CNET
Holiday Gift Guide 2019
Shop By Price
Best gifts under $25 Best gifts under $50 Best gifts under $100 Best gifts under $250 Best gifts under $500 Best Black Friday deals
Top Categories
Laptops Smart Home Phones TVs Headphones Tablets
More Guides
Holiday Survival Guide GameSpot Gift Guide Chowhound Gift Guide Hottest toys for the holiday Top picks for Star Wars fans Wellness gifts
All the best products
Editors' Choice Versus Best Headphones Best Laptops Best Phones Best TVs Best Speakers Best Routers Best Smart Home Best Tablets Best Refrigerators Best Washing Machines Best Digital Cameras Best Hard Drives Best Printers Best Wearable Tech Best AV Receivers Best iPhone Apps Best Media Streamers Best Dishwashers Best Coffee Machines
All reviews
Appliances Audio Cameras Cars Desktops Drones Headphones Laptops Media Streamers Monitors Networking Phones new 5G Phones Printers Smart Home Speakers Tablets TVs VPNs Wearables & VR Web Hosting
All news
5G Apple Computers Culture Google Health & Wellness Internet Microsoft Mobile Newsletters Sci-Tech Security Tech Industry Special Features Photo Galleries
All video
Most Popular News How To Special Features Appliances Audio Cameras Gaming Home Entertainment Laptops Smart Home Tablets TVs Wearable Tech CNET Top 5 Tech Today The Apple Core What the Future Alphabet City 3:59 CNET Podcasts
All how to
Appliances Computers Gaming Home Entertainment Internet Mobile Apps Phones Photography Security Smart Home Streaming TV Tablets Wearable Tech Forums
All smart home
Best smart home devices Guide to smart living News Tour our smart apartment Tour our smart house
Product compatibility
Amazon Alexa Apple HomeKit Belkin WeMo Google Assistant Lutron Nest Philips Hue Samsung SmartThings Wink
Roadshow
Reviews Video News Pictures Recalls AutoComplete Carfection Cooley On Cars Car Audio Electric Cars Auto Buying Program
Best cars
Best Affordable Cars Best Crossovers Best Electric Cars Best Family Cars Best Fuel-Efficient Cars Best Hybrids Best Sedans Best SUVs Best Trucks
All deals
The Cheapskate Best VPN Services Best Web Hosting Best Password Managers Audio Deals Camera Deals Desktop Deals Hard Drive Deals Laptop Deals Monitor Deals Phone Deals Printer Deals Software Deals Tablet Deals TV Deals
Download
5G
Editions
English Español China France Germany Japan Korea
Settings
My Profile Forums Sign Out
Join / Sign In
  • Forums
  • Computer Help
General discussion

hijackthis logfile needs reviewed please.

by bakerbarber | November 25, 2008 12:52 PM PST

Browser is getting redirect. I triend av, adaware, reg mech, blah. I removed ip destination fron dns set to auto aquire. Still getting browser redirects.

here's my log
please help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:40:32 PM, on 11/25/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\lxcjcoms.exe
C:\Windows\system32\PSIService.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\TUProgSt.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\alg.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\BitComet\BitComet.exe
C:\Windows\system32\p2phost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: MRI_DISABLED
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{8B1ED40D-90D5-4032-BE98-5F4102DC9D35}: NameServer = 85.255.112.115;85.255.112.186
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2ACFC9E-533B-42A7-A7E4-B6FBB25A40C0}: NameServer = 85.255.112.115;85.255.112.186
O17 - HKLM\System\CS1\Services\Tcpip\..\{8B1ED40D-90D5-4032-BE98-5F4102DC9D35}: NameServer = 85.255.112.115;85.255.112.186
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Program Files\Common Files\BCL Technologies\NitroPDF5\bepldr.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: lxcj_device - - C:\Windows\system32\lxcjcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdnqd.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11768 bytes


Any advice would be appreciated..

Discussion is locked

Follow
Follow this discussion and email me when there are updates Stop following this discussion
Reply to: hijackthis logfile needs reviewed please.
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: hijackthis logfile needs reviewed please.
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
1 Posts
- Collapse + Expand Details
- Collapse -
Sorry, We Don't Do HJT Logs Here..
by Grif Thomas Forum moderator | November 25, 2008 1:13 PM PST

Please click on the link below and visit one of the specialized forums which interpret HijackThis. Our forums don't do such.

http://forums.cnet.com/5208-6132_102-0.html?forumID=32&threadID=255339&messageID=2533167

Locking this thread.

Grif

0
Back to Computer Help forum
Create a discussion
Create a new discussion
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
 

CNET Forums

Operating Systems
  • Windows 10
  • Windows 8
  • Windows 7
  • Windows Vista
  • Windows Legacy OS
  • Mac OS
  • Linux
  • Chrome OS
  • Android
Software
  • PC Applications
  • Mac Applications
  • Mobile Applications
  • Spyware, Viruses, & Security
  • Office & Productivity Software
  • Audio & Video Software
  • Photo Editing & Graphic Design
  • Browsers, E-mail, & Web Apps
Electronics & Gadgets
  • Cameras
  • Video Cameras
  • TVs & Home Theaters
  • HDTV Picture Setting
  • Smart Home & Appliances
  • Video Games & Consoles
Hardware
  • Desktops
  • Mac Desktops
  • Laptops
  • MacBooks
  • PC Hardware
  • Mac Hardware
  • Storage
  • Networking & Wireless
  • Peripherals
Tablets & Mobile Devices
  • Phones
  • Tablets
  • iPhones, iPods, & iPads
  • E-readers
  • Headphones & Mp3 Players
  • Wearable Tech
General Help
  • Computer Help
  • Computer Newbies
  • How To
  • Web Hosting, Design, & Coding
  • Internet Service Providers
  • Small business & Startups
Brand Forums
  • Avast & AVG
  • Dell
  • HP
  • LG
  • Samsung
  • Sony
Roadshow Autos
  • Car Buying Tips - Roadshow
  • Car Parts, Gadgets, & How-to's - Roadshow
  • Car News, Rumors, & Concepts - Roadshow
  • Auto Repair - Roadshow
  • Community Garage - Roadshow
Off Topic
  • The CNET Lounge
  • Speakeasy
  • Download.com Site Feedback
  • Tech Deals
  • Forum Feedback & Announcements
  • Test

Other Forums

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic

Forum Info

  • Real-Time Activity
  • Resolved Questions
  • My Tracked Discussions
  • FAQs
  • Policies
  • Moderators
English | Español
More From CNET
Black Friday deals right now
The Guide to Wellness
Holiday Survival Guide
New to Netflix in December
About
About CNET
Sitemap
Careers
Help Center
Privacy Policy
Terms of Use
Mobile User Agreement
Licensing
Ad Choice
Follow us
Affiliate Disclosure
CNET may get a commission from retail offers.
© CBS Interactive Inc.
All Rights Reserved.