Something just isn't right with this machine. After being online for a while the computer starts to lag and I've noticed about 4 svchost.exe programs running at once. This can't be right. Here's my logfile and running processes:
svchost.exe
LSass.exe
services.exe
CSRSS.exe
SMSS
Avsynmgr.exe
CDAL11BA.exe
CBRegCap.exe
CBlaunch.exe
regsvc.exe
vsnwin32.exe
VSStat.exe
mstask.exe
winmgmt.exe
McShield
svchost.exe
Avconsol.exe
alogserv.exe
Runlaunch.exe
QuickDCF
CBSystray.exe
SVChost.exe
Logfile of HijackThis v1.97.7
Scan saved at 12:07:00 PM, on 12/18/2003
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
F:\WINNT\System32\smss.exe
F:\WINNT\system32\winlogon.exe
F:\WINNT\system32\services.exe
F:\WINNT\system32\lsass.exe
F:\WINNT\system32\svchost.exe
F:\WINNT\system32\spoolsv.exe
F:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
F:\WINNT\System32\drivers\CDAC11BA.EXE
C:\Program Files\Connected\CBRegCap.EXE
C:\program files\Connected\CBlaunch.exe
F:\WINNT\System32\svchost.exe
F:\WINNT\system32\regsvc.exe
F:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
F:\WINNT\system32\MSTask.exe
F:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
F:\WINNT\System32\WBEM\WinMgmt.exe
F:\WINNT\system32\svchost.exe
F:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
F:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
F:\WINNT\Explorer.EXE
F:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
F:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
F:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
F:\Program Files\FinePixViewer\QuickDCF.exe
C:\program files\Connected\CBSysTray.exe
F:\Program Files\Handspring\HOTSYNC.EXE
F:\WINNT\System32\svchost.exe
F:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
F:\Program Files\Winamp\winamp.exe
F:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-AB2D-8D32436313D9} - F:\WINNT\bsx5.dll
O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - F:\Program Files\Kontiki\bin\bh309190.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx (disabled by BHODemon)
O2 - BHO: (no name) - {A85C4A1B-BD36-44E5-A70F-8EC347D9B24F} - F:\WINNT\bs3.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - F:\WINNT\System32\nzdd.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] F:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Alogserv] F:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [WinampAgent] "F:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [REGSHAVE] F:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE F:\WINNT\bs3.dll,DllRun
O4 - HKLM\..\Run: [bxsx5] RunDLL32.EXE F:\WINNT\bsx5.dll,DllRun
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "F:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - Startup: Connected TaskBar Icon.LNK = C:\program files\Connected\CBSysTray.exe
O4 - Startup: HotSync Manager.lnk = F:\Program Files\Handspring\HOTSYNC.EXE
O4 - Global Startup: Exif Launcher.lnk = F:\Program Files\FinePixViewer\QuickDCF.exe
O8 - Extra context menu item: &Google Search - res://F:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://F:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://F:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Get It With Kontiki - res://F:\Program Files\Kontiki\bin\bh309190.dll/201
O8 - Extra context menu item: Si&milar Pages - res://F:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://F:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: AIM (HKLM)
O10 - Unknown file in Winsock LSP: f:\winnt\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: f:\winnt\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: f:\winnt\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: f:\winnt\system32\inetadpt.dll
O12 - Plugin for .spop: F:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} -
Thank you for any help anyone can provide on this.
svchost.exe
LSass.exe
services.exe
CSRSS.exe
SMSS
Avsynmgr.exe
CDAL11BA.exe
CBRegCap.exe
CBlaunch.exe
regsvc.exe
vsnwin32.exe
VSStat.exe
mstask.exe
winmgmt.exe
McShield
svchost.exe
Avconsol.exe
alogserv.exe
Runlaunch.exe
QuickDCF
CBSystray.exe
SVChost.exe
Logfile of HijackThis v1.97.7
Scan saved at 12:07:00 PM, on 12/18/2003
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
F:\WINNT\System32\smss.exe
F:\WINNT\system32\winlogon.exe
F:\WINNT\system32\services.exe
F:\WINNT\system32\lsass.exe
F:\WINNT\system32\svchost.exe
F:\WINNT\system32\spoolsv.exe
F:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
F:\WINNT\System32\drivers\CDAC11BA.EXE
C:\Program Files\Connected\CBRegCap.EXE
C:\program files\Connected\CBlaunch.exe
F:\WINNT\System32\svchost.exe
F:\WINNT\system32\regsvc.exe
F:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
F:\WINNT\system32\MSTask.exe
F:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
F:\WINNT\System32\WBEM\WinMgmt.exe
F:\WINNT\system32\svchost.exe
F:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
F:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
F:\WINNT\Explorer.EXE
F:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
F:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
F:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
F:\Program Files\FinePixViewer\QuickDCF.exe
C:\program files\Connected\CBSysTray.exe
F:\Program Files\Handspring\HOTSYNC.EXE
F:\WINNT\System32\svchost.exe
F:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
F:\Program Files\Winamp\winamp.exe
F:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-AB2D-8D32436313D9} - F:\WINNT\bsx5.dll
O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - F:\Program Files\Kontiki\bin\bh309190.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx (disabled by BHODemon)
O2 - BHO: (no name) - {A85C4A1B-BD36-44E5-A70F-8EC347D9B24F} - F:\WINNT\bs3.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - F:\WINNT\System32\nzdd.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] F:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Alogserv] F:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [WinampAgent] "F:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [REGSHAVE] F:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE F:\WINNT\bs3.dll,DllRun
O4 - HKLM\..\Run: [bxsx5] RunDLL32.EXE F:\WINNT\bsx5.dll,DllRun
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "F:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - Startup: Connected TaskBar Icon.LNK = C:\program files\Connected\CBSysTray.exe
O4 - Startup: HotSync Manager.lnk = F:\Program Files\Handspring\HOTSYNC.EXE
O4 - Global Startup: Exif Launcher.lnk = F:\Program Files\FinePixViewer\QuickDCF.exe
O8 - Extra context menu item: &Google Search - res://F:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://F:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://F:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Get It With Kontiki - res://F:\Program Files\Kontiki\bin\bh309190.dll/201
O8 - Extra context menu item: Si&milar Pages - res://F:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://F:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: AIM (HKLM)
O10 - Unknown file in Winsock LSP: f:\winnt\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: f:\winnt\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: f:\winnt\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: f:\winnt\system32\inetadpt.dll
O12 - Plugin for .spop: F:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} -
Thank you for any help anyone can provide on this.
