Thread: HJT log, partypoker desktop??
- 06-06-2005 05:42 PM #1
HJT log, partypoker desktop??
lots of pop ups and a partypoker icon always appears on my desktop. and i cant use windows media player either....
All the help i can get is greatly appreciated! Thanks in advance!
Logfile of HijackThis v1.99.1
Scan saved at 4:38:29 PM, on 6/6/2005
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
D:\Micros\RES\POS\Bin\3700d.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
D:\Micros\RES\POS\Bin\DbUpdateServer.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\WINNT\System32\svchost.exe
D:\Micros\COMMON\Bin\CALSrv.exe
D:\Micros\COMMON\Bin\DSM.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
D:\Micros\RES\POS\Bin\ConnAdvisor.exe
D:\Micros\RES\POS\Bin\MDSHTTPService.exe
D:\Micros\COMMON\Bin\CMS.exe
D:\Micros\COMMON\Bin\ComScheduler.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
D:\Micros\COMMON\Bin\CMSC.exe
C:\WINNT\Explorer.EXE
D:\MICROS\res\pos\Bin\resdbs.exe
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLHOS~1.EXE
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLServiceHost.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
C:\WINNT\System32\WISPTIS.EXE
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Documents and Settings\micros\Desktop\HijackThis.exe
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: WinStat - {F007E221-018D-4baf-924A-B0E9092F3853} - C:\WINNT\System32\WinStat11.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1111503417\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [cyyg] C:\WINNT\System32\cyyg.exe
O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /cleanup
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O15 - Trusted Zone: http://www.neededware.com
O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.2.2.5...-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.1.5.2...-ob-assets.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.2.1.3...-ob-assets.cab
O16 - DPF: NDWCab - http://www.neededware.com/ndw2.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AFF11955-879E-43B7-BBFA-3BB2C58D2C46}: NameServer = 192.168.100.10
O20 - Winlogon Notify: PCANotify - C:\WINNT\SYSTEM32\PCANotify.dll
O23 - Service: MICROS 3700 System (3700d) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\3700d.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: MICROS Caller ID Service (CISERVICE) - MICROS Systems, Inc. - D:\Micros\RES\GSS\Bin\CIService.exe
O23 - Service: MICROS DB Update Service (DbUpdateServer) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\DbUpdateServer.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: MICROS Backup Server - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resbsm.exe
O23 - Service: MICROS CAL Service - Unknown owner - D:\Micros\COMMON\Bin\CALSrv.exe
O23 - Service: MICROS Database Service - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resdbs.exe
O23 - Service: MICROS Distributed Service Manager - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\DSM.exe
O23 - Service: MICROS Cash Management COM Server (MicrosCashManagementComServer) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMSC.exe
O23 - Service: MICROS Secure Desktop (MicrosDesk) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\MicrosDsk.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: sqlJON (SQLANYs_sqlJON) - Sybase, Inc. - D:\MICROS\DATABASE\SYBASE\Adaptive Server Anywhere 6.0\Win32\dbsrv6.exe
O23 - Service: MICROS Connection Advisor (srvConnAdvisor) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\ConnAdvisor.exe
O23 - Service: MICROS MDS HTTP Service (srvMDSHTTPService) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\MDSHTTPService.exe
O23 - Service: MICROS Cash Management (svcCashManager) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMS.exe
O23 - Service: MICROS LM COM Scheduler (svcCOMScheduler) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\ComScheduler.exe
- 06-08-2005 11:32 AM #2
- 06-08-2005 12:00 PM #3
- Join Date
- Jan 2003
- Posts
- 12,000
- Points
- 1191
While you are waiting for help run the on line scans that you were supposed too.
Cheers
- 06-08-2005 08:10 PM #4
Hi
As Basementgeek says...
