Logfile of HijackThis v1.99.0
Scan saved at 19:12:09, on 05–01–27
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2919.6304)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:PROGRAM FILESCOMMON FILESSYMANTEC SHAREDSYMTRAY.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:WINDOWSRUNDLL32.EXE
C:YDPDICTWATCH.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSOUNDMAN.EXE
C:PROGRAM FILESMYWEBSEARCHBAR1.BINMWSOEMON.EXE
C:WINDOWSSYSTEMQTTASK.EXE
C:PROGRAM FILESWINAMPWINAMPA.EXE
C:WINDOWSSYSTEM32CONFIGWINLOGON.EXE
C:PROGRAM FILESINTERNET OPTIMIZEROPTIMIZE.EXE
C:PROGRAM FILESSEDSED.EXE
C:PROGRAM FILESVBOUNCERVIRTUALBOUNCER.EXE
C:WINDOWSN20050308.EXE
C:WINDOWSWWYQGG.EXE
C:WINDOWSSYSTEM32CONFIGSVCHOST.EXE
C:WINDOWSMSMSGNCE.EXE
C:WINDOWSDANE APLIKACJIUCOA.EXE
C:WINDOWSSYSTEMREKVYP.EXE
C:PROGRAM FILESWINZIPWZQKPICK.EXE
C:PROGRAM FILESADDESTROYERADDESTROYER.EXE
C:PROGRAM FILESINTERNET OPTIMIZERACTALERT.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESGADU–GADUGG.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:PROGRAM FILESACD SYSTEMSACDSEEACDSEE.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSPULPITHIJACKTHIS.EXE

R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
R3 – URLSearchHook: (no name) – _{CA0E28FA–1AFD–4C21–A8DC–70EB5BE2F076} – (no file)
R3 – URLSearchHook: (no name) – {CA0E28FA–1AFD–4C21–A8DC–70EB5BE2F076} – C:PROGRAM FILESSURFSIDEKICK 2SSKBHO.DLL
F1 – win.ini: load=C:YDPDictwatch.exe
O1 – Hosts: 69.20.16.183 auto.search.msn.com
O1 – Hosts: 69.20.16.183 search.netscape.com
O1 – Hosts: 69.20.16.183 ieautosearch
O3 – Toolbar: My &Web Search – {07B18EA9–A523–4961–B6BB–170DE4475CCA} – C:PROGRAM FILESMYWEBSEARCHBAR1.BINMWSBAR.DLL
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – C:WINDOWSDOWNLOADED PROGRAM FILESGOOGLENAV.DLL
O3 – Toolbar: @msdxmLC.dll,–1@1045,&Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSYSTEMMSDXM.OCX
O4 – HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 – HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 – HKLM..Run: [internat.exe] internat.exe
O4 – HKLM..Run: [SystemTray] SysTray.Exe
O4 – HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM..Run: [SoundMan] soundman.exe
O4 – HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 – HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSSYSTEMhpztsb04.exe
O4 – HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1BAR1.BINMWSOEMON.EXE
O4 – HKLM..Run: [QuickTime Task] "C:WINDOWSSYSTEMQTTASK.EXE" –atboottime
O4 – HKLM..Run: [WinampAgent] "C:PROGRAM FILESWINAMPWINAMPa.exe"
O4 – HKLM..Run: [Service Control Process] C:WINDOWSsystem32configwinlogon.exe
O4 – HKLM..Run: [Internet Optimizer] "C:Program FilesInternet Optimizeroptimize.exe"
O4 – HKLM..Run: [SurfSideKick 2] C:PROGRAM FILESSURFSIDEKICK 2Ssk.exe
O4 – HKLM..Run: [SESync] "C:PROGRAM FILESSEDSED.EXE"
O4 – HKLM..Run: [VBouncer] C:PROGRA~1VBOUNCERVirtualBouncer.exe
O4 – HKLM..Run: [ntechin] C:WINDOWSN20050308.EXE
O4 – HKLM..Run: [Narrator] C:WINDOWSwwyqgg.exe
O4 – HKLM..Run: [Scheduler] C:WINDOWSSYSTEM32CONFIGSVCHOST.EXE
O4 – HKLM..Run: [zSPGuard] c:program filespjwspguardspguard.exe /s /r
O4 – HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 – HKLM..RunServices: [SymTray – Norton SystemWorks] C:Program FilesCommon FilesSymantec SharedSymTray.exe "Norton SystemWorks"
