Spyware, Viruses, & Security forum

General discussion

"block.opendns.com" what is this and how did I get it?

by chad11950 / February 25, 2009 10:01 AM PST

When i try to go to numerous sites using IE, like "yourfilehost" I am all of a sudden getting the following page:
http://block.opendns.com/?url=90808683717477707380848515688078&ablock

I have no idea what opendns is, this is a home comp and I have no blocking software, or at least i didn't until today. I am using XP. If I go back to my aol browser I don't get this. Any help is greatly appreciated.

Post a reply
Discussion is locked
You are posting a reply to: "block.opendns.com" what is this and how did I get it?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: "block.opendns.com" what is this and how did I get it?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
"block.opendns.com" what is this
by Marianna Schmudlach / February 25, 2009 10:34 AM PST

I just tried "yourfilehost" with IE and I am NOT having any problems to get the webpage.

OpenDNS is a free service that works for networks of all sizes, from home networks to K-12 schools, SMBs and large enterprises. Learn more about how OpenDNS can benefit you by selecting your network type on the left.

http://www.opendns.com/solutions/overview/

Maybe you should run MalwareBytesAntiMalware to see IF there is "malware" on your computer:

Please download Malwarebytes Anti-Malware (v1.33) and save it to your desktop.
alternate download link 1
alternate download link 2
If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.

* Make sure you are connected to the Internet.
* Double-click on mbam-setup.exe to install the application.
* When the installation begins, follow the prompts and do not make any changes to default settings.
* When installation has finished, make sure you leave both of these checked:
o Update Malwarebytes' Anti-Malware
o Launch Malwarebytes' Anti-Malware
* Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

* If an update is found, the program will automatically update itself.
* Press the OK button to close that box and continue.
* If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.

On the Scanner tab:

* Make sure the "Perform Quick Scan" option is selected.
* Then click on the Scan button.
* If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
* The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
* When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
* Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

* Click on the Show Results button to see a list of any malware that was found.
* Make sure that everything is checked, and click Remove Selected.
* When removal is completed, a log report will open in Notepad.
* The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
* Copy and paste the contents of that report in your next reply and exit MBAM.

Notes: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes. Click this link to see a list of programs that should be disabled.

Collapse -
"block.opendns.com" what is this
by chad11950 / February 25, 2009 11:05 AM PST

Thank you so much for your reply. I did as you recomended and the scan found nothing. This thing is somehow redirecting me or just blocking web pages. I'm at a loss.

Collapse -
Do you have Google Search ?
by Marianna Schmudlach / February 25, 2009 11:36 AM PST

Useful Tips to Prevent OpenDNS From Redirecting Google Searches in Firefox and Internet Explorer

Have a look IF this would help:

Set Google as default search engine for Internet Explorer browser:
1) Go to Start -> Run, then type regedit and press enter
2) Look for ?HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes?
3) Open {6A1806CD-94D4-4689-BA73-E35EA1EA9990} for Internet Explore 6 and {0633EE93-D776-472f-A0FF-E1416B8B2E3A} for Internet Explorer 7, set the value as ?http://www.google.com/search?q={searchTerms}?

If you are one of them that face the same problem, no harm to have a quick try now if it resolves your issue.



http://www.mydigitallife.info/2008/09/30/useful-tips-to-prevent-opendns-from-redirecting-google-searches-in-firefox-and-internet-explorer/

Collapse -
Do you have Google Search ?
by chad11950 / February 25, 2009 11:52 AM PST

I tried this and all I have under SearchScopes is google.

Collapse -
Another thought......
by Marianna Schmudlach / February 25, 2009 11:54 AM PST

Download and scan with SUPERAntiSpyware Free for Home Users

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):

Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.

* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".

Does it find anything?

Collapse -
IF SuperAntispyware.......
by Marianna Schmudlach / February 25, 2009 11:58 AM PST
In reply to: Another thought......

also does NOT find anything, have a look at your HOSTS file

Location and default content

The hosts file is located in different locations in different operating systems and even in different Windows versions:

http://en.wikipedia.org/wiki/Hosts_file

is anything\something added to your hosts file?

