Announcement

Collapse
No announcement yet.

Help me fix my dad's computer?

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Help me fix my dad's computer?

    His computer's been running extremely slow lately, so I ran hijackthis, and here's the log:

    Logfile of HijackThis v1.99.1
    Scan saved at 2:04:01 AM, on 6/11/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Running processes:
    CWINDOWS\System32\smss.exe
    CWINDOWS\system32\winlogon.exe
    CWINDOWS\system32\services.exe
    CWINDOWS\system32\lsass.exe
    CWINDOWS\system32\svchost.exe
    CWINDOWS\System32\svchost.exe
    CWINDOWS\system32\spoolsv.exe
    CPROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    CPROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    CProgram Files\Softex\OmniPass\Omniserv.exe
    CWINDOWS\System32\svchost.exe
    CProgram Files\Softex\OmniPass\OPXPApp.exe
    CWINDOWS\Explorer.EXE
    Cwindows\system\hpsysdrv.exe
    CWINDOWS\system32\hkcmd.exe
    CProgram Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
    CWINDOWS\System32\hphmon05.exe
    CHP\KBD\KBD.EXE
    CProgram Files\Multimedia Card Reader\shwicon2k.exe
    CWINDOWS\system32\igfxtray.exe
    CPROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    CPROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    CProgram Files\Spybot - Search & Destroy\TeaTimer.exe
    CProgram Files\2Wire Wireless\Client Manager\CMTWO.EXE
    CProgram Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    CPROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    CProgram Files\Hijackthis\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R3 - URLSearchHook: CnfSearch Class - {D7CD08F0-D691-11D8-9669-0800200C9A66} - cwindows\system32\ConfuSearch.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - CProgram Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - cProgram Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
    O4 - HKLM\..\Run: [hpsysdrv] cwindows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] CWINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [CamMonitor] cProgram Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
    O4 - HKLM\..\Run: [HPHUPD05] cProgram Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
    O4 - HKLM\..\Run: [HPHmon05] CWINDOWS\System32\hphmon05.exe
    O4 - HKLM\..\Run: [KBD] CHP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [AutoTKit] Chp\bin\AUTOTKIT.EXE
    O4 - HKLM\..\Run: [Recguard] CWINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE CWINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [Sunkist2k] CProgram Files\Multimedia Card Reader\shwicon2k.exe
    O4 - HKLM\..\Run: [PS2] CWINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [StorageGuard] "CProgram Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [IgfxTray] CWINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [AVG7_CC] CPROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] CPROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKLM\..\Run: [zzzHPSETUP] DSetup.exe
    O4 - HKLM\..\Run: [QuickTime Task] "CProgram Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [BackupNotify] cProgram Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] CProgram Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [Yahoo! Pager] "CPROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - Startup: spamsubtract.lnk.disabled
    O4 - Global Startup: 2Wire Wireless Client Manager.lnk = ?
    O4 - Global Startup: Adobe Gamma Loader.lnk = CProgram Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = CProgram Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Quicken Scheduled Updates.lnk.disabled
    O4 - Global Startup: Updates from HP.lnk.disabled
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - CWINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - CWINDOWS\System32\msjava.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - CProgram Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - CWINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - CProgram Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - CProgram Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - CProgram Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - CProgram Files\Messenger\msmsgs.exe
    O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubles.../usbaptest.cab
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1121011699109
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://69.226.94.42/activex/AxisCamControl.ocx
    O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9/dmcc2.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
    O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/1058625.exe
    O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
    O20 - Winlogon Notify: igfxcui - CWINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: OPXPGina - CProgram Files\Softex\OmniPass\opxpgina.dll
    O20 - Winlogon Notify: WgaLogon - CWINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - CPROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - CPROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - CProgram Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - CWINDOWS\System32\nvsvc32.exe
    O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - CProgram Files\Softex\OmniPass\Omniserv.exe
    Should any of this be removed?
    Last edited by Valkysas; 06-11-2006, 02:07 AM.



    Tags: None
    #2
    Re: Help me fix my dad's computer?

    That all looks pretty par for the course to me. These could be perfectly fine depending on what he has installed.

    A couple I would be curious about is
    CProgram Files\Softex\OmniPass\Omniserv.exe
    CProgram Files\Softex\OmniPass\OPXPApp.exe
    part of a security package

    CHP\KBD\KBD.EXE
    for editing keyboard

    CWINDOWS\system32\igfxtray.exe
    CWINDOWS\system32\hkcmd.exe
    intel graphics config programs

    CProgram Files\2Wire Wireless\Client Manager\CMTWO.EXE
    not sure but it's safe and might be part of some program he uses

    O4 - HKLM\..\Run: [KBD] CHP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [AutoTKit] Chp\bin\AUTOTKIT.EXE
    - HP config stuff

    O4 - HKLM\..\Run: [IgfxTray] CWINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    AC '97 software for onboard audio

    O4 - HKLM\..\Run: [zzzHPSETUP] DSetup.exe << This should likely be deleted though is probably not causing problems

    After googling these all of them are fine. Most of them are configuration programs for various things and some of them are important.

    Most of that looks fine, though it does seem he has a lot of tray services running (printer, webcam) but those shouldn't affect performance too much.

    A couple of things to try would be defragmenting, after seeing how much free disk space he has (15% is recommended).
    Then set the size of his page file to be static (min = max) (right click on My Computer, goto Properties -> Advanced Tab -> Performance Options), then set the page file size to be 1.5 times his actual memory (no less than 512MB).
    If he has a lot of memory he may want to look into changing the registry value for
    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\Disable Paging Executive
    And set this value to 1. It is default 0. This makes sure the kernel is never paged out to disk which can add some speed up. But it looks like his computer is pretty protected from both viruii and spyware as he has Spybot and the AVG anti-virus going. So there might be a few other tweaks he can try but if thats not working I'm not sure much else to suggest beyond getting better hardware, or seeing if his computer is getting to hot (and if he has thermal throtteling on, this would be in BIOS).
    Last edited by thetruecoolness; 06-11-2006, 02:41 AM.
    はじめまして。真(しん)の冷静(れいせい)です。どうぞよろしく。
    http://www.thetruecoolness.com/

    5198-2124-7210 Smash

    Comment

      #3
      Re: Help me fix my dad's computer?

      thanks. odd that you mention a webcam and a printer, as he doesnt have either.



      Comment

        #4
        Re: Help me fix my dad's computer?

        Just all the hp*** stuff is usually connected with those devices. I know I have a 2 or 3 process like that for my printer, of course since he has an HP computer it looks like that might be why. And I meant digital camera instead of webcam, with the Digital Imaging entries.
        Last edited by thetruecoolness; 06-11-2006, 02:48 AM.
        はじめまして。真(しん)の冷静(れいせい)です。どうぞよろしく。
        http://www.thetruecoolness.com/

        5198-2124-7210 Smash

        Comment

        Previous template Next
        Working...
        X