[wackostylee]

Hi there,

ive not been able to connect to certain websites for a few days now...

Microsoft.Com
AVG.Com
Free.Avg.Com
Symantec.Com
Kaspersky.com
mcaffee.com
pandasecurity.com
avast.com

need i name anymore??? LMAO

its a pain in the *** cos i need to install IE8 and i need to update the pc with something from the IE8 Install and all im getting is a server cannot be found at www.microsoft.com etc....


> nslookup microsoft.com
Server: microsoft.com
Addresses: 207.46.232.182, 207.46.197.32

DNS request timed out.
timeout was 2 seconds.
*** Request to microsoft.com timed-out

D:\Documents and Settings\Wacko>tracert yahoo.com

Tracing route to yahoo.com [69.147.125.65]
over a maximum of 30 hops:

1 8 ms 7 ms 7 ms cpc2-basf9-2-0-gw.12-3.cable.virginmedia.com [82
.26.56.1]
2 8 ms 7 ms 7 ms nott-cam-1b-v325.network.virginmedia.net [86.28.
83.177]
3 9 ms 7 ms 8 ms nott-core-1b-ae1-0.network.virginmedia.net [195.
182.174.234]
4 10 ms 11 ms 21 ms nrth-bb-1b-as1-0.network.virginmedia.net [213.10
5.174.173]
5 11 ms 11 ms 11 ms tele-ic-1-as0-0.network.virginmedia.net [62.253.
184.2]
6 117 ms 12 ms 16 ms 70-14-250-212.static.virginmedia.com [212.250.14
.70]
7 89 ms 88 ms 87 ms so-1-0-0.pat1.nyc.yahoo.com [66.196.65.13]
8 109 ms 107 ms 112 ms so-3-0-0.pat1.dcp.yahoo.com [216.115.101.157]
9 106 ms 107 ms 108 ms ae2-p170.msr2.re1.yahoo.com [216.115.108.69]
10 106 ms 108 ms 111 ms te-8-1.bas-a2.re1.yahoo.com [66.196.112.201]
11 108 ms 117 ms 109 ms ir1.fp.vip.re1.yahoo.com [69.147.125.65]

Trace complete.

ComboFix 10-03-08.02 - Wacko 09/03/2010 15:58:51.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1790.1018 [GMT 0:00]
Running from: d:\documents and settings\Wacko\My Documents\Downloads\ComboFix.exe
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\recycler\S-1-5-21-790525478-1647877149-839522115-1004
d:\windows\system32\Cache

.
((((((((((((((((((((((((( Files Created from 2010-02-09 to 2010-03-09 )))))))))))))))))))))))))))))))
.

