AIM Virus, Tried stickys

Posted 12/7/2005 9:46 PM
#24711
User avatar

Pmoney Member

Date Joined Nov 2016
Total Posts: 1
This is my log, on startup the Project 1 is in my Task list.


Logfile of HijackThis v1.99.1
Scan saved at 4:38:17 PM, on 12/7/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\WINDOWS\System32\taskdrv32.exe
C:\WINDOWS\System32\taskmgr.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\SECURI~1\UsrPrmpt.exe
C:\PROGRA~1\MICROS~3\gcasServ.exe
C:\PROGRA~1\Java\JRE15~1.0_0\bin\jusched.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\PROGRA~1\COMMON~1\SYMANT~1\ccApp.exe
C:\WINDOWS\System32\Rundll32.exe
C:\PROGRA~1\VIEWPO~1\VIEWPO~2\ViewMgr.exe
C:\PROGRA~1\LEXMAR~1\lxbfbmgr.exe
c:\lsass.exe
C:\PROGRA~1\LEXMAR~1\lxbfbmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\DOCUME~1\PATRIC~1\Desktop\Stuff\HIJACK~1.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://myactv.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://myactv.net/
O1 - Hosts: 234.90.153.158 avp.com
O1 - Hosts: 71.66.173.72 ca.com
O1 - Hosts: 250.254.46.138 customer.symantec.com
O1 - Hosts: 169.6.224.37 dispatch.mcafee.com
O1 - Hosts: 120.66.115.228 download.mcafee.com
O1 - Hosts: 237.182.245.111 downloads1.kaspersky-labs.com
O1 - Hosts: 148.147.94.50 downloads2.kaspersky-labs.com
O1 - Hosts: 190.95.80.141 downloads3.kaspersky-labs.com
O1 - Hosts: 29.54.58.145 downloads4.kaspersky-labs.com
O1 - Hosts: 113.213.130.220 downloads-eu1.kaspersky-labs.com
O1 - Hosts: 164.216.74.249 downloads-eu2.kaspersky-labs.com
O1 - Hosts: 8.230.19.65 downloads-eu3.kaspersky-labs.com
O1 - Hosts: 240.201.54.158 downloads-eu4.kaspersky-labs.com
O1 - Hosts: 22.140.145.77 downloads-us1.kaspersky-labs.com
O1 - Hosts: 70.180.73.214 downloads-us2.kaspersky-labs.com
O1 - Hosts: 236.173.5.113 downloads-us3.kaspersky-labs.com
O1 - Hosts: 119.110.12.18 downloads-us4.kaspersky-labs.com
O1 - Hosts: 145.124.34.189 f-secure.com
O1 - Hosts: 74.85.23.238 ftp.avp.com
O1 - Hosts: 17.88.81.54 ftp.ca.com
O1 - Hosts: 45.63.210.74 ftp.customer.symantec.com
O1 - Hosts: 149.197.11.182 ftp.dispatch.mcafee.com
O1 - Hosts: 191.123.106.238 ftp.download.mcafee.com
O1 - Hosts: 219.117.254.96 ftp.downloads1.kaspersky-labs.com
O1 - Hosts: 157.215.164.207 ftp.downloads2.kaspersky-labs.com
O1 - Hosts: 102.88.137.161 ftp.downloads3.kaspersky-labs.com
O1 - Hosts: 12.74.2.209 ftp.downloads4.kaspersky-labs.com
O1 - Hosts: 143.202.129.195 ftp.downloads-eu1.kaspersky-labs.com
O1 - Hosts: 106.154.172.38 ftp.downloads-eu2.kaspersky-labs.com
O1 - Hosts: 227.197.205.19 ftp.downloads-eu3.kaspersky-labs.com
O1 - Hosts: 247.30.56.181 ftp.downloads-eu4.kaspersky-labs.com
O1 - Hosts: 209.168.203.12 ftp.downloads-us1.kaspersky-labs.com
O1 - Hosts: 229.137.52.26 ftp.downloads-us2.kaspersky-labs.com
O1 - Hosts: 33.142.14.160 ftp.downloads-us3.kaspersky-labs.com
O1 - Hosts: 191.209.13.170 ftp.downloads-us4.kaspersky-labs.com
O1 - Hosts: 66.180.220.10 ftp.f-secure.com
O1 - Hosts: 154.19.185.20 ftp.grisoft.com
O1 - Hosts: 236.114.149.45 ftp.kaspersky.com
O1 - Hosts: 32.24.62.5 ftp.kaspersky-labs.com
O1 - Hosts: 135.190.207.135 ftp.liveupdate.symantec.com
O1 - Hosts: 94.97.123.101 ftp.liveupdate.symantecliveupdate.com
O1 - Hosts: 104.197.214.185 ftp.mast.mcafee.com
O1 - Hosts: 108.199.206.168 ftp.mcafee.com
O1 - Hosts: 221.15.111.145 ftp.my-etrust.com
O1 - Hosts: 98.168.135.155 ftp.nai.com
