Jump to content

svchost.exe Hogging memory, itunes songs distorted, Hijack Log enclosed


translucentx

Recommended Posts

So something is eating away at my memory so badly that my entire pc lags, when i play mp3's through itunes it sounds like they are under water. So basically it sounds all skippy and distorted. Everything is lagging hard and I've ran every scanner known to man on here. I've searched so many forums for help and different scanners to use for different problems. Only things found were cookies. So someone please help me! I've enclosed my most recent Hijack this log.

Logfile of HijackThis v1.99.1

Scan saved at 4:56:58 PM, on 5/18/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSSYSTEM32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSExplorer.EXE

C:Program FilesCommon FilesSymantec SharedccProxy.exe

C:Program FilesCommon FilesSymantec SharedccSetMgr.exe

C:Program FilesNorton Internet SecurityISSVC.exe

C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe

C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe

C:WINDOWSSystem32wltrysvc.exe

C:WINDOWSSystem32bcmwltry.exe

C:WINDOWSsystem32LEXBCES.EXE

C:WINDOWSsystem32spoolsv.exe

C:WINDOWSsystem32LEXPPS.EXE

C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe

C:Program FilesNorton Internet SecurityNorton AntiVirusnavapsvc.exe

C:Program FilesDellNICCONFIGSVCNICCONFIGSVC.exe

C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe

C:WINDOWSsystem32svchost.exe

C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe

C:Program FilesRaxcoPerfectDiskPDSched.exe

C:WINDOWSsystem32wuauclt.exe

C:Program FilesCommon FilesSymantec SharedccApp.exe

C:Program FilesAIMaim.exe

C:WINDOWSsystem32ctfmon.exe

C:Program FilesMessengermsmsgs.exe

C:Documents and SettingsRynie Poo pooDesktopHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.dell4me.com/myway

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.yahoo.com/ext/search/search.html'>http://us.rd.yahoo.com/customize/ie/defaults/sb/wdgt3/*http://www.yahoo.com/ext/search/search.html

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/wdgt3/*http://www.yahoo.com

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/wdgt3/*http://www.yahoo.com

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.yahoo.com/ext/search/search.html'>http://us.rd.yahoo.com/customize/ie/defaults/sb/wdgt3/*http://www.yahoo.com/ext/search/search.html

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/wdgt3/*http://www.yahoo.com

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/

R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/wdgt3/*http://www.yahoo.com

R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.dell4me.com/myway

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:WINDOWSsystem32dlatfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06binssv.dll

O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:Program FilesCommon FilesSymantec SharedAdBlockingNISShExt.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton Internet SecurityNorton AntiVirusNavShExt.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:Program FilesCommon FilesSymantec SharedAdBlockingNISShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton Internet SecurityNorton AntiVirusNavShExt.dll

O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"

O4 - HKLM..Run: [symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer

O4 - HKCU..Run: [AIM] C:Program FilesAIMaim.exe -cnetwait.odl

O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MI1933~1Office10EXCEL.EXE/3000

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIMaim.exe

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1129690634390

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131660057328

O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

O16 - DPF: {77DD44BF-551D-4E3C-82CD-D637D5018D3C} - http://www.surveys.com/promptcast/Installs/SURVEYS.COM%20PROMPTCAST%20SETUP.cab

O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChatENU/TLIEFlash.CAB

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4764/mcfscan.cab

O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:Program FilesNorton Internet SecurityISSVC.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE

O23 - Service: Macromedia Licensing Service - Unknown owner - C:Program FilesCommon FilesMacromedia SharedServiceMacromedia Licensing.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton Internet SecurityNorton AntiVirusnavapsvc.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:Program FilesDellNICCONFIGSVCNICCONFIGSVC.exe

O23 - Service: PDEngine - Raxco Software, Inc. - C:Program FilesRaxcoPerfectDiskPDEngine.exe

O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:Program FilesRaxcoPerfectDiskPDSched.exe

O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton Internet SecurityNorton AntiVirusSAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:WINDOWSSystem32wltrysvc.exe

Link to comment
Share on other sites

  • 5 weeks later...
  • 2 weeks later...

Says Microsoft:

When you perform a manual or scheduled antivirus scan on a Microsoft Windows XP Service Pack 2 (SP2)-based computer, you may notice an increase in the number of open handles for the svchost.exe process.

This problem occurs because of a handle leak in the Windows Security Center service.

A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Only apply it to systems that are experiencing this specific problem.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the hotfix.

http://support.microsoft.com/contactus/?ws=support

sounds like an easy fix...might even try it myself   ;)

-JxL

Link to comment
Share on other sites

×
×
  • Create New...