Can't go to microsoft.com

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

susanthaqslk

Thread Starter
Joined
Dec 24, 2010
Messages
6
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:50 AM, on 12/25/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CAP2RSK.EXE
C:\WINDOWS\system32\CNAB6RPK.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Seekmo\bin\10.3.86.0\SeekmoSA.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\024h Lucky Reminder\LuckyReminder.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP2LAK.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP2SWK.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP2SWK.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP2SWK.EXE
C:\Program Files\Sinhala Kit\SinhalaKit.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.100.1:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.56\ShoppingReport.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Seekmo - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Seekmo\bin\10.3.86.0\HostIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Seekmo - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Seekmo\bin\10.3.86.0\HostIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [outlook] C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O4 - HKLM\..\Run: [CAP2ON] C:\WINDOWS\system32\Spool\Drivers\w32x86\3\CAP2ONN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.3.86.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [024h Lucky Reminder] "C:\Program Files\024h Lucky Reminder\LuckyReminder.exe" /m
O4 - HKCU\..\Run: [IDMan] C:\Documents and Settings\susantha\Desktop\Portable IDM V.5.1.2\IDMan.exe /onboot
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Canon LASER SHOT LBP-1210 ª¬ºAµøµ¡.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP2LAK.EXE
O4 - Global Startup: Sinhala Kit.lnk = C:\Program Files\Sinhala Kit\SinhalaKit.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download all links with IDM - C:\Documents and Settings\susantha\Desktop\Portable IDM V.5.1.2\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Documents and Settings\susantha\Desktop\Portable IDM V.5.1.2\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Documents and Settings\susantha\Desktop\Portable IDM V.5.1.2\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.56\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.56\ShoppingReport.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tiip.com
O17 - HKLM\Software\..\Telephony: DomainName = tiip.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9543C0B-7DFB-446B-96F1-A8170CDADC11}: NameServer = 192.168.100.1,203.143.29.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tiip.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = tiip.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\DOCUME~1\susantha\LOCALS~1\APPLIC~1\Skype\Shared\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/susantha/LOCALS~1/Temp/msohtmlclip1/01/clip_image001.jpg

--
End of file - 14175 bytes
 

Phantom010

Trusted Advisor
Joined
Mar 9, 2009
Messages
34,796
susanthaqslk,

Hi and welcome to TSG! :)

You really should have started your own thread about your problem. You'd have had a much better chance of being noticed. However, since pingu1233, the original poster, seems to have disappeared a month ago, let's continue in this thread. :)

Is your computer still part of the domain from tiip.com?

If not, and you do not recognize it at all, then you should probably fix the following entries in HijackThis:

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tiip.com

O17 - HKLM\Software\..\Telephony: DomainName = tiip.com

O17 - HKLM\System\CCS\Services\Tcpip\..\{A9543C0B-7DFB-446B-96F1-A8170CDADC11}: NameServer = 192.168.100.1,203.143.29.1

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tiip.com

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = tiip.com

To do so, run HijackThis again.

Select Do a system scan only.

Check the above O17 entries.

Click Fix checked.


Your Internet Explorer LAN settings are configured with a proxy server: 192.168.100.1:80

That can also be the reason you can't connect to Microsoft's websites.

Open Internet Explorer. Click Tools > Internet Options > Connections > Lan settings > Proxy server > Advanced > delete proxy server settings > click OK > uncheck all boxes > click OK.

In Firefox, click Tools > Options... > General > Advanced > Network > Settings > delete proxy settings > select No proxy > click OK.

===================================================================

You should get rid of Seekmo. It's adware.

===================================================================

Run HijackThis again.

Select Do a system scan only.

Put a check mark on:

O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.56\ShoppingReport.dll

O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.56\ShoppingReport.dll

O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.56\ShoppingReport.dll


Click Fix checked.

===================================================================

Why haven't you updated XP SP2 to SP3 yet? SP2 isn't supported by Microsoft anymore. You should really update to keep your system safe and working properly. Same thing goes for your old IE6. You should definitely upgrade to IE8.
 

susanthaqslk

Thread Starter
Joined
Dec 24, 2010
Messages
6
Yes, I followed all instruction given by you. My problem is, if it is proxy problem how i can access all other web sites without MS sites and all antivirous sites.?
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
80,837
DNS hijack is one possibility. I don't know if that would show in a HJT log. Let's see ...

Start, Run, CMD, OK to open a command prompt:
(For Vista or 7 type CMD in the Search box after Start)

Type the following command:

IPCONFIG /ALL

[Note that there is no space between the slash and ALL.]

Right click in the command window and choose Select All, then hit Enter.
Paste the results in a message here.

If necessary use a text file and removable media to copy the results to a computer with internet access.
 

susanthaqslk

Thread Starter
Joined
Dec 24, 2010
Messages
6
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\susantha>IPCONFIG /ALL

Windows IP Configuration

Host Name . . . . . . . . . . . . : pc025
Primary Dns Suffix . . . . . . . : tiip.com
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : tiip.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168/8111 PCI-E Gigabit E
thernet NIC
Physical Address. . . . . . . . . : 00-1F-E2-64-D0-C9
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.100.188
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.100.254
DHCP Server . . . . . . . . . . . : 192.168.100.1
DNS Servers . . . . . . . . . . . : 8.8.8.8
8.8.8.4
Lease Obtained. . . . . . . . . . : Tuesday, December 28, 2010 8:47:31 A
M
Lease Expires . . . . . . . . . . : Wednesday, January 05, 2011 8:47:31
AM

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Bluetooth PAN Network Adapter
Physical Address. . . . . . . . . : 00-1F-81-00-01-00

C:\Documents and Settings\susantha>
 
Joined
May 8, 2010
Messages
6
Hi Susantha,

My guess is that the PC is infected. Try running malwarebytes and superantispyware extensively in both SMWN and in normal mode. Do let us know if this was of any help
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
80,837
Hi Susantha,

My guess is that the PC is infected. Try running malwarebytes and superantispyware extensively in both SMWN and in normal mode. Do let us know if this was of any help
Then you should have "guessed" to advise how to post needed information and to Report to request a move to the proper forum. Or, since there is already a Trusted Advisor on the case even better you should have "guessed" to just keep quiet.

You are not authorized to advise on malware matters.
 

Phantom010

Trusted Advisor
Joined
Mar 9, 2009
Messages
34,796
DNS hijack is one possibility. I don't know if that would show in a HJT log. Let's see ...
Yes, it usually does show in HijackThis' O17 entries.

In this case, tiip.com is the domain (which seems legit) "hijacking" the DNS settings.

Has everything on the Microsoft link been tried?

http://support.microsoft.com/kb/836941/en-us

If all fails, you might have an infection stopping you from accessing Windows Update.

In that case, please click on Report and kindly ask to be moved to the Virus & Other Malware Removal forum. Be sure to provide the appropriate reports in that forum after reading THIS. From there, be patient. You should get an answer within the next 48 hours. Those guys are really busy!

Also, please post a new HijackThis log here.
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
80,837
The DNS servers showing are 8.8.8.8 (Google public DNS server) and 8.8.8.4 (unknown to me). I would delete the 8.8.8.4 or change it to 8.8.4.4 (another Google public server).
 

Phantom010

Trusted Advisor
Joined
Mar 9, 2009
Messages
34,796
TerryNet,

I'm the one who asked susanthaqslk to try Google Public DNS and OpenDNS. :)

8.8.8.4 is a mistype from susanthaqslk.

That obviously didn't work. :(
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top