Logfile of HijackThis v1.98.2
Scan saved at 2:42:42, on 31-10-04
Platform: Windows 95 B (Win9x 4.00.1111)
MSIE: Internet Explorer v5.00 (5.00.2314.1000)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\MCAFEE\VSHWIN32.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
C:\PROGRAM FILES\MCAFEE\WEBSCANX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MCAFEE\VSSTAT.EXE
C:\WINDOWS\SYSTEM\CMMPU.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MCAFEE\AVCONSOL.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP OFFICEJET T SERIES 9X\BIN\HPOSTR05.EXE
C:\PROGRAM FILES\RABOTWIN\RABOCOMM\RABOSESSIONMON.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP OFFICEJET T SERIES 9X\BIN\HPOVDX05.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\tapiexe.exe
C:\PROGRAM FILES\ACDSEE32\ACDSEE32.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
F1 - win.ini: run=C:\WINDOWS\SYSTEM\cmmpu.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\stimon.exe
O4 - HKLM\..\Run: [AvconsoleEXE] C:\Program Files\McAfee\avconsol.exe /minimize
O4 - HKLM\..\Run: [VsStatEXE] C:\Program Files\McAfee\VSSTAT.EXE /SHOWWARNING
O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\MCAFEE\VSHWIN32.EXE
O4 - HKLM\..\Run: [CMESys] "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE"
O4 - HKLM\..\Run: [explorer] C:\WINDOWS\system32\explorer.exe -go -c28 -w
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\Run: [McAfeeWebScanX] C:\PROGRAM FILES\MCAFEE\WebScanX.Exe
O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\PROGRAM FILES\MCAFEE\VSHWIN32.EXE
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - HKLM\..\RunServices: [McAfeeWebScanX] C:\PROGRAM FILES\MCAFEE\WebScanX.Exe /RUNSERVICES
O4 - Startup: HP OfficeJet T Series Opstartmenu.lnk = C:\Program Files\Hewlett-Packard\HP OfficeJet T Series 9x\Bin\HPOstr05.exe
O4 - Startup: GStartup.lnk = C:\Program Files\Common Files\Microsoft Shared\Equation\EQNEDT32.EXE
O4 - Startup: PrecisionTime.lnk = C:\Program Files\PLUS!\CMPAGENT.EXE
O4 - Startup: Rabo Session Monitor.lnk = C:\Program Files\Rabotwin\RaboComm\RaboSessionMon.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .pdf;id=RES1;SSID=85c14ed879f629b605b4474a7fb67f72;search_for=de vijf sterren,almere: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O13 - WWW. Prefix: http://
O14 - IERESET.INF: SEARCH_PAGE_URL=http://home.microsoft.com/intl/nl/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.msn.nl
O14 - IERESET.INF: MS_START_PAGE_URL=http://www.msn.nl
O16 - DPF: {946B0485-8F8C-4C35-A6E7-D2115E3B0B4F} (HTMLAccess Class) - http://usa-download.nocreditcard.com/download/Object/DialerHTML/DHTMLAccess1042.cab
O16 - DPF: {D67280B0-CDE3-4AF1-A3E4-053862CFF113} (Opgave Gewaspercelen 2004 Produktie) - https://www.gewaspercelen.nl/interkom/app/InterkomClientProd.cab
O16 - DPF: {11111111-1111-1111-1111-111111113458} - file://C:\WINDOWS\Tempor~1\Content.IE5\2RAZ0PWL\explorer28[1].cab
Scan saved at 2:42:42, on 31-10-04
Platform: Windows 95 B (Win9x 4.00.1111)
MSIE: Internet Explorer v5.00 (5.00.2314.1000)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\MCAFEE\VSHWIN32.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
C:\PROGRAM FILES\MCAFEE\WEBSCANX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\MCAFEE\VSSTAT.EXE
C:\WINDOWS\SYSTEM\CMMPU.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MCAFEE\AVCONSOL.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP OFFICEJET T SERIES 9X\BIN\HPOSTR05.EXE
C:\PROGRAM FILES\RABOTWIN\RABOCOMM\RABOSESSIONMON.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP OFFICEJET T SERIES 9X\BIN\HPOVDX05.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\tapiexe.exe
C:\PROGRAM FILES\ACDSEE32\ACDSEE32.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
F1 - win.ini: run=C:\WINDOWS\SYSTEM\cmmpu.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\stimon.exe
O4 - HKLM\..\Run: [AvconsoleEXE] C:\Program Files\McAfee\avconsol.exe /minimize
O4 - HKLM\..\Run: [VsStatEXE] C:\Program Files\McAfee\VSSTAT.EXE /SHOWWARNING
O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\MCAFEE\VSHWIN32.EXE
O4 - HKLM\..\Run: [CMESys] "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE"
O4 - HKLM\..\Run: [explorer] C:\WINDOWS\system32\explorer.exe -go -c28 -w
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\Run: [McAfeeWebScanX] C:\PROGRAM FILES\MCAFEE\WebScanX.Exe
O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\PROGRAM FILES\MCAFEE\VSHWIN32.EXE
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - HKLM\..\RunServices: [McAfeeWebScanX] C:\PROGRAM FILES\MCAFEE\WebScanX.Exe /RUNSERVICES
O4 - Startup: HP OfficeJet T Series Opstartmenu.lnk = C:\Program Files\Hewlett-Packard\HP OfficeJet T Series 9x\Bin\HPOstr05.exe
O4 - Startup: GStartup.lnk = C:\Program Files\Common Files\Microsoft Shared\Equation\EQNEDT32.EXE
O4 - Startup: PrecisionTime.lnk = C:\Program Files\PLUS!\CMPAGENT.EXE
O4 - Startup: Rabo Session Monitor.lnk = C:\Program Files\Rabotwin\RaboComm\RaboSessionMon.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .pdf;id=RES1;SSID=85c14ed879f629b605b4474a7fb67f72;search_for=de vijf sterren,almere: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O13 - WWW. Prefix: http://
O14 - IERESET.INF: SEARCH_PAGE_URL=http://home.microsoft.com/intl/nl/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.msn.nl
O14 - IERESET.INF: MS_START_PAGE_URL=http://www.msn.nl
O16 - DPF: {946B0485-8F8C-4C35-A6E7-D2115E3B0B4F} (HTMLAccess Class) - http://usa-download.nocreditcard.com/download/Object/DialerHTML/DHTMLAccess1042.cab
O16 - DPF: {D67280B0-CDE3-4AF1-A3E4-053862CFF113} (Opgave Gewaspercelen 2004 Produktie) - https://www.gewaspercelen.nl/interkom/app/InterkomClientProd.cab
O16 - DPF: {11111111-1111-1111-1111-111111113458} - file://C:\WINDOWS\Tempor~1\Content.IE5\2RAZ0PWL\explorer28[1].cab