Collapse -
IF SuperAntispyware.......
by chad11950 / February 25, 2009 1:52 PM PST

I have run 4 different scans with no results. I can't find the host key as listed in the article you mentioned.

Collapse -
Hosts file
by Marianna Schmudlach / February 25, 2009 1:54 PM PST

Which Operating System do you have?

f.i. I have XP and my hosts file is here:

C:\WINDOWS\System32\drivers\etc\hosts.

Collapse -
Hosts file
by chad11950 / February 25, 2009 2:03 PM PST
In reply to: Hosts file

I have XP. I found that file. What should I look for in it?

Collapse -
Have a look .........
by Marianna Schmudlach / February 25, 2009 2:23 PM PST
In reply to: Hosts file

IF you have the same as I have:

lmhosts.sam

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample LMHOSTS file used by the Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to computernames
# (NetBIOS) names. Each entry should be kept on an individual line.
# The IP address should be placed in the first column followed by the
# corresponding computername. The address and the computername
# should be separated by at least one space or tab. The "#" character
# is generally used to denote the start of a comment (see the exceptions
# below).
#
# This file is compatible with Microsoft LAN Manager 2.x TCP/IP lmhosts
# files and offers the following extensions:
#
# #PRE
# #DOM:<domain>
# #INCLUDE <filename>
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
#
# Following any entry in the file with the characters "#PRE" will cause
# the entry to be preloaded into the name cache. By default, entries are
# not preloaded, but are parsed only after dynamic name resolution fails.
#
# Following an entry with the "#DOM:<domain>" tag will associate the
# entry with the domain specified by <domain>. This affects how the
# browser and logon services behave in TCP/IP environments. To preload
# the host name associated with #DOM entry, it is necessary to also add a
# #PRE to the line. The <domain> is always preloaded although it will not
# be shown when the name cache is viewed.
#
# Specifying "#INCLUDE <filename>" will force the RFC NetBIOS (NBT)
# software to seek the specified <filename> and parse it as if it were
# local. <filename> is generally a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# It is ALWAYS necessary to provide a mapping for the IP address of the
# server prior to the #INCLUDE. This mapping must use the #PRE directive.
# In addtion the share "public" in the example below must be in the
# LanManServer list of "NullSessionShares" in order for client machines to
# be able to read the lmhosts file successfully. This key is under
# \machine\system\currentcontrolset\services\lanmanserver\parameters\nullsessionshares
# in the registry. Simply add "public" to the list found there.
#
# The #BEGIN_ and #END_ALTERNATE keywords allow multiple #INCLUDE
# statements to be grouped together. Any single successful include
# will cause the group to succeed.
#
# Finally, non-printing characters can be embedded in mappings by
# first surrounding the NetBIOS name in quotations, then using the
# \0xnn notation to specify a hex value for a non-printing character.
#
# The following example illustrates all of these extensions:
#
# 102.54.94.97 rhino #PRE #DOM:networking #net group's DC
# 102.54.94.102 "appname \0x14" #special app server
# 102.54.94.123 popular #PRE #source server
# 102.54.94.117 localsrv #PRE #needed for the include
#
# #BEGIN_ALTERNATE
# #INCLUDE \\localsrv\public\lmhosts
# #INCLUDE \\rhino\public\lmhosts
# #END_ALTERNATE
#
# In the above example, the "appname" server contains a special
# character in its name, the "popular" and "localsrv" server names are
# preloaded, and the "rhino" server name is specified so it can be used
# to later #INCLUDE a centrally maintained lmhosts file if the "localsrv"
# system is unavailable.
#
# Note that the whole file is parsed including comments on each lookup,
# so keeping the number of comments to a minimum will improve performance.
# Therefore it is not advisable to simply add lmhosts file entries onto the
# end of this file.

Or do you have "something" added?

Note: you can OPEN the file with: Notepad

Collapse -
Have a look .........
by chad11950 / February 25, 2009 2:36 PM PST
In reply to: Have a look .........

Mine is exactly the same. What does all that tell me?
There is a file "hosts" as well as "hosts.sam"

Collapse -
file hosts.....
by Marianna Schmudlach / February 25, 2009 2:45 PM PST
In reply to: Have a look .........
There is a file "hosts" as well as "hosts.sam"

Did you have a look in the "hosts" and "hosts.sam" ??

Is there anything unusual added to these files?

You are looking IF there is an entry that doesn't belong there and is blocking your access to several webpages.
Collapse -
"block.opendns.com" what is this
by chad11950 / February 25, 2009 3:15 PM PST

My file imhosts.sam is word for word the same as yours.
My hosts file is:
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost

Collapse -
I am "stumped".......
by Marianna Schmudlach / February 25, 2009 11:21 PM PST

Which version of Internet Explorer do you have?

Do you have ALL Microsoft Updates?

Collapse -
Another thought...
by Marianna Schmudlach / February 26, 2009 12:01 AM PST
In reply to: I am "stumped".......

Have a look here:

In IE, open "Tools\Internet Options\Security\Restricted Sites"

Is there "something" ??

Collapse -
Another thought...
by chad11950 / February 26, 2009 10:45 AM PST
In reply to: Another thought...

Thank you so very much for the replies. This morning as suddenly as it started it has stopped. No clue what changed. I did recieve this reply from opendns today:

OpenDNS is not an installed software. It is merely a setting that was changed on your computer to reflect our DNS servers. Please try the following to clear up the behavior if you feel this is in error - after you are done, reboot and you should be all clear:

-Browser Cache flush

(It depends which browser you are using, but generally they all flush cache the same way.)

Firefox - Tools -> Clear Private Data -> Cache -> Clear Private Data Now.

Internet Explorer - Tools -> Delete Browsing History -> Temporary Internet Files -> Delete Files.

Opera - Tools -> Delete Private Data -> Delete

Safari - History -> Delete History.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

-Local Machine DNS Cache Flush

Windows: Start Menu -> Run -> CMD -> ' ipconfig /flushdns '

Mac: Terminal -> dscacheutil -flushcache

Collapse -
Glad to hear ALL is well again :)
by Marianna Schmudlach / February 26, 2009 11:03 AM PST
In reply to: Another thought...

You Are Very Welcome Wink

Collapse -
I just tried yourfilehost.com
by roddy32 / February 25, 2009 11:23 AM PST

with BOTH IE and Firefox and I use OpenDNS and there was no blocking here on either browser.

Collapse -
I just tried yourfilehost.com
by chad11950 / February 25, 2009 1:48 PM PST

I don't use opendns. Until a few hours ago I had never heard of it. Somehow it has gotten into my pc, or at least it seems that way. I just want to get rid of it.

Collapse -
Just My Usual Paranoia...But
by tobeach / February 25, 2009 1:32 PM PST

That is AOL trying to make sure you can only search thru their engine?
AOL has reset your DNS settings to ONLY their addie? Just W.A.G. Happy

Collapse -
Just My Usual Paranoia...But
by chad11950 / February 25, 2009 1:51 PM PST

I don't really know what you mean but I can access any site on the aol browser, but with IE I get this opendns page.

Popular Forums
icon
Computer Help 49,613 discussions
icon
Computer Newbies 10,349 discussions
icon
Laptops 19,436 discussions
icon
Security 30,426 discussions
icon
TVs & Home Theaters 20,308 discussions
icon
Windows 10 360 discussions
icon
Phones 15,802 discussions
icon
Windows 7 7,351 discussions
icon
Networking & Wireless 14,641 discussions

Tech explained

Do you know what an OLED TV is?

CNET explains how OLED technology differs from regular TVs, and what you need to know to make the right shopping decision.