Results 1 to 8 of 8
  1. #1
    Member Livewyr25's Avatar
    Join Date
    Jun 2005
    Posts
    4
    Points
    0

    Default HJT log, partypoker desktop??

    lots of pop ups and a partypoker icon always appears on my desktop. and i cant use windows media player either....

    All the help i can get is greatly appreciated! Thanks in advance!

    Logfile of HijackThis v1.99.1
    Scan saved at 4:38:29 PM, on 6/6/2005
    Platform: Windows 2000 SP3 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    D:\Micros\RES\POS\Bin\3700d.exe
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    C:\Program Files\Symantec\pcAnywhere\awhost32.exe
    D:\Micros\RES\POS\Bin\DbUpdateServer.exe
    C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
    C:\WINNT\System32\svchost.exe
    D:\Micros\COMMON\Bin\CALSrv.exe
    D:\Micros\COMMON\Bin\DSM.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    D:\Micros\RES\POS\Bin\ConnAdvisor.exe
    D:\Micros\RES\POS\Bin\MDSHTTPService.exe
    D:\Micros\COMMON\Bin\CMS.exe
    D:\Micros\COMMON\Bin\ComScheduler.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\inetsrv\inetinfo.exe
    D:\Micros\COMMON\Bin\CMSC.exe
    C:\WINNT\Explorer.EXE
    D:\MICROS\res\pos\Bin\resdbs.exe
    C:\WINNT\SOUNDMAN.EXE
    C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    c:\program files\mcafee.com\agent\mcagent.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLHOS~1.EXE
    C:\Program Files\NoAds\NoAds.exe
    C:\Program Files\AIM\aim.exe
    C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLServiceHost.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
    c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
    C:\WINNT\System32\WISPTIS.EXE
    C:\Program Files\America Online 9.0\waol.exe
    C:\Program Files\America Online 9.0\shellmon.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\Documents and Settings\micros\Desktop\HijackThis.exe

    R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: WinStat - {F007E221-018D-4baf-924A-B0E9092F3853} - C:\WINNT\System32\WinStat11.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1111503417\EE\AOLHostManager.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
    O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RMClient\JobHisInit.exe
    O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe
    O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
    O4 - HKLM\..\Run: [cyyg] C:\WINNT\System32\cyyg.exe
    O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /cleanup
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
    O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
    O15 - Trusted Zone: http://www.neededware.com
    O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.2.2.5...-ob-assets.cab
    O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.1.5.2...-ob-assets.cab
    O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.2.1.3...-ob-assets.cab
    O16 - DPF: NDWCab - http://www.neededware.com/ndw2.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{AFF11955-879E-43B7-BBFA-3BB2C58D2C46}: NameServer = 192.168.100.10
    O20 - Winlogon Notify: PCANotify - C:\WINNT\SYSTEM32\PCANotify.dll
    O23 - Service: MICROS 3700 System (3700d) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\3700d.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
    O23 - Service: MICROS Caller ID Service (CISERVICE) - MICROS Systems, Inc. - D:\Micros\RES\GSS\Bin\CIService.exe
    O23 - Service: MICROS DB Update Service (DbUpdateServer) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\DbUpdateServer.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
    O23 - Service: MICROS Backup Server - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resbsm.exe
    O23 - Service: MICROS CAL Service - Unknown owner - D:\Micros\COMMON\Bin\CALSrv.exe
    O23 - Service: MICROS Database Service - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resdbs.exe
    O23 - Service: MICROS Distributed Service Manager - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\DSM.exe
    O23 - Service: MICROS Cash Management COM Server (MicrosCashManagementComServer) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMSC.exe
    O23 - Service: MICROS Secure Desktop (MicrosDesk) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\MicrosDsk.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: sqlJON (SQLANYs_sqlJON) - Sybase, Inc. - D:\MICROS\DATABASE\SYBASE\Adaptive Server Anywhere 6.0\Win32\dbsrv6.exe
    O23 - Service: MICROS Connection Advisor (srvConnAdvisor) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\ConnAdvisor.exe
    O23 - Service: MICROS MDS HTTP Service (srvMDSHTTPService) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\MDSHTTPService.exe
    O23 - Service: MICROS Cash Management (svcCashManager) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMS.exe
    O23 - Service: MICROS LM COM Scheduler (svcCOMScheduler) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\ComScheduler.exe

  2. #2
    Member Livewyr25's Avatar
    Join Date
    Jun 2005
    Posts
    4
    Points
    0

    Default

    ::bump::

  3. #3
    Member
    Join Date
    Dec 2002
    Posts
    12,000
    Points
    1191

    Default

    While you are waiting for help run the on line scans that you were supposed too.

    Cheers

  4. #4
    Member steamwiz's Avatar
    Join Date
    Sep 2003
    Location
    Yorkshire U.K.
    Posts
    14,022
    Points
    2335

    Default

    Hi

    As Basementgeek says...

