Spybot S&D en Ad-Aware krijgen hem niet helemaal schoon. Ik zie nog minstens 1 trojan zitten en een pornodialer. Maar ik wil graag dat het goed wordt schoongemaakt, dus:

Logfile of HijackThis v1.99.0
Scan saved at 14:38:41, on 05-1-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\system32\crypserv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WT32EXE.EXE
C:\WINNT\System32\TBLMOUSE.EXE
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Admilli Service\AdmilliServ.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bundle.exe
C:\Program Files\Admilli Service\AdmilliKeep.exe
C:\WINNT\system32\internat.exe
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\system32\NOTEPAD.EXE
C:\WINNT\hh.exe
D:\download\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.leonbergers.nl/leonbergers.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina =
file:///C:/Program%20Files/MStartEnter/Portal/portal.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft
Internet Explorer aangeboden door @Home
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = proxy:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Koppelingen
O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} -
C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL
O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} -
C:\WINNT\system32\IEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe
SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Classes] C:\WINNT\system32\mstar2.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli
Service\AdmilliServ.exe
O4 - HKLM\..\Run: [SAHBundle] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bundle.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - Startup: reminder-ScanSoft Product Registration.lnk = C:\Program
Files\Caere\OmniPagePro90\EREG\REMIND32.EXE
O4 - Global Startup: Office Opstarten.lnk = C:\Program Files\Microsoft
Office\Office\OSA.EXE
O8 - Extra context menu item: Free Software - C:\Program Files\Cool Web
Scrollbars\hh.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINNT\System32\Shdocvw.dll
O16 - DPF: Yahoo! Chat -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/DownloadsUnlimited/ie/bridge-c284.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) -
http://www.kennelclub.nl/media/scripts/ScriptX.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio
Conferencing) -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry
Information Class) -
http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {DA28C54E-D95C-11D3-9A01-005004677EF4} (McAfee.com Component
Download Manager Class) -
http://download.mcafee.com/molbin/clinic/CDM/McCDM.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software
XUpload) - http://home.hetnet.nl/bb/XUpload.ocx
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4417/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://sc.communities.msn.com/controls/chat/msnchat45.cab
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
O23 - Service: Logical Disk Manager Administrative-service - VERITAS
Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Tablet Service - Aiptek - C:\WINNT\System32\WT32EXE.EXE
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. -
C:\WINNT\system32\ZoneLabs\vsmon.exe