Logfile of HijackThis v1.97.7
Scan saved at 17:11:51, on 25-12-04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\IP INSIGHT\ARMON32A.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\CMMPU.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\PREVENTON\PERSONAL FIREWALL\PFWALL.EXE
C:\WINDOWS\TEMP\~EF7194.TMP
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\DESKTOP\STIJN\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.nl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
= about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.planet.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = proxy.planet.nl:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = reg.planet.nl;<local>
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina =
file:///C:/Program%20Files/Plus18Point/Portal/portal.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
= Koppelingen
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
about:blank
F1 - win.ini: run=C:\WINDOWS\SYSTEM\cmmpu.exe hpfsched
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [Taakcontrole] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent]
C:\WINDOWS\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [AccessRampMonitor 01] "C:\PROGRAM FILES\IP
INSIGHT\ARMon32a.exe"
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O4 - Startup: Preventon Personal Firewall.lnk = C:\Program
Files\Preventon\Personal Firewall\PFwall.exe
O12 - Plugin for .mov: C:\PROGRA~1\Intern~1\PLUGINS\npqtplugin.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.msn.nl
O14 - IERESET.INF: MS_START_PAGE_URL=http://www.msn.nl
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {713AE1D4-897C-11D2-B2A0-00C04F94B4D5} (WUCorpSuppControl
Class) - http://corporate.windowsupdate.microsoft.com/en/wucorpct.CAB
O16 - DPF: {A51DEDCD-20F7-11D4-98A5-00C0CA130748} -
http://www.tintel.nl/download/tcw.cab
O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} (MSN Chat Control
4.0) - http://fdl.msn.com/public/chat/msnchat4.cab