2010-03-09 15:55 . 2010-03-09 15:55 -------- d-----w- d:\windows\LastGood
2010-03-09 15:05 . 2010-03-09 15:05 -------- d-----w- d:\program files\Trend Micro
2010-03-07 11:58 . 2010-03-07 11:58 -------- d-----w- d:\windows\system32\Adobe
2010-03-06 14:13 . 2010-03-09 15:57 256 ----a-w- d:\windows\system32\pool.bin
2010-03-06 14:12 . 2010-03-06 14:15 -------- d-----w- d:\documents and settings\Wacko\Application Data\Research In Motion
2010-03-06 14:12 . 2010-03-06 14:12 -------- d-----w- d:\documents and settings\All Users\Application Data\Research In Motion
2010-03-06 14:12 . 2009-01-09 16:18 27136 ----a-r- d:\windows\system32\drivers\RimSerial.sys
2010-03-05 14:37 . 2004-08-03 22:58 5504 -c--a-w- d:\windows\system32\dllcache\mstee.sys
2010-03-05 10:25 . 2010-03-05 10:25 -------- d-----w- d:\program files\MSDN
2010-03-05 10:13 . 2010-03-05 10:13 -------- d-----w- d:\program files\Business Objects
2010-03-05 10:12 . 2010-03-05 10:12 -------- d-----w- d:\program files\Microsoft Device Emulator
2010-03-05 10:11 . 2010-03-05 10:12 -------- d-----w- d:\program files\Windows Mobile 5.0 SDK R2
2010-03-05 10:11 . 2010-03-05 10:11 -------- d-----w- d:\program files\Microsoft Synchronization Services
2010-03-05 10:11 . 2010-03-05 10:11 -------- d-----w- d:\program files\Microsoft SQL Server Compact Edition
2010-03-05 10:09 . 2010-03-05 10:09 18368 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\VSA\9.0\1033\ResourceCache.dll
2010-03-05 10:09 . 2010-03-05 10:15 1680128 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\VisualStudio\9.0\1033\ResourceCache.dll
2010-03-05 10:06 . 2010-03-05 10:06 -------- d-----w- d:\documents and settings\All Users\Application Data\PreEmptive Solutions
2010-03-05 10:01 . 2010-03-05 10:01 -------- d-----w- d:\windows\symbols
2010-03-05 10:00 . 2010-03-05 10:06 -------- d-----w- d:\program files\Common Files\Merge Modules
2010-03-05 10:00 . 2010-03-05 10:02 -------- d-----w- d:\program files\HTML Help Workshop
2010-03-05 10:00 . 2010-03-05 10:00 -------- d-----w- d:\program files\CE Remote Tools
2010-03-01 13:27 . 2010-03-01 13:27 -------- d-----w- d:\documents and settings\Wacko\Local Settings\Application Data\Identities
2010-02-28 19:54 . 2010-02-28 19:54 -------- d-----w- d:\program files\HalliSoft
2010-02-28 19:53 . 2010-02-28 19:53 -------- d-----w- d:\documents and settings\Wacko\Application Data\Project-OS.org
2010-02-24 08:40 . 2010-02-24 08:40 -------- d-----w- D:\InstallShield 2009 Projects
2010-02-24 08:40 . 2010-02-24 08:40 -------- d-----w- d:\documents and settings\Wacko\Application Data\Macrovision
2010-02-24 08:35 . 2010-02-24 08:35 10134 ----a-r- d:\documents and settings\Wacko\Application Data\Microsoft\Installer\{65D6DB5A-D0CA-411E-AA96-E422F0803690}\_38CEBA1BF2282C34B4FD8F.exe
2010-02-24 08:35 . 2010-02-24 08:35 -------- d-----w- d:\program files\HalliSoft.co.uk
2010-02-24 08:16 . 2010-02-24 08:16 -------- d-----w- d:\program files\InstallShield
2010-02-24 08:16 . 2010-02-24 08:16 -------- d-----w- d:\documents and settings\All Users\Application Data\Macrovision
2010-02-24 08:15 . 2010-02-24 08:15 -------- d-----w- d:\documents and settings\Wacko\Local Settings\Application Data\Downloaded Installations
2010-02-23 21:27 . 2010-03-09 15:55 -------- d-----w- d:\program files\Windows Live Safety Center
2010-02-22 15:58 . 2010-02-23 09:26 -------- d-----w- d:\documents and settings\All Users\Application Data\FLEXnet
2010-02-22 15:58 . 2008-05-29 06:03 37176 ----a-w- d:\documents and settings\Wacko\Application Data\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2010-02-22 15:09 . 2008-04-07 05:38 22872 ----a-r- d:\windows\system32\AdobePDFUI.dll
2010-02-22 15:09 . 2008-04-07 05:38 45392 ----a-r- d:\windows\system32\AdobePDF.dll
2010-02-22 14:58 . 2010-02-22 14:58 -------- d-----w- d:\program files\Common Files\Adobe AIR
2010-02-22 14:55 . 2010-02-22 14:55 -------- d-----w- d:\program files\Common Files\Macrovision Shared
2010-02-22 14:38 . 2010-02-22 14:38 -------- d-----w- d:\program files\PowerISO
2010-02-22 11:15 . 2010-02-23 09:24 -------- d-----w- d:\program files\Common Files\Adobe
2010-02-22 11:12 . 2010-02-23 09:25 -------- d-----w- d:\documents and settings\Wacko\Local Settings\Application Data\Adobe
2010-02-19 19:34 . 2010-02-19 19:34 -------- d-----w- d:\documents and settings\Craig
2010-02-19 07:59 . 2010-02-19 07:59 -------- d-----w- d:\documents and settings\Wacko\Application Data\iZotope
2010-02-19 07:59 . 2010-02-19 07:59 -------- d-----w- d:\program files\iZotope
2010-02-19 07:59 . 2010-02-19 07:59 -------- d-----w- d:\program files\Common Files\Digidesign
2010-02-19 07:58 . 2006-09-14 01:21 2240 ----a-w- d:\windows\LENDIG.sys
2010-02-19 07:56 . 2010-02-19 07:59 -------- d-----w- d:\program files\VstPlugins
2010-02-19 07:56 . 2006-06-20 08:56 225280 ----a-w- d:\windows\system32\rewire.dll
2010-02-19 07:55 . 2010-02-19 07:55 -------- d-----w- d:\program files\Outsim
2010-02-19 07:53 . 2010-02-19 07:56 -------- d-----w- d:\program files\Image-Line
2010-02-17 23:57 . 2004-08-03 23:08 26496 -c--a-w- d:\windows\system32\dllcache\usbstor.sys
2010-02-17 10:58 . 2010-02-17 10:58 -------- d-----w- d:\program files\Microsoft Silverlight
2010-02-17 10:58 . 2010-02-22 10:13 -------- d-----w- d:\program files\Microsoft SQL Server
2010-02-17 10:57 . 2010-02-17 10:57 488576 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\VWDExpress\9.0\1033\ResourceCache.dll
2010-02-17 10:56 . 2010-02-17 10:56 416 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2010-02-17 10:55 . 2010-03-05 10:13 -------- d-----w- d:\program files\Microsoft Visual Studio 9.0
2010-02-17 10:55 . 2010-03-05 10:10 -------- d-----w- d:\program files\Microsoft.NET
2010-02-17 10:54 . 2010-02-17 10:54 -------- d-----w- d:\documents and settings\Wacko\Local Settings\Application Data\Microsoft Help
2010-02-17 10:54 . 2010-02-17 10:54 -------- d-----w- d:\program files\Microsoft Web Designer Tools
2010-02-17 10:54 . 2010-03-05 10:41 -------- d-----w- d:\documents and settings\All Users\Application Data\Microsoft Help
2010-02-17 10:54 . 2010-02-17 10:54 -------- d-----r- D:\MSOCache
2010-02-17 10:53 . 2010-02-17 10:53 -------- d-----w- d:\program files\Microsoft SDKs
2010-02-17 10:53 . 2010-02-17 10:53 65800 ----a-w- d:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-02-17 10:52 . 2010-02-17 10:52 -------- d-----w- d:\windows\system32\XPSViewer
2010-02-17 10:52 . 2010-03-05 10:02 -------- d-----w- d:\program files\MSBuild
2010-02-17 10:52 . 2010-02-17 10:52 -------- d-----w- d:\program files\Reference Assemblies
2010-02-17 10:51 . 2008-07-06 12:06 89088 ----a-w- d:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-17 10:51 . 2008-07-06 12:06 89088 -c----w- d:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-17 10:51 . 2008-07-06 12:06 575488 -c----w- d:\windows\system32\dllcache\xpsshhdr.dll
2010-02-17 10:51 . 2008-07-06 12:06 575488 ------w- d:\windows\system32\xpsshhdr.dll
2010-02-17 10:51 . 2008-07-06 12:06 1676288 -c----w- d:\windows\system32\dllcache\xpssvcs.dll
2010-02-17 10:51 . 2008-07-06 12:06 1676288 ------w- d:\windows\system32\xpssvcs.dll
2010-02-17 10:51 . 2008-07-06 12:06 117760 ------w- d:\windows\system32\prntvpt.dll
2010-02-17 10:51 . 2008-07-06 10:50 597504 -c----w- d:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-17 10:51 . 2008-07-06 10:50 597504 ------w- d:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-17 10:49 . 2010-02-17 10:49 -------- d-----w- d:\program files\MSXML 6.0
2010-02-17 08:21 . 2008-05-30 14:18 238088 ----a-w- d:\windows\system32\xactengine3_1.dll
2010-02-17 08:15 . 2010-02-17 08:15 -------- d-----w- d:\windows\Logs
2010-02-17 08:12 . 2010-02-17 08:12 -------- d--h--w- d:\windows\PIF
2010-02-17 08:07 . 2010-02-17 08:07 -------- d-s---w- d:\documents and settings\Wacko\UserData
2010-02-17 07:56 . 2010-03-09 15:58 -------- d-----w- d:\documents and settings\Wacko\Tracing
2010-02-17 07:56 . 2010-02-17 07:56 -------- d-----w- d:\program files\Zone Labs
2010-02-17 07:56 . 2010-03-09 15:59 -------- d-----w- d:\windows\Internet Logs
2010-02-17 07:55 . 2010-02-17 07:55 -------- d-----w- d:\documents and settings\Wacko\CPInfo
2010-02-17 07:54 . 2010-02-17 07:54 -------- d-----w- d:\program files\Microsoft
2010-02-17 07:54 . 2010-02-17 07:54 -------- d-----w- d:\program files\Windows Live SkyDrive
2010-02-17 07:53 . 2010-02-17 07:54 -------- d-----w- d:\program files\Windows Live
2010-02-17 07:50 . 2010-02-17 07:50 -------- d-----w- d:\program files\Common Files\Windows Live
2010-02-17 07:50 . 2010-03-05 12:59 17512 ----a-w- d:\documents and settings\Wacko\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-17 07:50 . 2010-02-17 07:50 -------- d-----w- d:\documents and settings\Wacko\Application Data\Paltalk
2010-02-17 07:50 . 2010-02-17 07:50 -------- d-----w- d:\program files\Paltalk Messenger
2010-02-17 07:50 . 2010-02-17 07:50 -------- d-----w- d:\windows\PaltalkScene
2010-02-17 07:17 . 2010-02-17 07:17 0 ----a-w- d:\windows\nsreg.dat
2010-02-17 07:17 . 2010-02-17 07:17 -------- d-----w- d:\documents and settings\Wacko\Local Settings\Application Data\Mozilla
2010-02-16 22:48 . 2010-03-05 20:37 -------- d-----w- d:\program files\uTorrent
2010-02-16 22:48 . 2010-03-09 15:48 -------- d-----w- d:\documents and settings\Wacko\Application Data\uTorrent
2010-02-16 22:48 . 2010-02-16 22:48 -------- d-----w- d:\windows\system32\Lang
2010-02-16 22:48 . 2010-02-16 22:48 -------- d-----w- d:\documents and settings\All Users\Application Data\nView_Profiles
2010-02-16 22:43 . 2010-02-16 22:43 -------- d-----w- d:\program files\AVG
2010-02-16 22:33 . 2007-11-30 11:18 26488 ----a-w- d:\windows\system32\spupdsvc.exe
2010-02-16 22:32 . 2007-05-04 15:31 190976 ----a-w- d:\windows\system32\NvRaidServersl.dll
2010-02-16 22:31 . 2010-02-16 22:31 -------- d-----w- D:\ERDNT
2010-02-16 22:29 . 2010-02-16 22:29 -------- d-----w- d:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-02-16 22:29 . 2010-02-16 22:30 -------- d-----w- d:\program files\NVIDIA Corporation
2010-02-16 22:29 . 2010-02-16 22:29 -------- d-----w- D:\NVIDIA

