Thread: Infected
View Single Post
  #10 (permalink)  
Old 27-05-2005, 02:05 PM
Tib Tib is offline
Newbie
D-A-L Newbie
  
Join Date: Dec 2004
Posts: 14
Tib Is a beginner here at D-A-L
Re: Infected
Logfile of HijackThis v1.99.1
Scan saved at 15:04:29, on 2005-05-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\mssmmspgr.exe
D:\WINDOWS\atiptaxx.exe
D:\Program Files\Microsoft IntelliType Pro\type32.exe
D:\WINDOWS\system32\wuauclt.exe
D:\HJT\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.worldofwarcraft.com/
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,setup32. exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Media Access] D:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [Compaq Service Drivers] systeminfos.exe
O4 - HKLM\..\Run: [MSN MMISSENGER] mssmmspgr.exe
O4 - HKLM\..\Run: [ATIPTA] D:\WINDOWS\atiptaxx.exe
O4 - HKLM\..\Run: [type32] "D:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\RunServices: [Compaq Service Drivers] systeminfos.exe
O4 - HKLM\..\RunServices: [MSN MMISSENGER] mssmmspgr.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Compaq Service Drivers] systeminfos.exe
O4 - HKCU\..\RunServices: [Compaq Service Drivers] systeminfos.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Me...ridge-c139.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1117053644171
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = FOO
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = FOO
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Mouse Hardware Sync (mousehs) - Unknown owner - D:\WINDOWS\System32\mousehs.exe (file missing)

This is my new log.
Reply With Quote