Jump to content

Chuck Bonetti

Member
  • Content Count

    3
  • Joined

  • Last visited

About Chuck Bonetti

  • Rank
    Lunar Newbie

Personal Information

  • Country
    United States
  • OS
    Windows 7 Home Premium x64
  1. Sir, I am going to need you to raise on hand, flat palm, and proceed to use the other hand, flat palm, to strike it *high five yourself for being AWESOME That totally worked. I can't believe I forgot to check there. Nasty little bug that dosearches crap was. Now I'm going through and checking EVERYTHING
  2. Unfortunately I hadn't seen this prior to running those programs. I downloaded the kit on your website, which was helpful thanks, but dang DOSEARCHES is still haunting me. I have gone through IE AND CHROME thoroughly and still when they open they go straight to DOSEARCHES like the link below. The only thing I've read is a redirect registry change, but I was unable to find the key in my registry to delete. :( Webroot is redirecting it on IE at least it won't let it open, but it's still trying and chrome is just hopeless. Always opens to dosearches. DO NOT CLICK DO NOT CLICK DO NOT CLICK www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=sc&from=smt&uid=ST9500424AS_S2V0NBZ1XXXXS2V0NBZ1&ts=1381271071
  3. DOSEARCHES has invaded my computer!! Please help! Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 6:17:37 PM, on 10/9/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16686) Boot mode: Normal Running processes: C:UsersChuck BonettiAppDataRoamingSearch ProtectionSearchProtection.exe C:Program Files (x86)Common FilesJavaJava Updatejusched.exe C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe C:Program Files (x86)PlexPlex Media ServerPlex Media Server.exe C:Program Files (x86)PlexPlex Media ServerPlexDlnaServer.exe C:Program FilesWebrootWRSA.exe C:Program Files (x86)PlexPlex Media ServerPlexScriptHost.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)Common FilesAppleInternet ServicesAPSDaemon.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:UsersChuck BonettiDownloadsHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=hp&from=smt&uid=ST9500424AS_S2V0NBZ1XXXXS2V0NBZ1&ts=1381271071 R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = https://www.google.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=hp&from=smt&uid=ST9500424AS_S2V0NBZ1XXXXS2V0NBZ1&ts=1381271071 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=hp&from=smt&uid=ST9500424AS_S2V0NBZ1XXXXS2V0NBZ1&ts=1381271071 R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = O2 - BHO: IBM Forms Viewer Helper - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:Program Files (x86)IBMForms Viewer4.0PEhelper.dll O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:PROGRA~2MICROS~2Office14GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll O2 - BHO: (no name) - {8232785C-5C98-4A6E-B7B4-911FFBED7582} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:PROGRA~2MICROS~2Office14URLREDIR.DLL O2 - BHO: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:ProgramDataWRDatapkgLPBar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll O3 - Toolbar: Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:ProgramDataWRDatapkgLPBar.dll O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O4 - HKLM..Run: [WRSVC] "C:Program FilesWebrootWRSA.exe" -ul O4 - HKLM..Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" O4 - HKLM..Run: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" O4 - HKLM..Run: [WD Quick View] C:Program Files (x86)Western DigitalWD Quick ViewWDDMStatus.exe O4 - HKLM..Run: [bCSSync] "C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe" /DelayServices O4 - HKLM..Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" O4 - HKLM..Run: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe" O4 - HKCU..Run: [steam] "C:Program Files (x86)SteamSteam.exe" -silent O4 - HKCU..Run: [Facebook Update] "C:UsersChuck BonettiAppDataLocalFacebookUpdateFacebookUpdate.exe" /c /nocrashserver O4 - HKCU..Run: [searchProtection] "C:UsersChuck BonettiAppDataRoamingSearch ProtectionSearchProtection.EXE" /autostart O4 - HKCU..Run: [uTorrent] "C:UsersChuck BonettiAppDataRoaminguTorrentuTorrent.exe" /MINIMIZED O4 - HKCU..Run: [Plex Media Server] "C:Program Files (x86)PlexPlex Media ServerPlex Media Server.exe" O4 - HKCU..Run: [ApplePhotoStreams] C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe O4 - HKCU..Run: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun O4 - HKCU..Run: [sDP] C:UsersChuck BonettiAppDataLocalFilesFrog Update Checkerupdate_checker.exe /auto O4 - HKCU..Run: [browser Infrastructure Helper] C:UsersChuck BonettiAppDataLocalSmartbarApplicationQuickShare.exe startup O4 - HKCU..RunOnce: [FlashPlayerUpdate] C:WindowsSysWOW64MacromedFlashFlashUtil32_11_8_800_175_ActiveX.exe -update activex O4 - HKUSS-1-5-18..RunOnce: [sPReview] "C:WindowsSystem32SPReviewSPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS.DEFAULT..RunOnce: [sPReview] "C:WindowsSystem32SPReviewSPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: Facebook Messenger.lnk = Chuck BonettiAppDataLocalFacebookMessenger2.1.4814.0FacebookMessenger.exe O4 - Startup: ZooskMessenger.lnk = C:Program Files (x86)ZooskMessengerZooskMessenger.exe O4 - Global Startup: Install Webroot FF RunOnce.lnk = C:Program Files (x86)Common Fileswruninstall.exe O4 - Global Startup: Install Webroot IE RunOnce.lnk = C:Program Files (x86)Common Fileswruninstall.exe O9 - Extra button: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll O9 - Extra button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:ProgramDataWRDatapkgLPBar.dll O9 - Extra 'Tools' menuitem: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:ProgramDataWRDatapkgLPBar.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:Program Files (x86)Common FilesMicrosoft SharedOFFICE14MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:Windowssystem32atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WindowsSystem32lsass.exe (file missing) O23 - Service: FastFreeConverterUpdt - Unknown owner - C:Program Files (x86)Fast Free ConverterFastFreeConverterUpdt.exe (file missing) O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:Windowssystem32fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: Media Center Support Service (Jasmio.MediaCenter.Service) - Unknown owner - C:Program FilesJasmioMedia Center Support ServiceJasmio.MediaCenter.Service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:Program Files (x86)LogMeInx64LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:Program Files (x86)LogMeInx64RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:Program Files (x86)LogMeInx64LogMeIn.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing) O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing) O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing) O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:Program Files (x86)SkypeUpdaterUpdater.exe O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing) O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing) O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:Windowssystem32sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:Program Files (x86)Common FilesSupportSoftbinssrc.exe O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:Windowssystem32lsass.exe (file missing) O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing) O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing) O23 - Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:Windowssystem32WatWatAdminSvc.exe (file missing) O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:Windowssystem32wbengine.exe (file missing) O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:Program Files (x86)Western DigitalWD SmartWareWDBackupEngine.exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:Program Files (x86)Western DigitalWD Drive ManagerWDDriveService.exe O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing) O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing) O23 - Service: WRSVC - Webroot - C:Program FilesWebrootWRSA.exe -- End of file - 14253 bytes hijackthis.txt
×
×
  • Create New...