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-09 14:23 . 2010-02-17 23:56 18056846 ----a-w- d:\windows\Internet Logs\tvDebug.Zip
2010-03-06 14:12 . 2010-03-06 14:11 -------- d-----w- d:\program files\Research In Motion
2010-02-24 08:17 . 2010-02-16 22:33 -------- d-----w- d:\program files\Common Files\InstallShield
2010-02-19 19:34 . 2010-02-19 19:34 -------- d-----w- d:\documents and settings\Craig\Application Data\CheckPoint
2010-02-19 08:33 . 2010-02-19 19:34 1607680 ----a-w- d:\windows\Internet Logs\xDB39.tmp
2010-02-19 08:33 . 2010-02-19 19:34 3064320 ----a-w- d:\windows\Internet Logs\xDB38.tmp
2010-02-18 01:49 . 2010-02-16 21:51 86327 ----a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-17 08:03 . 2010-02-17 08:03 -------- d-----w- d:\documents and settings\Wacko\Application Data\CheckPoint
2010-02-17 08:03 . 2010-02-17 08:03 -------- d-----w- d:\program files\CheckPoint
2010-02-17 08:03 . 2010-02-17 08:03 4212 ---ha-w- d:\windows\system32\zllictbl.dat
2010-01-12 04:03 . 2010-01-27 21:19 61440 ----a-w- d:\windows\system32\OpenCL.dll
2010-01-12 04:03 . 2010-01-27 21:19 2259560 ----a-w- d:\windows\system32\nvcuvid.dll
2010-01-12 04:03 . 2010-01-27 21:19 4104192 ----a-w- d:\windows\system32\nvcuda.dll
2010-01-12 04:03 . 2010-01-27 21:19 4077672 ----a-w- d:\windows\system32\nvcuvenc.dll
2010-01-12 04:03 . 2010-01-27 21:19 182888 ------w- d:\windows\system32\nvcod.dll
2010-01-12 04:03 . 2010-01-27 21:19 11632640 ----a-w- d:\windows\system32\nvcompiler.dll
2010-01-12 04:03 . 2010-01-27 21:19 2283526 ----a-w- d:\windows\system32\nvdata.bin
2010-01-11 22:17 . 2010-01-11 22:17 145000 ----a-w- d:\windows\system32\nvcolor.exe
2004-08-04 11:00 . 2004-08-04 11:00 155547 --sha-r- d:\windows\system32\zsqnlbmk.dll
.

