MY HJT Log Computer really slowng down

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Eureka

Thread Starter
Joined
Dec 18, 2001
Messages
61
I know about Radmin on this computer I am fine with that and installed it myself. I use it for accessing my clients computers. But something in here is not right I mean what is all those Hosts with the IP numbers I know they are all email address's but thats never shown up before in a Hijack this log so why now? I also have a program called spy sweeper installed and recently updated it and those mail address's only appeared then. I do have those as email address as I answer emails on behalf of small business's but why they seem to be showing up I have no idea.


Logfile of HijackThis v1.99.1
Scan saved at 03:29:32, on 19/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\csrss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\System32\brsvc01a.exe
C:\WINXP\System32\brss01a.exe
C:\WINXP\system32\spoolsv.exe
C:\WINXP\Explorer.EXE
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\TEXTBR~2.0\Bin\INSTAN~1.EXE
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\WINXP\system32\crypserv.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\WINXP\vsnpstd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINXP\system32\drivers\dcfssvc.exe
C:\WINXP\system32\ctfmon.exe
C:\Program Files\Executive Software\Diskeeper Home Edition\DKService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINXP\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINXP\system32\devldr32.exe
C:\WINXP\system32\wdfmgr.exe
C:\WINXP\System32\alg.exe
C:\WINXP\System32\svchost.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\Adobe\Acrobat 4.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MailWasher Pro\MailWasher.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINXP\System32\wbem\wmiprvse.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 62.252.192.4:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost; 192.168.0.1;<local>
O1 - Hosts: 127.98.9.22 mail.swing2us.co.uk.b9
O1 - Hosts: 127.98.9.21 mail.eurekahosts.co.uk.b9
O1 - Hosts: 127.98.9.20 mail.jolys.net.b9
O1 - Hosts: 127.98.9.19 mail.linkscafe.co.uk.b9
O1 - Hosts: 127.98.9.18 mail.simplygay.biz.b9
O1 - Hosts: 127.98.9.17 mail.swing4us.com.b9
O1 - Hosts: 127.98.9.16 mail.mothers4justice.co.uk.b9
O1 - Hosts: 127.98.9.15 mail.magic105.net.b9
O1 - Hosts: 127.98.9.14 mail.bisexualswingers.co.uk.b9
O1 - Hosts: 127.98.9.13 mail.cum2night.com.b9
O1 - Hosts: 127.98.9.12 mail.crackersswingers.co.uk.b9
O1 - Hosts: 127.98.9.11 mail.partnerfinderireland.co.uk.b9
O1 - Hosts: 127.98.9.10 mail.swing2night.com.b9
O1 - Hosts: 127.98.9.9 mail.davinasden.co.uk.b9
O1 - Hosts: 127.98.9.8 mail.swing2us.net.b9
O1 - Hosts: 127.98.9.7 mail.sexyfiles.co.uk.b9
O1 - Hosts: 127.98.9.6 mail.missbehavin.co.uk.b9
O1 - Hosts: 127.98.9.5 mail.factni.co.uk.b9
O1 - Hosts: 127.98.9.4 mail.nidj.com.b9
O1 - Hosts: 127.98.9.3 mail.eurekahosts.com.b9
O1 - Hosts: 127.98.9.2 pop.ntlworld.com.b9
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~2.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~2.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [WinProxyRun] C:\PROGRA~1\OSITIS~1\WINPRO~1.0\WinProxy.exe /InstallWizard
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINXP\vsnpstd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~2.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [tr_winamp] C:\Program Files\Winamp\winamp.exe
O4 - HKCU\..\Run: [WPSched3] "C:\PROGRA~1\WEBPOS~3\wpsched3.exe" MINIMIZE
O4 - HKCU\..\Run: [b9] C:\Program Files\Firetrust\Benign\B9.exe /minimize
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: FreedomAudio - http://www.energy106.com/plugins/freedominstaller.cab
O16 - DPF: OttoAndIrisPlayR3 - http://www.ottoandiris.com/v4.0/OttoAndIrisPlayR3.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://64.124.45.181/downloads/ccpm_0237.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v43/yacscom.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/0154623f342445c6b016/netzip/RdxIE601.cab
O16 - DPF: {6FB9FE59-7D3B-483D-9909-C870BE5AFA1F} (DiskHealth Class) - http://www.pcpitstop.com/pcpitstop/diskhealth.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697517} (NsvPlayX Control) - http://www.xtreamip.com/plugins/nsvplayx_vp3_aac.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{9092CF34-2A58-4107-A5D0-B7B90C5BCA2C}: NameServer = 192.168.0.1
O20 - Winlogon Notify: PCANotify - C:\WINXP\SYSTEM32\PCANotify.dll
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINXP\System32\brsvc01a.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: FireDaemon Service: config (config) - Unknown owner - c:\windows\system32\mui\iro\FireDaemon.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINXP\SYSTEM32\crypserv.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINXP\system32\drivers\dcfssvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper Home Edition\DKService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: FireDaemon Service: secure (secure) - Unknown owner - c:\windows\system32\mui\iro\FireDaemon.EXE
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: FireDaemon Service: wins (wins) - Unknown owner - c:\windows\system32\mui\iro\FireDaemon.EXE
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top