It's Cyber Monday - fantastic 70% discount

Buy Now

Limited time offer:

03

Days

/

00

Hrs

/

04

Min

/

04

Sec

AIM Virus, Tried stickys

Posted 12/7/2005 9:46 PM
#24711
User avatar

Pmoney Member

Date Joined Nov 2016
Total Posts: 1
This is my log, on startup the Project 1 is in my Task list. <br/> <br/> <br/>Logfile of HijackThis v1.99.1 <br/>Scan saved at 4:38:17 PM, on 12/7/2005 <br/>Platform: Windows XP (WinNT 5.01.2600) <br/>MSIE: Internet Explorer v6.00 (6.00.2600.0000) <br/> <br/>Running processes: <br/>C:\WINDOWS\System32\smss.exe <br/>C:\WINDOWS\system32\winlogon.exe <br/>C:\WINDOWS\system32\services.exe <br/>C:\WINDOWS\system32\lsass.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe <br/>C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe <br/>C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe <br/>C:\WINDOWS\system32\LEXBCES.EXE <br/>C:\WINDOWS\system32\spoolsv.exe <br/>C:\WINDOWS\system32\LEXPPS.EXE <br/>C:\Program Files\ewido\security suite\ewidoctrl.exe <br/>C:\Program Files\ewido\security suite\ewidoguard.exe <br/>C:\Program Files\Norton AntiVirus\navapsvc.exe <br/>C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe <br/>C:\WINDOWS\System32\nvsvc32.exe <br/>D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe <br/>C:\WINDOWS\Explorer.EXE <br/>C:\Program Files\Symantec\LiveUpdate\AUpdate.exe <br/>C:\WINDOWS\System32\taskdrv32.exe <br/>C:\WINDOWS\System32\taskmgr.exe <br/>C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\UsrPrmpt.exe <br/>C:\PROGRA~1\MICROS~3\gcasServ.exe <br/>C:\PROGRA~1\Java\JRE15~1.0_0\bin\jusched.exe <br/>C:\WINDOWS\System32\RUNDLL32.EXE <br/>C:\PROGRA~1\COMMON~1\SYMANT~1\ccApp.exe <br/>C:\WINDOWS\System32\Rundll32.exe <br/>C:\PROGRA~1\VIEWPO~1\VIEWPO~2\ViewMgr.exe <br/>C:\PROGRA~1\LEXMAR~1\lxbfbmgr.exe <br/>c:\lsass.exe <br/>C:\PROGRA~1\LEXMAR~1\lxbfbmon.exe <br/>C:\Program Files\iPod\bin\iPodService.exe <br/>C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe <br/>C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE <br/>C:\DOCUME~1\PATRIC~1\Desktop\Stuff\HIJACK~1.EXE <br/> <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://myactv.net/ <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://myactv.net/ <br/>O1 - Hosts: 234.90.153.158 avp.com <br/>O1 - Hosts: 71.66.173.72 ca.com <br/>O1 - Hosts: 250.254.46.138 customer.symantec.com <br/>O1 - Hosts: 169.6.224.37 dispatch.mcafee.com <br/>O1 - Hosts: 120.66.115.228 download.mcafee.com <br/>O1 - Hosts: 237.182.245.111 downloads1.kaspersky-labs.com <br/>O1 - Hosts: 148.147.94.50 downloads2.kaspersky-labs.com <br/>O1 - Hosts: 190.95.80.141 downloads3.kaspersky-labs.com <br/>O1 - Hosts: 29.54.58.145 downloads4.kaspersky-labs.com <br/>O1 - Hosts: 113.213.130.220 downloads-eu1.kaspersky-labs.com <br/>O1 - Hosts: 164.216.74.249 downloads-eu2.kaspersky-labs.com <br/>O1 - Hosts: 8.230.19.65 downloads-eu3.kaspersky-labs.com <br/>O1 - Hosts: 240.201.54.158 downloads-eu4.kaspersky-labs.com <br/>O1 - Hosts: 22.140.145.77 downloads-us1.kaspersky-labs.com <br/>O1 - Hosts: 70.180.73.214 downloads-us2.kaspersky-labs.com <br/>O1 - Hosts: 236.173.5.113 downloads-us3.kaspersky-labs.com <br/>O1 - Hosts: 119.110.12.18 downloads-us4.kaspersky-labs.com <br/>O1 - Hosts: 145.124.34.189 f-secure.com <br/>O1 - Hosts: 74.85.23.238 ftp.avp.com <br/>O1 - Hosts: 17.88.81.54 ftp.ca.com <br/>O1 - Hosts: 45.63.210.74 ftp.customer.symantec.com <br/>O1 - Hosts: 149.197.11.182 ftp.dispatch.mcafee.com <br/>O1 - Hosts: 191.123.106.238 ftp.download.mcafee.com <br/>O1 - Hosts: 219.117.254.96 ftp.downloads1.kaspersky-labs.com <br/>O1 - Hosts: 157.215.164.207 ftp.downloads2.kaspersky-labs.com <br/>O1 - Hosts: 102.88.137.161 ftp.downloads3.kaspersky-labs.com <br/>O1 - Hosts: 12.74.2.209 ftp.downloads4.kaspersky-labs.com <br/>O1 - Hosts: 143.202.129.195 ftp.downloads-eu1.kaspersky-labs.com <br/>O1 - Hosts: 106.154.172.38 ftp.downloads-eu2.kaspersky-labs.com <br/>O1 - Hosts: 227.197.205.19 ftp.downloads-eu3.kaspersky-labs.com <br/>O1 - Hosts: 247.30.56.181 ftp.downloads-eu4.kaspersky-labs.com <br/>O1 - Hosts: 209.168.203.12 ftp.downloads-us1.kaspersky-labs.com <br/>O1 - Hosts: 229.137.52.26 ftp.downloads-us2.kaspersky-labs.com <br/>O1 - Hosts: 33.142.14.160 ftp.downloads-us3.kaspersky-labs.com <br/>O1 - Hosts: 191.209.13.170 ftp.downloads-us4.kaspersky-labs.com <br/>O1 - Hosts: 66.180.220.10 ftp.f-secure.com <br/>O1 - Hosts: 154.19.185.20 ftp.grisoft.com <br/>O1 - Hosts: 236.114.149.45 ftp.kaspersky.com <br/>O1 - Hosts: 32.24.62.5 ftp.kaspersky-labs.com <br/>O1 - Hosts: 135.190.207.135 ftp.liveupdate.symantec.com <br/>O1 - Hosts: 94.97.123.101 ftp.liveupdate.symantecliveupdate.com <br/>O1 - Hosts: 104.197.214.185 ftp.mast.mcafee.com <br/>O1 - Hosts: 108.199.206.168 ftp.mcafee.com <br/>O1 - Hosts: 221.15.111.145 ftp.my-etrust.com <br/>O1 - Hosts: 98.168.135.155 ftp.nai.com <br/>O1 - Hosts: 17.183.118.180 ftp.networkassociates.com <br/>O1 - Hosts: 25.169.30.92 ftp.norton.com <br/>O1 - Hosts: 170.180.66.76 ftp.rads.mcafee.com <br/>O1 - Hosts: 68.125.206.203 ftp.sandbox.norman.com <br/>O1 - Hosts: 212.43.95.76 ftp.secure.nai.com <br/>O1 - Hosts: 207.77.241.155 ftp.securityresponse.symantec.com <br/>O1 - Hosts: 136.88.26.195 ftp.sophos.com <br/>O1 - Hosts: 27.157.51.231 ftp.symantec.com <br/>O1 - Hosts: 35.131.84.188 ftp.symantecliveupdate.com <br/>O1 - Hosts: 249.85.12.97 ftp.symatec.com <br/>O1 - Hosts: 218.137.171.54 ftp.trendmicro.com <br/>O1 - Hosts: 139.196.24.137 ftp.uk.trendmicro-europe.com <br/>O1 - Hosts: 246.240.248.32 ftp.update.symantec.com <br/>O1 - Hosts: 217.72.52.123 ftp.updates.symantec.com <br/>O1 - Hosts: 93.144.146.237 ftp.updates1.kaspersky-labs.com <br/>O1 - Hosts: 210.120.113.71 ftp.updates2.kaspersky-labs.com <br/>O1 - Hosts: 236.199.104.61 ftp.updates3.kaspersky-labs.com <br/>O1 - Hosts: 14.225.207.218 ftp.updates4.kaspersky-labs.com <br/>O1 - Hosts: 47.64.107.7 ftp.us.mcafee.com <br/>O1 - Hosts: 220.92.84.128 ftp.viruslist.com <br/>O1 - Hosts: 206.201.69.93 grisoft.com <br/>O1 - Hosts: 46.97.232.225 kaspersky.com <br/>O1 - Hosts: 233.191.96.68 kaspersky-labs.com <br/>O1 - Hosts: 203.128.9.173 liveupdate.symantec.com <br/>O1 - Hosts: 41.123.67.146 liveupdate.symantecliveupdate.com <br/>O1 - Hosts: 210.91.69.53 mast.mcafee.com <br/>O1 - Hosts: 174.96.54.224 mcafee.com <br/>O1 - Hosts: 146.177.149.51 my-etrust.com <br/>O1 - Hosts: 211.112.61.144 nai.com <br/>O1 - Hosts: 167.7.243.12 networkassociates.com <br/>O1 - Hosts: 178.109.224.92 norton.com <br/>O1 - Hosts: 122.199.84.176 pandasoftware.com <br/>O1 - Hosts: 136.26.195.249 rads.mcafee.com <br/>O1 - Hosts: 123.16.94.0 sandbox.norman.com <br/>O1 - Hosts: 87.247.144.77 secure.nai.com <br/>O1 - Hosts: 60.245.0.76 securityresponse.symantec.com <br/>O1 - Hosts: 110.159.45.172 sophos.com <br/>O1 - Hosts: 208.231.83.92 symantec.com <br/>O1 - Hosts: 175.168.196.49 symantecliveupdate.com <br/>O1 - Hosts: 8.157.196.11 symatec.com <br/>O1 - Hosts: 46.34.34.151 trendmicro.com <br/>O1 - Hosts: 109.147.157.111 uk.trendmicro-europe.com <br/>O1 - Hosts: 26.20.87.185 update.symantec.com <br/>O1 - Hosts: 157.156.78.153 updates.symantec.com <br/>O1 - Hosts: 253.24.51.134 updates1.kaspersky-labs.com <br/>O1 - Hosts: 234.250.145.216 updates2.kaspersky-labs.com <br/>O1 - Hosts: 202.130.16.32 updates3.kaspersky-labs.com <br/>O1 - Hosts: 211.26.91.30 updates4.kaspersky-labs.com <br/>O1 - Hosts: 51.149.230.243 us.mcafee.com <br/>O1 - Hosts: 68.61.28.219 viruslist.com <br/>O1 - Hosts: 219.200.183.116 virusscan.jotti.org <br/>O1 - Hosts: 174.219.76.10 virustotal.com <br/>O1 - Hosts: 83.159.69.215 www.avp.com <br/>O1 - Hosts: 106.121.83.171 www.ca.com <br/>O1 - Hosts: 225.17.157.108 www.customer.symantec.com <br/>O1 - Hosts: 109.149.49.233 www.dispatch.mcafee.com <br/>O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll <br/>O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll <br/>O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll <br/>O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx <br/>O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup <br/>O4 - HKLM\..\Run: [nwiz] nwiz.exe /install <br/>O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit <br/>O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" <br/>O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe <br/>O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe" <br/>O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe <br/>O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer <br/>O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe <br/>O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe" <br/>O4 - HKLM\..\Run: [QuickTime Task] "C:\PROGRA~1\QUICKT~1\qttask.exe" -atboottime <br/>O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" <br/>O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe <br/>O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll <br/>O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll <br/>O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB <br/>O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133130301279 <br/>O17 - HKLM\System\CCS\Services\Tcpip\..\{D206E831-8F6C-4C4E-B6F6-54DABE299E7A}: NameServer = 24.89.0.22,24.89.0.21 <br/>O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe <br/>O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe <br/>O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe <br/>O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe <br/>O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe <br/>O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe <br/>O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe <br/>O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE <br/>O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe <br/>O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe <br/>O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe <br/>O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe <br/>O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe <br/>O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe <br/>O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe <br/>O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe <br/>O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe <br/> <br/>Please help me get this crap off my system! Thank you in advance
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, December 3, 2016, 10:57 PM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 3 new threads and 4 reply posts.

Who's online

This forum has 37,968 registered members. Please welcome our newest member, Old shape.
There are currently no users on-line.