------- Sigcheck -------

[-] 2009-02-09 . 1745B00FC1141404B28F4B94F69A8871 . 359040 . . [5.1.2600.2180] . . d:\windows\system32\drivers\tcpip.sys

[-] 2009-02-09 . B1A4A1389949C3B3E99E51FD444E4E57 . 1580544 . . [5.1.2600.2180] . . d:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2010-03-05 319280]
"msnmsgr"="d:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2007-04-20 1626112]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2007-04-20 8429568]
"NVRaidService"="d:\windows\system32\nvraidservice.exe" [2007-05-04 188200]
"NvMediaCenter"="d:\windows\system32\NvMcTray.dll" [2007-04-20 81920]
"ZoneAlarm Client"="d:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"ISW"="d:\program files\CheckPoint\ZAForceField\ForceField.exe" [2009-10-14 730480]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"PWRISOVM.EXE"="d:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
"AdobeCS4ServiceManager"="d:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="d:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="d:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"BlackBerryAutoUpdate"="d:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-07-01 623960]
"RTHDCPL"="RTHDCPL.EXE" [2010-01-19 18790432]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2004-08-04 99840]

d:\documents and settings\Wacko\Start Menu\Programs\Startup\
Desktop Manager.lnk - d:\program files\Research In Motion\BlackBerry\DesktopMgr.exe [2009-7-1 1717592]

d:\documents and settings\All Users\Start Menu\Programs\Startup\
PalTalk.lnk - d:\program files\Paltalk Messenger\paltalk.exe [2010-2-9 11950344]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Glob allyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"9744:TCP"= 9744:TCPxfukc

R2 ISWKL;ZoneAlarm Toolbar ISWKL;d:\program files\CheckPoint\ZAForceField\ISWKL.sys [14/10/2009 13:30 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;d:\program files\CheckPoint\ZAForceField\ISWSVC.exe [14/10/2009 13:30 476528]
S2 xhxdaazy;Windows Boot;d:\windows\system32\svchost.exe -k netsvcs [04/08/2004 11:00 14336]
S3 Ambfilt;Ambfilt;d:\windows\system32\drivers\Ambfilt.sys [16/02/2010 22:33 1691480]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
xhxdaazy
.
.
------- Supplementary Scan -------
.
IE: Append Link Target to Existing PDF - d:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - d:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - d:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - d:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
FF - ProfilePath - d:\documents and settings\Wacko\Application Data\Mozilla\Firefox\Profiles\jsh0wt9g.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ig?hl=en
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - component: d:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPl ugin.dll

---- FIREFOX POLICIES ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
d:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
d:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-09 16:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xhxdaazy]
"ServiceDll"="d:\windows\system32\zsqnlbmk.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(624)
d:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

- - - - - - - > 'lsass.exe'(680)
d:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

- - - - - - - > 'explorer.exe'(2460)
d:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
d:\windows\system32\msi.dll
.
Completion time: 2010-03-09 16:06:12
ComboFix-quarantined-files.txt 2010-03-09 16:06

Pre-Run: 39,872,352,256 bytes free
Post-Run: 40,902,733,824 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Downloading" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(4)\WINDOWS.0="Gaming" /noexecute=optin /fastdetect

- - End Of File - - D74C0C6D584C1644411853E1CE759F13



HELLPPPPP!!!!!!!!!

[wackostylee]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:13, on 09/03/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\inetsrv\inetinfo.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\CheckPoint\ZAForceField\ForceField.exe
D:\WINDOWS\system32\nvraidservice.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\PowerISO\PWRISOVM.EXE
D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
D:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\wbem\unsecapp.exe
D:\Program Files\Paltalk Messenger\paltalk.exe
D:\Program Files\Windows Live\Messenger\msvs.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\cmd.exe
D:\WINDOWS\system32\nslookup.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - D:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - D:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVRaidService] D:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "D:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "D:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] D:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Desktop Manager.lnk = D:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: PalTalk.lnk = D:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - D:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - D:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6784 bytes

[wackostylee]

Somebody pleaseeeee help!!!!!!! im a website developer and not being able to connect to microsoft.com renders visual studio help useless!

[JohnWill]

You posted a lot of stuff, but nothing about the environment.


Please supply the following info, exact make and models of the equipment please.

Name of your ISP (Internet Service Provider).
Make and exact model of the broadband modem.
Make and exact model and hardware version of the router (if a separate unit).
Make and exact model and hardware version of any other network equipment, like a repeater, a booster, hi-gain antenna, etc.
Model numbers can usually be obtained from the label on the device.
Connection type, wired or wireless.
If wireless, encryption used, (none, WEP, WPA, or WPA2)
Version and patch level of Windows on all affected machines, i.e. XP (Home or Pro), SP1-SP2-SP3, Vista (Home, Business, Ultimate), etc.
The Internet Browser in use, IE, Firefox, Opera, etc.




Please give an exact description of your problem symptoms, including the exact text of any error messages.

• Have you tried to do a system restore to before the problem occurred?
• If you're using a wireless connection, have you tried a direct connection with a cable to see if that changes the symptoms?
• For wireless issues, have you disabled all encryption on the router to see if you can connect that way?
• For wireless connection issues, have you removed all the stored wireless network profiles and then searched for the network?
• For wireless laptops, have you made SURE the wireless switch is on?
• For wired connection issues, have you booted in Safe Mode with Networking to see if that changes the symptoms?
• Have you connected directly to the broadband modem to see if this is a router or modem/ISP issue?
• If there are other computers on the same network, are they experiencing the same issue, or do they function normally?

On any affected computer, I'd also like to see this:

Hold the Windows key and press R, then type CMD (COMMAND for W98/WME) to open a command prompt:

Type the following commands on separate lines, following each one with the Enter key:

PING 74.125.45.100

PING yahoo.com

NBTSTAT -n

IPCONFIG /ALL

Right click in the command window and choose Select All, then hit Enter.
Paste the results in a message here.

If you are on a machine with no network connection, use a floppy, USB disk, or a CD-RW disk to transfer a text file with the information to allow pasting it here.

[wackostylee]

i use an nVidia nForce Networking Controller Connected to a DLink DIR-615 Router which is setup to a Virgin Media 50Meg Broadband Connection.

If u click on the SPEC bit by my name ive supplied my pc specification there.

it basically prevents me from accessing the websites that ive put in the first post on this machine only, my partner's machine uses and Edimax Wireless N Adapter (PCI) and she can access the websites with no problem.

All it says when i navigate to Microsoft.Com or AVG.Com etc is: DNS Error
Or in firefox is says: Firefox can't find the server at www.microsoft.com.