    Please run ALL the recommended programs from here :-

    http://www.help2go.com/postt9709.html

    Just running them, may correct your problem.... if it doesn't then please feel free to post an updated hijackthis log.

    steam
    Look here for Ways to keep your computer safe
    M'SOFT MVP -Windows Security 2004/8 .member ASAP -

  5. #5
    Member Livewyr25's Avatar
    Join Date
    Jun 2005
    Posts
    4
    Points
    0

    Default

    Ran everything multiple times...thanks for the help

    Logfile of HijackThis v1.99.1
    Scan saved at 10:47:00 AM, on 6/9/2005
    Platform: Windows 2000 SP3 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    D:\Micros\RES\POS\Bin\3700d.exe
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    C:\Program Files\Symantec\pcAnywhere\awhost32.exe
    D:\Micros\RES\POS\Bin\DbUpdateServer.exe
    C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
    C:\WINNT\System32\svchost.exe
    D:\Micros\COMMON\Bin\CALSrv.exe
    D:\Micros\COMMON\Bin\DSM.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    D:\Micros\RES\POS\Bin\ConnAdvisor.exe
    D:\Micros\RES\POS\Bin\MDSHTTPService.exe
    D:\Micros\COMMON\Bin\CMS.exe
    D:\Micros\COMMON\Bin\ComScheduler.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\inetsrv\inetinfo.exe
    D:\Micros\COMMON\Bin\CMSC.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\SOUNDMAN.EXE
    C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    c:\program files\mcafee.com\agent\mcagent.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLHOS~1.EXE
    C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLServiceHost.exe
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\Program Files\NoAds\NoAds.exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\America Online 9.0\waol.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    D:\MICROS\res\pos\Bin\resdbs.exe
    C:\Program Files\America Online 9.0\shellmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\MICROS\DATABASE\SYBASE\Adaptive Server Anywhere 6.0\Win32\dbsrv6.exe
    C:\Documents and Settings\micros\Desktop\HijackThis.exe

    R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: WinStat - {F007E221-018D-4baf-924A-B0E9092F3853} - C:\WINNT\System32\WinStat11.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1111503417\EE\AOLHostManager.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
    O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RMClient\JobHisInit.exe
    O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe
    O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [cyyg] C:\WINNT\System32\cyyg.exe
    O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /cleanup
    O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
    O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
    O15 - Trusted Zone: http://www.neededware.com
    O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.2.2.5...-ob-assets.cab
    O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.1.5.2...-ob-assets.cab
    O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.2.1.3...-ob-assets.cab
    O16 - DPF: NDWCab - http://www.neededware.com/ndw2.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{AFF11955-879E-43B7-BBFA-3BB2C58D2C46}: NameServer = 192.168.100.10
    O20 - Winlogon Notify: PCANotify - C:\WINNT\SYSTEM32\PCANotify.dll
    O23 - Service: MICROS 3700 System (3700d) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\3700d.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
    O23 - Service: MICROS Caller ID Service (CISERVICE) - MICROS Systems, Inc. - D:\Micros\RES\GSS\Bin\CIService.exe
    O23 - Service: MICROS DB Update Service (DbUpdateServer) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\DbUpdateServer.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
    O23 - Service: MICROS Backup Server - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resbsm.exe
    O23 - Service: MICROS CAL Service - Unknown owner - D:\Micros\COMMON\Bin\CALSrv.exe
    O23 - Service: MICROS Database Service - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resdbs.exe
    O23 - Service: MICROS Distributed Service Manager - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\DSM.exe
    O23 - Service: MICROS Cash Management COM Server (MicrosCashManagementComServer) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMSC.exe
    O23 - Service: MICROS Secure Desktop (MicrosDesk) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\MicrosDsk.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: sqlJON (SQLANYs_sqlJON) - Sybase, Inc. - D:\MICROS\DATABASE\SYBASE\Adaptive Server Anywhere 6.0\Win32\dbsrv6.exe
    O23 - Service: MICROS Connection Advisor (srvConnAdvisor) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\ConnAdvisor.exe
    O23 - Service: MICROS MDS HTTP Service (srvMDSHTTPService) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\MDSHTTPService.exe
    O23 - Service: MICROS Cash Management (svcCashManager) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMS.exe
    O23 - Service: MICROS LM COM Scheduler (svcCOMScheduler) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\ComScheduler.exe

  6. #6
    Member steamwiz's Avatar
    Join Date
    Sep 2003
    Location
    Yorkshire U.K.
    Posts
    14,022
    Points
    2335

    Default

    Hi

    Disconnect from the internet Close ALL browser windows (including this one) - run hijackthis and tick to fix (check the box next to) the list below.........when all are ticked (checked) click the Fix Checked button at the bottom. :-

    R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll

    O2 - BHO: WinStat - {F007E221-018D-4baf-924A-B0E9092F3853} - C:\WINNT\System32\WinStat11.dll

    O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
    O4 - HKLM\..\Run: [cyyg] C:\WINNT\System32\cyyg.exe