Please run ALL the recommended programs from here :-
http://www.help2go.com/postt9709.html
Just running them, may correct your problem.... if it doesn't then please feel free to post an updated hijackthis log.
steam
- 06-09-2005 11:47 AM #5
Ran everything multiple times...thanks for the help
Logfile of HijackThis v1.99.1
Scan saved at 10:47:00 AM, on 6/9/2005
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
D:\Micros\RES\POS\Bin\3700d.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
D:\Micros\RES\POS\Bin\DbUpdateServer.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\WINNT\System32\svchost.exe
D:\Micros\COMMON\Bin\CALSrv.exe
D:\Micros\COMMON\Bin\DSM.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
D:\Micros\RES\POS\Bin\ConnAdvisor.exe
D:\Micros\RES\POS\Bin\MDSHTTPService.exe
D:\Micros\COMMON\Bin\CMS.exe
D:\Micros\COMMON\Bin\ComScheduler.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
D:\Micros\COMMON\Bin\CMSC.exe
C:\WINNT\Explorer.EXE
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLServiceHost.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
D:\MICROS\res\pos\Bin\resdbs.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\MICROS\DATABASE\SYBASE\Adaptive Server Anywhere 6.0\Win32\dbsrv6.exe
C:\Documents and Settings\micros\Desktop\HijackThis.exe
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: WinStat - {F007E221-018D-4baf-924A-B0E9092F3853} - C:\WINNT\System32\WinStat11.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1111503417\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [cyyg] C:\WINNT\System32\cyyg.exe
O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /cleanup
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O15 - Trusted Zone: http://www.neededware.com
O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.2.2.5...-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.1.5.2...-ob-assets.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.2.1.3...-ob-assets.cab
O16 - DPF: NDWCab - http://www.neededware.com/ndw2.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AFF11955-879E-43B7-BBFA-3BB2C58D2C46}: NameServer = 192.168.100.10
O20 - Winlogon Notify: PCANotify - C:\WINNT\SYSTEM32\PCANotify.dll
O23 - Service: MICROS 3700 System (3700d) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\3700d.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: MICROS Caller ID Service (CISERVICE) - MICROS Systems, Inc. - D:\Micros\RES\GSS\Bin\CIService.exe
O23 - Service: MICROS DB Update Service (DbUpdateServer) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\DbUpdateServer.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: MICROS Backup Server - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resbsm.exe
O23 - Service: MICROS CAL Service - Unknown owner - D:\Micros\COMMON\Bin\CALSrv.exe
O23 - Service: MICROS Database Service - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resdbs.exe
O23 - Service: MICROS Distributed Service Manager - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\DSM.exe
O23 - Service: MICROS Cash Management COM Server (MicrosCashManagementComServer) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMSC.exe
O23 - Service: MICROS Secure Desktop (MicrosDesk) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\MicrosDsk.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: sqlJON (SQLANYs_sqlJON) - Sybase, Inc. - D:\MICROS\DATABASE\SYBASE\Adaptive Server Anywhere 6.0\Win32\dbsrv6.exe
O23 - Service: MICROS Connection Advisor (srvConnAdvisor) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\ConnAdvisor.exe
O23 - Service: MICROS MDS HTTP Service (srvMDSHTTPService) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\MDSHTTPService.exe
O23 - Service: MICROS Cash Management (svcCashManager) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMS.exe
O23 - Service: MICROS LM COM Scheduler (svcCOMScheduler) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\ComScheduler.exe
- 06-09-2005 05:19 PM #6
Hi
Disconnect from the internet Close ALL browser windows (including this one) - run hijackthis and tick to fix (check the box next to) the list below.........when all are ticked (checked) click the Fix Checked button at the bottom. :-
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O2 - BHO: WinStat - {F007E221-018D-4baf-924A-B0E9092F3853} - C:\WINNT\System32\WinStat11.dll
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [cyyg] C:\WINNT\System32\cyyg.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O15 - Trusted Zone: http://www.neededware.com
O16 - DPF: NDWCab - http://www.neededware.com/ndw2.cab
Reboot then find and delete :-
C:\WINNT\System32\cyyg.exe ... file
C:\WINNT\System32\WinStat11.dll ... file
C:\Program Files\SurfSideKick 3 ... folder
reboot again and post a new hijackthis log
cheers
steam
- 06-09-2005 06:16 PM #7
Updated HJT Log:
Logfile of HijackThis v1.99.1
Scan saved at 5:16:30 PM, on 6/9/2005
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
D:\Micros\RES\POS\Bin\3700d.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
D:\Micros\RES\POS\Bin\DbUpdateServer.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\WINNT\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
D:\Micros\COMMON\Bin\CALSrv.exe
D:\Micros\COMMON\Bin\DSM.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
D:\MICROS\DATABASE\SYBASE\Adaptive Server Anywhere 6.0\Win32\dbsrv6.exe
D:\Micros\RES\POS\Bin\ConnAdvisor.exe
D:\Micros\RES\POS\Bin\MDSHTTPService.exe
D:\Micros\COMMON\Bin\CMS.exe
D:\Micros\COMMON\Bin\ComScheduler.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
D:\Micros\COMMON\Bin\CMSC.exe
C:\WINNT\Explorer.EXE
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLHOS~1.EXE
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\COMMON~1\AOL\111150~1\EE\AOLServiceHost.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
D:\MICROS\res\pos\Bin\resdbs.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Documents and Settings\micros\Desktop\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1111503417\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AFF11955-879E-43B7-BBFA-3BB2C58D2C46}: NameServer = 192.168.100.10
O20 - Winlogon Notify: PCANotify - C:\WINNT\SYSTEM32\PCANotify.dll
O23 - Service: MICROS 3700 System (3700d) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\3700d.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: MICROS Caller ID Service (CISERVICE) - MICROS Systems, Inc. - D:\Micros\RES\GSS\Bin\CIService.exe
O23 - Service: MICROS DB Update Service (DbUpdateServer) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\DbUpdateServer.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: MICROS Backup Server - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resbsm.exe
O23 - Service: MICROS CAL Service - Unknown owner - D:\Micros\COMMON\Bin\CALSrv.exe
O23 - Service: MICROS Database Service - MICROS Systems, Inc. - D:\MICROS\res\pos\Bin\resdbs.exe
O23 - Service: MICROS Distributed Service Manager - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\DSM.exe
O23 - Service: MICROS Cash Management COM Server (MicrosCashManagementComServer) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMSC.exe
O23 - Service: MICROS Secure Desktop (MicrosDesk) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\MicrosDsk.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: sqlJON (SQLANYs_sqlJON) - Sybase, Inc. - D:\MICROS\DATABASE\SYBASE\Adaptive Server Anywhere 6.0\Win32\dbsrv6.exe
O23 - Service: MICROS Connection Advisor (srvConnAdvisor) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\ConnAdvisor.exe
O23 - Service: MICROS MDS HTTP Service (srvMDSHTTPService) - MICROS Systems, Inc. - D:\Micros\RES\POS\Bin\MDSHTTPService.exe
O23 - Service: MICROS Cash Management (svcCashManager) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\CMS.exe
O23 - Service: MICROS LM COM Scheduler (svcCOMScheduler) - MICROS Systems, Inc. - D:\Micros\COMMON\Bin\ComScheduler.exe
- 06-09-2005 07:12 PM #8
Hi
To fix this :-
R3 - Default URLSearchHook is missing
1. Download this zip file to your desktop
2. http://www.help2go.com/modules.php?n...ownload&id=355
3. unzip to reveal a reg file, doubleclick on the reg file and say yes to merge with the registry...
The registry file will attempt to remove the URLSearchHook's registry key and then create it again, with the default URLSearchHook inside it. This is basically rebuilding the URLSearchHook's key entirely.
Re : Party poker... go to add remove programs in the Control panel and remove if there...
Your log's clean now...
Is your problem resolved ?
steam