Może rzuci ktos fahowym okiem na takowy log

[Arias]

Logfile of HijackThis v1.99.0Scan saved at 13:08:09, on 04-12-23Platform: Windows 98 SE (Win9x 4.10.2222A)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:WINDOWSSYSTEMKERNEL32.DLLC:WINDOWSSYSTEMMSGSRV32.EXEC:WINDOWSSYSTEMSPOOL32.EXEC:WINDOWSSYSTEMMPREXE.EXEC:PROGRAM FILESMKSBINNETMONSV.EXEC:WINDOWSAGRSMMSG.EXEC:WINDOWSSYSTEMmmtask.tskC:WINDOWSEXPLORER.EXEC:PROGRAM FILESMKSBINMKS_MON.EXEC:PROGRAM FILESMKSBINMKS_MENU.EXEC:PROGRAM FILESSAGEMSAGEM F@ST 800-840DSLMON.EXEC:PROGRAM FILESHEWLETT-PACKARDAIOHP OFFICEJET 5100 SERIESBINHPOANT07.EXEC:PROGRAM FILESHEWLETT-PACKARDAIOHP OFFICEJET 5100 SERIESFRUREMIND32.EXEC:WINDOWSSYSTEMRNAAPP.EXEC:WINDOWSSYSTEMTAPISRV.EXEC:PROGRAM FILESMKSBINMKS_SCAN.EXEC:PROGRAM FILESHEWLETT-PACKARDAIOSHAREDBINHPOEVM07.EXEC:WINDOWSSYSTEMHPOIPM07.EXEC:PROGRAM FILESHEWLETT-PACKARDAIOSHAREDBINHPOSTS07.EXEC:PROGRAM FILESHEWLETT-PACKARDAIOSHAREDBINHPOFXM07.EXEC:PROGRAM FILESGADU-GADUGG.EXEC:PROGRAM FILESODTWARZACZ MULTIMEDIALNYMPLAYER2.EXEC:WINDOWSSYSTEMDDHELP.EXEC:WINDOWSSYSTEMPSTORES.EXEC:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXEC:PROGRAM FILESHEWLETT-PACKARDHP SHARE-TO-WEBHPGS2WNF.EXEC:WINDOWSPULPITHIJACKTHISHIJACKTHIS.EXER1 - HKLMSoftwareMicrosoftInternet Explorer,SearchURL = about:blankR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://szukaj.wp.plR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.interia.pl/R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = www.interia.plR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = ŁączaO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:PROGRAM FILESADOBEACROBAT 6.0 CEREADERACTIVEXACROIEHELPER.DLLO2 - BHO: (no name) - {36B36ADC-80DE-434D-AE44-B4CA8E4D00D3} - (no file)O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHELPER.DLLO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCXO4 - HKLM..Run: [MKS_MON] C:Program FilesMKSBinmks_mon.exeO4 - HKLM..Run: [MKS_MENU] C:Program FilesMKSBinmks_menu.exeO4 - HKLM..Run: [autoclk] autoclk.exeO4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrSchemeO4 - HKLM..RunServices: [MksMailService] C:PROGRAM FILESMKSBINNETMONSV.EXEO4 - Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exeO4 - Startup: HPAiODevice(hp officejet 5100 series) - 1.lnk = C:Program FilesHewlett-PackardAiOhp officejet 5100 seriesBinhpoant07.exeO4 - Startup: Hewlett-Packard Recorder.lnk = C:Program FilesHewlett-PackardAiOhp officejet 5100 seriesFRURemind32.exeO6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions presentO6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel presentO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLLO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLLO16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - ms-its:mhtml:file://c:nosuxyz.mht!http://213.158.119.18/auto/loudtorg.chm::/bridge-c46.cab

Może nie tu ale lepszego działu nie znalazłem.

Z góry wielkie THX

[Kolobos]

Co do procesow to masz pare zbednych ale ogolnie wszystko ladnie :-)

A co do rejestru to tez masz pare zbednych i pare trojanow :P

 

Wywal to:

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:PROGRAM FILESADOBEACROBAT 6.0 CEREADERACTIVEXACROIEHELPER.DLL

O2 - BHO: (no name) - {36B36ADC-80DE-434D-AE44-B4CA8E4D00D3} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX

O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present

O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLL

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLL

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - ms-its:mhtml:file://c:nosuxyz.mht!http://213.158.119.18/auto/loudtorg.chm::/bridge-c46.cab <- virus ;-)