O1 - Hosts: 17.183.118.180 ftp.networkassociates.com
O1 - Hosts: 25.169.30.92 ftp.norton.com
O1 - Hosts: 170.180.66.76 ftp.rads.mcafee.com
O1 - Hosts: 68.125.206.203 ftp.sandbox.norman.com
O1 - Hosts: 212.43.95.76 ftp.secure.nai.com
O1 - Hosts: 207.77.241.155 ftp.securityresponse.symantec.com
O1 - Hosts: 136.88.26.195 ftp.sophos.com
O1 - Hosts: 27.157.51.231 ftp.symantec.com
O1 - Hosts: 35.131.84.188 ftp.symantecliveupdate.com
O1 - Hosts: 249.85.12.97 ftp.symatec.com
O1 - Hosts: 218.137.171.54 ftp.trendmicro.com
O1 - Hosts: 139.196.24.137 ftp.uk.trendmicro-europe.com
O1 - Hosts: 246.240.248.32 ftp.update.symantec.com
O1 - Hosts: 217.72.52.123 ftp.updates.symantec.com
O1 - Hosts: 93.144.146.237 ftp.updates1.kaspersky-labs.com
O1 - Hosts: 210.120.113.71 ftp.updates2.kaspersky-labs.com
O1 - Hosts: 236.199.104.61 ftp.updates3.kaspersky-labs.com
O1 - Hosts: 14.225.207.218 ftp.updates4.kaspersky-labs.com
O1 - Hosts: 47.64.107.7 ftp.us.mcafee.com
O1 - Hosts: 220.92.84.128 ftp.viruslist.com
O1 - Hosts: 206.201.69.93 grisoft.com
O1 - Hosts: 46.97.232.225 kaspersky.com
O1 - Hosts: 233.191.96.68 kaspersky-labs.com
O1 - Hosts: 203.128.9.173 liveupdate.symantec.com
O1 - Hosts: 41.123.67.146 liveupdate.symantecliveupdate.com
O1 - Hosts: 210.91.69.53 mast.mcafee.com
O1 - Hosts: 174.96.54.224 mcafee.com
O1 - Hosts: 146.177.149.51 my-etrust.com
O1 - Hosts: 211.112.61.144 nai.com
O1 - Hosts: 167.7.243.12 networkassociates.com
O1 - Hosts: 178.109.224.92 norton.com
O1 - Hosts: 122.199.84.176 pandasoftware.com
O1 - Hosts: 136.26.195.249 rads.mcafee.com
O1 - Hosts: 123.16.94.0 sandbox.norman.com
O1 - Hosts: 87.247.144.77 secure.nai.com
O1 - Hosts: 60.245.0.76 securityresponse.symantec.com
O1 - Hosts: 110.159.45.172 sophos.com
O1 - Hosts: 208.231.83.92 symantec.com
O1 - Hosts: 175.168.196.49 symantecliveupdate.com
O1 - Hosts: 8.157.196.11 symatec.com
O1 - Hosts: 46.34.34.151 trendmicro.com
O1 - Hosts: 109.147.157.111 uk.trendmicro-europe.com
O1 - Hosts: 26.20.87.185 update.symantec.com
O1 - Hosts: 157.156.78.153 updates.symantec.com
O1 - Hosts: 253.24.51.134 updates1.kaspersky-labs.com
O1 - Hosts: 234.250.145.216 updates2.kaspersky-labs.com
O1 - Hosts: 202.130.16.32 updates3.kaspersky-labs.com
O1 - Hosts: 211.26.91.30 updates4.kaspersky-labs.com
O1 - Hosts: 51.149.230.243 us.mcafee.com
O1 - Hosts: 68.61.28.219 viruslist.com
O1 - Hosts: 219.200.183.116 virusscan.jotti.org
O1 - Hosts: 174.219.76.10 virustotal.com
O1 - Hosts: 83.159.69.215 www.avp.com
O1 - Hosts: 106.121.83.171 www.ca.com
O1 - Hosts: 225.17.157.108 www.customer.symantec.com
O1 - Hosts: 109.149.49.233 www.dispatch.mcafee.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\PROGRA~1\QUICKT~1\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133130301279
O17 - HKLM\System\CCS\Services\Tcpip\..\{D206E831-8F6C-4C4E-B6F6-54DABE299E7A}: NameServer = 24.89.0.22,24.89.0.21
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Please help me get this crap off my system! Thank you in advance
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Sunday, April 30, 2017, 10:42 PM (GMT +2)
There are a total of 61,198 posts in 13,463 threads.
In the last 3 days there were 0 new threads and 4 reply posts.

Who's online

This forum has 38,021 registered members. Please welcome our newest member, kevint89.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.