The PC Is Running:

Windows XP Professional SP2
IIS6
Microsoft Visual Studio 2008
SQL Server 2005 Express Edition
Adobe Master Collection CS3
Windows Live Messenger
Blackberry Desktop Manager

Its an ABIT Motherboard AN-M2HD
AMD Athlon X2 2.6 GHz
2GB Corsair X2 DDR2
GeForce 8400GS (PCI)
2 x Maxtor 160GB SATA 2 HDD's (Via nVidia nForce Storage Controller)
1 x Maxtor 160GB IDE HDD
LG DVD-RAM Drive
No Floppy Drive
IE8
FireFox 3.6

Hope This Helps John.

[wackostylee]

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
D:\Documents and Settings\Wacko>nbstat -n
'nbstat' is not recognized as an internal or external command,
operable program or batch file.
D:\Documents and Settings\Wacko>nbtstat -n
Local Area Connection:
Node IpAddress: [192.168.0.101] Scope Id: []
NetBIOS Local Name Table
Name Type Status
---------------------------------------------
CMDEV <00> UNIQUE Registered
WORKGROUP <00> GROUP Registered
CMDEV <20> UNIQUE Registered
WORKGROUP <1E> GROUP Registered
D:\Documents and Settings\Wacko>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : cmdev
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : localhost
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : localhost
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-50-8D-B7-00-20
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.101
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : 09 March 2010 19:57:09
Lease Expires . . . . . . . . . . : 16 March 2010 19:57:09
D:\Documents and Settings\Wacko>ping 74.125.45.100
Pinging 74.125.45.100 with 32 bytes of data:
Reply from 74.125.45.100: bytes=32 time=109ms TTL=52
Reply from 74.125.45.100: bytes=32 time=112ms TTL=52
Reply from 74.125.45.100: bytes=32 time=111ms TTL=52
Reply from 74.125.45.100: bytes=32 time=111ms TTL=52
Ping statistics for 74.125.45.100:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 109ms, Maximum = 112ms, Average = 110ms
D:\Documents and Settings\Wacko>ping yahoo.com
Pinging yahoo.com [209.191.93.53] with 32 bytes of data:
Reply from 209.191.93.53: bytes=32 time=138ms TTL=47
Reply from 209.191.93.53: bytes=32 time=137ms TTL=47
Reply from 209.191.93.53: bytes=32 time=137ms TTL=47
Reply from 209.191.93.53: bytes=32 time=137ms TTL=47
Ping statistics for 209.191.93.53:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 137ms, Maximum = 138ms, Average = 137ms
D:\Documents and Settings\Wacko>

[Acen]

Perhaps your hosts file has entries in it which are blocking access to these websites?

Browse to "C:\Windows\System32\drivers\etc" and open the "hosts" file with Notepad or Wordpad.
Please post the contents.

[wackostylee]

nope, the only think in the hosts file is the usual Localhost entry

[Frank4d]

Looks infected to me. First clue is that you cannot access any anti-virus sites.

Quote:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
xhxdaazy

Quote:

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xhxdaazy]
"ServiceDll"="d:\windows\system32\zsqnlbmk.dll"

[JohnWill]

I find it odd that NSLOOKUP.EXE is running...

[wackostylee]

ive had a look for what u quoted john and they are no longer there....

dunno what to do!

[JohnWill]

Run Malwarebytes' Anti-Malware and see if it finds anything.

[crashboy]

Ok, I have same issue, I found how to fix this temporarily but still working on long term fix, this virus/Trojan / malware does poisons the DNS cache,

There are 2 way to fix it:

1st Way
Open task manger > Process -> View menu > Select Columns > Check Process Identifier.
Now, find any svchost.exe process under Network Service(Username) and if you see svchost.exe process with PID from 1200 to 1299(it changes each time to random) then kill that process. Once that's done you should be able to browse that website until u restart the computer.

2nd Way - Easy way
Open command prompt
type the command "net stop dnscache"
Now you can browse those websites again.
You can turn the service on again if you like

Type "net start dnscache"

But I am still trying to get better/long-term solution as this comes back until you restart the computer.

Hope this helps for now.

[JohnWill]

Well, the real way to fix it is to get rid of the Trojan if he has one!

[crashboy]

Fix is to download and run:
Windows Malicious tool : "windows-kb890830-v3.5" that will get rid of this virus - conficker or conficker.b or conficker.d.