Hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 23:01:49, on 01-04-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Programmer\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programmer\Creative\Shared Files\CAMTRAY.EXE
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\MediaGateway\MediaGateway.exe
C:\programmer\zango\zango.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\System Files\System.exe
C:\Programmer\TPT Registry_Cleaner (Trial)\RegClean.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\DOCUME~1\THOMAS~1\LOKALE~1\Temp\Rar$EX00.452\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.eza1netsearch.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://web.hsit.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.msn.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: 219.178.204.182 avp.com
O1 - Hosts: 44.165.228.160 ca.com
O1 - Hosts: 91.230.167.164 customer.symantec.com
O1 - Hosts: 68.170.223.20 dispatch.mcafee.com
O1 - Hosts: 172.36.24.175 download.mcafee.com
O1 - Hosts: 187.244.243.212 downloads1.kaspersky-labs.com
O1 - Hosts: 17.235.122.167 downloads2.kaspersky-labs.com
O1 - Hosts: 98.193.136.221 downloads3.kaspersky-labs.com
O1 - Hosts: 66.70.109.120 downloads4.kaspersky-labs.com
O1 - Hosts: 111.51.130.5 downloads-eu1.kaspersky-labs.com
O1 - Hosts: 92.158.179.175 downloads-eu2.kaspersky-labs.com
O1 - Hosts: 199.180.72.79 downloads-eu3.kaspersky-labs.com
O1 - Hosts: 143.55.100.155 downloads-eu4.kaspersky-labs.com
O1 - Hosts: 32.243.151.84 downloads-us1.kaspersky-labs.com
O1 - Hosts: 38.162.233.241 downloads-us2.kaspersky-labs.com
O1 - Hosts: 228.228.53.47 downloads-us3.kaspersky-labs.com
O1 - Hosts: 214.84.211.141 downloads-us4.kaspersky-labs.com
O1 - Hosts: 247.217.93.5 f-secure.com
O1 - Hosts: 105.190.121.180 ftp.avp.com
O1 - Hosts: 191.170.19.144 ftp.ca.com
O1 - Hosts: 49.132.101.249 ftp.customer.symantec.com
O1 - Hosts: 128.106.179.74 ftp.dispatch.mcafee.com
O1 - Hosts: 71.49.155.33 ftp.download.mcafee.com
O1 - Hosts: 9.170.98.25 ftp.downloads1.kaspersky-labs.com
O1 - Hosts: 167.14.164.156 ftp.downloads2.kaspersky-labs.com
O1 - Hosts: 176.87.64.146 ftp.downloads3.kaspersky-labs.com
O1 - Hosts: 17.121.241.20 ftp.downloads4.kaspersky-labs.com
O1 - Hosts: 164.28.113.211 ftp.downloads-eu1.kaspersky-labs.com
O1 - Hosts: 186.94.140.6 ftp.downloads-eu2.kaspersky-labs.com
O1 - Hosts: 0.213.125.92 ftp.downloads-eu3.kaspersky-labs.com
O1 - Hosts: 92.44.149.107 ftp.downloads-eu4.kaspersky-labs.com
O1 - Hosts: 64.162.108.133 ftp.downloads-us1.kaspersky-labs.com
O1 - Hosts: 121.229.26.243 ftp.downloads-us2.kaspersky-labs.com
O1 - Hosts: 118.235.75.3 ftp.downloads-us3.kaspersky-labs.com
O1 - Hosts: 18.66.171.85 ftp.downloads-us4.kaspersky-labs.com
O1 - Hosts: 95.24.106.118 ftp.f-secure.com
O1 - Hosts: 139.219.218.157 ftp.grisoft.com
O1 - Hosts: 56.60.126.145 ftp.kaspersky.com
O1 - Hosts: 126.106.112.165 ftp.kaspersky-labs.com
O1 - Hosts: 238.96.129.71 ftp.liveupdate.symantec.com
O1 - Hosts: 68.22.0.5 ftp.liveupdate.symantecliveupdate.com
O1 - Hosts: 28.219.241.143 ftp.mast.mcafee.com
O1 - Hosts: 97.211.201.160 ftp.mcafee.com
O1 - Hosts: 80.181.85.187 ftp.my-etrust.com
O1 - Hosts: 51.85.105.196 ftp.nai.com
O1 - Hosts: 52.160.21.212 ftp.networkassociates.com
O1 - Hosts: 124.6.87.204 ftp.norton.com
O1 - Hosts: 111.251.164.17 ftp.rads.mcafee.com
O1 - Hosts: 178.152.57.226 ftp.sandbox.norman.com
O1 - Hosts: 102.111.251.213 ftp.secure.nai.com
O1 - Hosts: 39.169.2.68 ftp.securityresponse.symantec.com
O1 - Hosts: 203.142.94.73 ftp.sophos.com
O1 - Hosts: 247.106.98.160 ftp.symantec.com
O1 - Hosts: 244.15.242.118 ftp.symantecliveupdate.com
O1 - Hosts: 217.94.11.129 ftp.symatec.com
O1 - Hosts: 14.144.172.252 ftp.trendmicro.com
O1 - Hosts: 37.175.58.72 ftp.uk.trendmicro-europe.com
O1 - Hosts: 144.116.7.214 ftp.update.symantec.com
O1 - Hosts: 192.6.157.178 ftp.updates.symantec.com
O1 - Hosts: 149.191.7.170 ftp.updates1.kaspersky-labs.com
O1 - Hosts: 84.251.133.253 ftp.updates2.kaspersky-labs.com
O1 - Hosts: 108.150.156.168 ftp.updates3.kaspersky-labs.com
O1 - Hosts: 76.151.95.136 ftp.updates4.kaspersky-labs.com
O1 - Hosts: 139.191.67.133 ftp.us.mcafee.com
O1 - Hosts: 173.94.139.144 ftp.viruslist.com
O1 - Hosts: 73.59.254.248 grisoft.com
O1 - Hosts: 62.110.252.130 kaspersky.com
O1 - Hosts: 235.107.164.203 kaspersky-labs.com
O1 - Hosts: 116.49.37.74 liveupdate.symantec.com