    O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe

    O15 - Trusted Zone: http://www.neededware.com

    O16 - DPF: NDWCab - http://www.neededware.com/ndw2.cab


    Reboot then find and delete :-

    C:\WINNT\System32\cyyg.exe ... file
    C:\WINNT\System32\WinStat11.dll ... file

    C:\Program Files\SurfSideKick 3 ... folder

    reboot again and post a new hijackthis log

    cheers

    steam
    Look here for Ways to keep your computer safe
    M'SOFT MVP -Windows Security 2004/8 .member ASAP -

  7. #7
    Member Livewyr25's Avatar
    Join Date
    Jun 2005
    Posts
    4
    Points
    0

    Default

    Updated HJT Log:

    Logfile of HijackThis v1.99.1
    Scan saved at 5:16:30 PM, on 6/9/2005
    Platform: Windows 2000 SP3 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    D:\Micros\RES\POS\Bin\3700d.exe
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    C:\Program Files\Symantec\pcAnywhere\awhost32.exe
    D:\Micros\RES\POS\Bin\DbUpdateServer.exe
    C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
    C:\WINNT\System32\svchost.exe
    c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
    D:\Micros\COMMON\Bin\CALSrv.exe
    D:\Micros\COMMON\Bin\DSM.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    D:\MICROS\DATABASE\SYBASE\Adaptive Server Anywhere 6.0\Win32\dbsrv6.exe
    D:\Micros\RES\POS\Bin\ConnAdvisor.exe
    D:\Micros\RES\POS\Bin\MDSHTTPService.exe
    D:\Micros\COMMON\Bin\CMS.exe
    D:\Micros\COMMON\Bin\ComScheduler.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\inetsrv\inetinfo.exe
    D:\Micros\COMMON\Bin\CMSC.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\SOUNDMAN.EXE
    C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
    c:\program files\mcafee.com\agent\mcagent.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLHOS~1.EXE
    C:\Program Files\NoAds\NoAds.exe
    C:\Program Files\AIM\aim.exe
    C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLServiceHost.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    D:\MICROS\res\pos\Bin\resdbs.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    C:\Documents and Settings\micros\Desktop\HijackThis.exe

    R3 - Default URLSearchHook is missing
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1111503417\EE\AOLHostManager.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
    O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RMClient\JobHisInit.exe
    O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{AFF11955-879E-43B7-BBFA-3BB2C58D2C46}: NameServer = 192.168.100.10
    O20 - Winlogon Notify: PCANotify - C:\WINNT\SYSTEM32\PCANotify.dll
    O23 - Service: MICROS 3700 System (3700d) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\3700d.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
    O23 - Service: MICROS Caller ID Service (CISERVICE) - MICROS Systems, Inc. - D:\Micros\RES\GSS\Bin\CIService.exe
    O23 - Service: MICROS DB Update Service (DbUpdateServer) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\DbUpdateServer.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
    O23 - Service: MICROS Backup Server - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resbsm.exe
    O23 - Service: MICROS CAL Service - Unknown owner - D:\Micros\COMMON\Bin\CALSrv.exe
    O23 - Service: MICROS Database Service - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resdbs.exe
    O23 - Service: MICROS Distributed Service Manager - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\DSM.exe
    O23 - Service: MICROS Cash Management COM Server (MicrosCashManagementComServer) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMSC.exe
    O23 - Service: MICROS Secure Desktop (MicrosDesk) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\MicrosDsk.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: sqlJON (SQLANYs_sqlJON) - Sybase, Inc. - D:\MICROS\DATABASE\SYBASE\Adaptive Server Anywhere 6.0\Win32\dbsrv6.exe
    O23 - Service: MICROS Connection Advisor (srvConnAdvisor) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\ConnAdvisor.exe
    O23 - Service: MICROS MDS HTTP Service (srvMDSHTTPService) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\MDSHTTPService.exe
    O23 - Service: MICROS Cash Management (svcCashManager) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMS.exe
    O23 - Service: MICROS LM COM Scheduler (svcCOMScheduler) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\ComScheduler.exe

  8. #8
    Member steamwiz's Avatar
    Join Date
    Sep 2003
    Location
    Yorkshire U.K.
    Posts
    14,022
    Points
    2335

    Default

    Hi

    To fix this :-

    R3 - Default URLSearchHook is missing

    1. Download this zip file to your desktop

    2. http://www.help2go.com/modules.php?n...ownload&id=355

    3. unzip to reveal a reg file, doubleclick on the reg file and say yes to merge with the registry...

    The registry file will attempt to remove the URLSearchHook's registry key and then create it again, with the default URLSearchHook inside it. This is basically rebuilding the URLSearchHook's key entirely.

    Re : Party poker... go to add remove programs in the Control panel and remove if there...

    Your log's clean now...

    Is your problem resolved ?

    steam
    Look here for Ways to keep your computer safe
    M'SOFT MVP -Windows Security 2004/8 .member ASAP -