O4 – HKCU..Run: [Komunikator] C:PROGRAM FILESTLEN.PLTLEN.EXE
O4 – HKCU..Run: [Gadu–Gadu] "C:PROGRAM FILESGADU–GADUGG.EXE" /tray
O4 – HKCU..Run: [SurfSideKick 2] C:PROGRAM FILESSURFSIDEKICK 2Ssk.exe
O4 – HKCU..Run: [cmsound] c:windowsmsmsgnce.exe
O4 – HKCU..Run: [Twrb] C:WINDOWSDane aplikacjiucoa.exe
O4 – HKCU..Run: [Xtweygo] C:WINDOWSSYSTEM ekvyp.exe
O4 – HKCU..RunServices: [Komunikator] C:PROGRAM FILESTLEN.PLTLEN.EXE
O4 – HKCU..RunServices: [Gadu–Gadu] "C:PROGRAM FILESGADU–GADUGG.EXE" /tray
O4 – HKCU..RunServices: [SurfSideKick 2] C:PROGRAM FILESSURFSIDEKICK 2Ssk.exe
O4 – HKCU..RunServices: [cmsound] c:windowsmsmsgnce.exe
O4 – HKCU..RunServices: [Twrb] C:WINDOWSDane aplikacjiucoa.exe
O4 – HKCU..RunServices: [Xtweygo] C:WINDOWSSYSTEM ekvyp.exe
O4 – Startup: Power Project.lnk = C:Program FilesGadu–Gadugg.exe
O4 – Startup: WinZip Quick Pick.lnk = C:Program FilesWinZipWZQKPICK.EXE
O4 – Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O4 – Startup: AdDestroyer.lnk = C:Program FilesAdDestroyerAdDestroyer.exe
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 – Extra context menu item: &Google Search – res://C:WINDOWSDOWNLOADED PROGRAM FILESGOOGLENAV.DLL/cmsearch.html
O8 – Extra context menu item: Cac&hed Snapshot of Page – res://C:WINDOWSDOWNLOADED PROGRAM FILESGOOGLENAV.DLL/cmcache.html
O8 – Extra context menu item: Si&milar Pages – res://C:WINDOWSDOWNLOADED PROGRAM FILESGOOGLENAV.DLL/cmsimilar.html
O8 – Extra context menu item: Backward &Links – res://C:WINDOWSDOWNLOADED PROGRAM FILESGOOGLENAV.DLL/cmbacklinks.html
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O10 – Unknown file in Winsock LSP: c:windowssystemaklsp.dll
O10 – Unknown file in Winsock LSP: c:windowssystemaklsp.dll
O10 – Unknown file in Winsock LSP: c:windowssystemaklsp.dll
O10 – Unknown file in Winsock LSP: c:windowssystemaklsp.dll
O10 – Unknown file in Winsock LSP: c:windowssystemaklsp.dll
O10 – Unknown file in Winsock LSP: c:windowssystemaklsp.dll
O10 – Unknown file in Winsock LSP: c:windowssystemaklsp.dll
O14 – IERESET.INF: SEARCH_PAGE_URL=
O14 – IERESET.INF: START_PAGE_URL=
O15 – Trusted IP range: 213.159.117.202
O15 – Trusted IP range: 213.159.117.202 (HKLM)
O16 – DPF: {1D4DB7D2–6EC9–47A3–BD87–1E41684E07BB} – http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.6.cab
O16 – DPF: {6CB5E471–C305–11D3–99A8–000086395495} (Google Activate) – http://toolbar.google.com/data/pl/deleon/1.1.62–deleon/GoogleNav.cab
O16 – DPF: komentator – http://sport.onet.pl/komentator.cab
O16 – DPF: {79849612–A98F–45B8–95E9–4D13C7B6B35C} (Loader2 Control) – http://iframedollars.biz/tb/loader2.ocx
O16 – DPF: {9EB320CE–BE1D–4304–A081–4B4665414BEF} (MediaTicketsInstaller Control) – http://www.mt–download.com/MediaTicketsInstaller.cab?refid=2732
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O17 – HKLMSystemCCSServicesVxDMSTCP: Domain = cyberbajt.pl
O17 – HKLMSystemCCSServicesVxDMSTCP: NameServer = 194.204.159.1,194.204.152.34
O21 – SSODL: OLE Automation Module – {3F143C3A–1457–6CCA–03A7–7AA23B61E40F} – C:WINDOWSSYSTEMchild.dll
O21 – SSODL: Web Event Logger – {7EFBAEFF–EE02–1333–ABDF–416572E5D639} – C:WINDOWSSYSTEMLjkamb32.dll
O21 – SSODL: OLE Module – {0211C4D9–BC71–8916–38AD–9DEA5D213614} – C:WINDOWSSYSTEMchup.dll