How do I get rid of daosearch.com?

Welcome Guest ( Log In | Register )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.

> Geeks to Go! » Security » Malware Removal - HijackThis� Logs Go Here

How do I get rid of daosearch.com?, daosearch.com taking over - log file att

Options

cghoenes View Member Profile	Mar 30 2005, 09:44 AM Post #1
Member Posts: 11 OS: Windows XP Pro	Please help me. Below is my log file. For some reason daosearch.com is trying to take over my homepage and altering my google searches. Logfile of HijackThis v1.99.1 Scan saved at 10:36:26 AM, on 3/30/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\System32\cmdtel.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SpywareGuard\sgmain.exe C:\PROGRA~1\Webshots\webshots.scr C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe c:\windows\system32\taskmg.exe C:\WINDOWS\System32\Services\{F8990378-5BB9-43FA-9F8E-6209020314D8}\SVCHOST.EXE C:\WINDOWS\System32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\n?lookup.exe C:\Program Files\Microsoft Office\Office10\EXCEL.EXE C:\WINDOWS\explorer.exe C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Downloads\hijackthis.exe O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{F8990378-5BB9-43FA-9F8E-6209020314D8}\SVCHOST.EXE O4 - HKLM\..\Run: [etbrun] c:\windows\system32\eliteovy32.exe O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe O4 - HKLM\..\RunOnce: [AAW] "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" "+b1" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {30985566-E01F-11D2-85DB-EA44DE000000} (IRTHMapDisplay Control) - http://irth.gaupc.com/irthInternet/IrthInt...HMapDisplay.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://irth.gaupc.com/IrthInternet/IrthInt...ry/mgaxctrl.cab O21 - SSODL: NTDBGTOOL - {79F78D5F-C860-4508-AD5C-E7A4E8548E3C} - C:\WINDOWS\System32\ven2dmin.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: Loading Outpost Connections (KDE) - Unknown owner - C:\WINDOWS\System32\cmdtel.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe Thanks!

don77 View Member Profile	Apr 19 2005, 09:57 AM Post #2
Malware Expert Posts: 18,682 From: Boston Ma. OS: XP Pro,ME, 98	Hi cghoenes and welcome Sorry for the late reply the board has been really busy lately, If your still looking to resolve this issue, Please run through all the steps outlined in this Topic Post back a fresh log when done please If you have resolved this issue please let us know. Thanks and again sorry for the late reply Don

cghoenes View Member Profile	May 3 2005, 06:12 AM Post #3
Member Posts: 11 OS: Windows XP Pro	Don, Thanks for the suggestions. I did fix the problem shortly after I posted my message. I went into safe mode and was able to delete some of the files that didn't seem to need to be there. Thanks for your feedback. Chris

don77 View Member Profile	May 3 2005, 10:03 AM Post #4
Malware Expert Posts: 18,682 From: Boston Ma. OS: XP Pro,ME, 98	would you care to post a fresh HJT log for a final review ? Thanks Don

« Next Oldest · Malware Removal - HijackThis� Logs Go Here · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Topic Title	Replies / Views	Topic Information
Malware Removal - HijackThis� Logs Go Here How Do I Get Rid of Antivirus 2009 [RESOLVED]	12 / 1,485	3rd July 2008 - 12:23 PM nlmullen started - last by Rorschach112
Malware Removal - HijackThis� Logs Go Here Redirected to Google ad manager pages...How do I get rid of this bugge	6 / 443	2nd August 2008 - 12:39 PM rm_tchr started - last by greyknight17
Windows Vista� and Windows 7� attn geeks need help. how do I get rid of the history of sites I went	1 / 160	19th August 2008 - 12:46 PM replytodan started - last by statictech
Malware Removal - HijackThis� Logs Go Here VUNDO (trojan) HOW DO I GET RID OF THIS?	0 / 86	22nd October 2008 - 02:11 AM thys started - last by thys