device\MulMouse.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC22CBB2-BB0F-424E-ADCC-2BCBD3E582E1}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{AC22CBB2-BB0F-424E-ADCC-2BCBD3E582E1}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5641 bytes 		jcr1 (893)
1 2 3 4