Logfile of HijackThis v1.99.0
Scan saved at 12:16:50, on 2005-01-13
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINNT\explorer.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\PestPatrol\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\OpenOffice.org1.1\program\soffice.exe
C:\Program Files\Outlook Express\msimn.exe
\Mars\market\Market.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\OfficeScan Client\Pop3Trap.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\market\Pulpit\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://msaps.dll/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.leclerc.com.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = res://msaps.dll/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: MailTo Class - {FDE3577A-6254-181C-4E11-339E4F746BD3} - C:\WINNT\System32\wins32t.dll (file missing)
F2 - REG:system.ini: Shell=explorer.exe
O4 - HKLM…\Run: [synchronization Manager] mobsync.exe /logon
O4 - HKLM…\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM…\Run: [soundMAX] “C:\Program Files\Analog Devices\SoundMAX\Smax4.exe” /tray
O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM…\Run: [OfficeScanNT Monitor] “C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe” -HideWindow
O4 - HKLM…\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe
O4 - HKLM…\RunOnce: [KB837272] “C:\WINNT\INF\unregmp2.exe” /UpdateWMP
O4 - HKLM…\RunOnce: [MSPCLOCK] RUNDLL32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
O4 - HKLM…\RunOnce: [MSPQM] RUNDLL32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
O4 - HKLM…\RunOnce: [MSKSSRV] RUNDLL32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
O4 - HKLM…\RunOnce: [MPE0] rundll32.exe streamci,StreamingDeviceSetup {8E60217D-A2EE-47f8-B0C5-0F44C55F66DC},GLOBAL,{FD0A5AF4-B41D-11d2-9C95-00C04F7971E0},C:\WINNT\INF\mpe.inf,BDAcodec
O4 - HKLM…\RunOnce: [sTREAMIP0] rundll32.exe streamci,StreamingDeviceSetup {D84D449B-62FB-4ebb-B969-5183ED3DFB51},GLOBAL,{71985F4A-1CA1-11d3-9CC8-00C04F7971E0},C:\WINNT\INF\streamip.inf,BDAcodec
O4 - HKLM…\RunOnce: [sLIP0] rundll32.exe streamci,StreamingDeviceSetup {03884CB6-E89A-4deb-B69E-8DC621686E6A},GLOBAL,{FD0A5AF4-B41D-11d2-9C95-00C04F7971E0},C:\WINNT\INF\slip.inf,VBIcodec
O4 - HKLM…\RunOnce: [CCDECODE0] rundll32.exe streamci,StreamingDeviceSetup {562370a8-f8dd-11d2-bc64-00a0c95ec22e},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINNT\INF\CCDECODE.inf,CCDECODE.Interface.Install
O4 - HKLM…\RunOnce: [NABTSFEC0] rundll32.exe streamci,StreamingDeviceSetup {07DAD662-22F1-11d1-A9F4-00C04FBBDE8F},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINNT\INF\NABTSFEC.inf,NABTSFEC.Interface.Install
O4 - HKLM…\RunOnce: [WSTCODEC0] rundll32.exe streamci,StreamingDeviceSetup {70BC06E0-5666-11d3-A184-00105AEF9F33},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINNT\INF\WSTCODEC.inf,WSTCODEC.Interface.Install
O4 - HKCU…\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU…\Run: [Yupi] c:\progra~1\yupi\yupi.exe
O4 - HKCU…\Run: [FlyNotes.exe] “C:\Program Files\FlyNotes\FlyNotes.exe”
O4 - HKCU…\Run: [tapisys] C:\WINNT\System32\tss.exe
O4 - HKCU…\Run: [ie_org] C:\Program Files\Internet Organizer Pro 2\Ie_org_pro.EXE /run
O4 - HKCU…\Run: [Fryderyk 2004] C:\Program Files\Fryderyk 2004\fryderyk.exe
O4 - HKCU…\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKCU…\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKCU…\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1\program\quickstart.exe
O8 - Extra context menu item: Add to AD Hunter - C:\Program Files\Maxthon\config/blacklist.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MARKET
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MARKET
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = MARKET
O23 - Service: Ati HotKey Poller - Unknown - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - C:\WINNT\system32\ati2sgag.exe
O23 - Service: OfficeScanNT RealTime Scan - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: OracleOraHome81ClientCache - Unknown - C:\Oracle\Ora81\BIN\ONRSD.EXE
O23 - Service: OracleWebAssistant0 - Oracle Corporation - C:\Oracle\Ora81\BIN\OWASTSVR.EXE
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: OfficeScanNT Listener - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe