0

Hello, for some reason recently, in Windows 7, I was not able to surf the website. While trying to fix the issue, I deleted some major files (due to some one saying delete x x x registry files) I forgot to take backup, now I am back to Windows Vista (for now). I am not sure why this happens. I contacted the site's admin and they said the site is working fine for everyone else. Here's my log of whats running

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 11:37:47 AM, on 4/8/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\USERNAME\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\USERNAME\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Users\USERNAME\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\USERNAME\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Norton Security Scan\Engine\2.7.3.34\NSS.exe
C:\Windows\system32\wuauclt.exe
C:\Users\USERNAME\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Google Update] "C:\Users\USERNAME\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{0AAFBD71-XXXX-XXXX-9XX2-3E4B906D540F}: NameServer = 67.55.0.11,67.55.0.13
O17 - HKLM\System\CS1\Services\Tcpip\..\{0AAFBD71-XXXX-XXXX-9XX2-3E4B906D540F}: NameServer = 67.55.0.11,67.55.0.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{0AAFBD71-XXXX-XXXX-9XX2-3E4B906D540F}: NameServer = 67.55.0.11,67.55.0.13
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 3572 bytes

Also, in Norton security scan (From Divx player :P), it said 2 threats found and here's their picture.
I've attached it.

Obviously from the log file, I hid my GUID and my username, sorry.

All Help appreciated.

Edited by ziikutv: Forgot to attach.

Attachments Capture.JPG 114.66 KB
2
Contributors
1
Reply
3
Views
7 Years
Discussion Span
Last Post by mpeters13
0

On first glance, this sounds like a DNS issue. Try using 4.2.2.2 as your primary DNS server, and see if the site loads. Remember to flush your DNS cache after making the change by running "ipconfig /flushdns" in a command prompt or the Run dialog.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.