O1 - Hosts: 5.73.109.3 liveupdate.symantecliveupdate.com
O1 - Hosts: 62.152.188.198 mast.mcafee.com
O1 - Hosts: 156.169.105.140 mcafee.com
O1 - Hosts: 22.236.76.62 my-etrust.com
O1 - Hosts: 48.151.171.131 nai.com
O1 - Hosts: 228.170.144.235 networkassociates.com
O1 - Hosts: 124.183.221.1 norton.com
O1 - Hosts: 185.115.170.153 pandasoftware.com
O1 - Hosts: 153.189.147.2 rads.mcafee.com
O1 - Hosts: 206.140.159.74 sandbox.norman.com
O1 - Hosts: 235.248.111.86 secure.nai.com
O1 - Hosts: 214.103.44.117 securityresponse.symantec.com
O1 - Hosts: 93.99.35.165 sophos.com
O1 - Hosts: 43.72.95.78 symantec.com
O1 - Hosts: 105.77.50.128 symantecliveupdate.com
O1 - Hosts: 187.241.15.162 symatec.com
O1 - Hosts: 121.16.15.4 trendmicro.com
O1 - Hosts: 206.224.25.67 uk.trendmicro-europe.com
O1 - Hosts: 22.88.125.11 update.symantec.com
O1 - Hosts: 34.30.113.254 updates.symantec.com
O1 - Hosts: 218.250.80.240 updates1.kaspersky-labs.com
O1 - Hosts: 64.154.4.42 updates2.kaspersky-labs.com
O1 - Hosts: 75.89.112.101 updates3.kaspersky-labs.com
O1 - Hosts: 193.158.99.64 updates4.kaspersky-labs.com
O1 - Hosts: 106.92.181.77 us.mcafee.com
O1 - Hosts: 72.203.76.133 viruslist.com
O1 - Hosts: 42.118.13.182 virusscan.jotti.org
O1 - Hosts: 90.37.244.198 virustotal.com
O1 - Hosts: 164.190.243.89 www.avp.com
O1 - Hosts: 131.178.43.39 www.ca.com
O1 - Hosts: 44.15.190.44 www.customer.symantec.com
O1 - Hosts: 201.174.201.112 www.dispatch.mcafee.com
O2 - BHO: Zango Search Assistant Helper - {56F1D444-11BF-4879-A12B-79CF0177F038} - c:\programmer\zango\zangohook.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll (file missing)
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [TV Now] C:\Programmer\HPQ\Notebook Utilities\TvNow.exe /RK
O4 - HKLM\..\Run: [Display Settings] C:\Programmer\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programmer\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programmer\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [Spyware Stormer] C:\Programmer\Spyware Stormer\SpywareStormer.Exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [The Ethernet] ethernet.exe
O4 - HKLM\..\Run: [RealJukeboxSystray] C:\Programmer\Real\RealJukebox\tsystray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MediaGateway] C:\Programmer\MediaGateway\MediaGateway.exe
O4 - HKLM\..\Run: [zango] "c:\programmer\zango\zango.exe"
O4 - HKLM\..\Run: [pmbyrid] C:\WINDOWS\pmbyrid.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [The Ethernet] ethernet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [The Ethernet] ethernet.exe
O4 - HKCU\..\Run: [CAS2] "C:\Programmer\System Files\System.exe"
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Programmer\TPT Registry_Cleaner (Trial)\RegClean.exe"
O4 - HKCU\..\RunServices: [The Ethernet] ethernet.exe
O4 - Startup: WkCalRem.LNK = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/WebsiteAccess/ie/bridge-c9.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversFWBInitialSetup1.0.0.8.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) - http://adserver.sharewareonline.com/adserver/Install.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab
O16 - DPF: {A1A961DA-2BA6-4032-859E-01AC35357163} (One2One Viewer) - http://www.one2one.com/static/class/one2one.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B7E76C25-791F-432E-BDB7-748D01A93FC2} (VacPro.int_ver30) - http://advnt01.com/dialer/int_ver30.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE54} (GDIbho) - http://domeny.do.of.pl/gdibho10.ocx
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} (VacPro.internazionale_ver11) - http://advnt01.com/dialer/internazionale_ver11.CAB
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DAB941D8-BC94-4819-AB4D-5598C65FA3FE} (iiittt Class) - http://tb.searchitquick.com/v30/siq.cab
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) - http://www.123hjemmeside.dk/builder/pages/KvikFoto.CAB
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lobby/searchsettings.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {8253D547-38DD-4325-B35A-F1817EDFA5F5} - C:\Programmer\System Files\plugin.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Ethernet Service (EthernetService) - Unknown owner - C:\WINDOWS\SYSTEM32\ethernet.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Programmer\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe