Go Back  DVD Talk Forum > General Discussions > Tech Talk
Reload this Page >

System acting strange. HiJackThis log enclosed. Help requested

Tech Talk Discuss PC Hardware, Software, Internet and Other Technology

System acting strange. HiJackThis log enclosed. Help requested

Old 05-19-06, 07:14 PM
  #1  
Video Game Talk Reviewer
Thread Starter
 
Canis Firebrand's Avatar
 
Join Date: Dec 1999
Location: Formerly known as "Vryce"/Detroit, Michigan
Posts: 13,857
Likes: 0
Received 0 Likes on 0 Posts
System acting strange. HiJackThis log enclosed. Help requested

So, my laptop has been running weird lately.

I have a resource monitor that runs in the system tray. It notifies me that system resources are running low a number of times. I get a message at bootup, never have before.

I also get it when I have a browser window open and run outlook to check my email.

I have an HP laptop that has 512 meg of ram, running windows media edition.

I ran ad-aware and it found a few files in addition to the tracker cookies and normal type things it finds. One of the files was in a system restore file. I had it remove the files. then I disabled system restore and rebooted so that it removed the system restore files. When I run ad-aware, it has around 52 processes and 1800 process modules running that it mentions. The only program active is ad-aware, plus all the background things that run.

I ran spybot and had it remove the things it found.

I ran cwshredder and it did not find anything.

Here is my HiJackThis log.

Logfile of HijackThis v1.99.1
Scan saved at 11:52:04 PM, on 5/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\WinGrab\WinGrab.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Vryce\Desktop\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://h20239.www2.hp.com/techcenter...p_syscheck.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinGrab1.50.09] "C:\Program Files\WinGrab\WinGrab.exe" -Key Default
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=laptop
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h20278.www2.hp.com/HPISWeb/Cu...ataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1144805109373
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe



Any help is greatly appreacieated so that my laptop doesn't seem as sluggish and doesn't have those low system resource warnings. It is a newer laptop, bought it only 3 months ago. AMD Turion ML-32 processor.

Last edited by Canis Firebrand; 05-19-06 at 11:51 PM.
Old 05-20-06, 07:21 AM
  #2  
DVD Talk Limited Edition
 
Join Date: Feb 2002
Location: On the penis chair
Posts: 5,169
Likes: 0
Received 0 Likes on 0 Posts
I don't see anything particularly dangerous in your system. However, you do seems to have a lot of program running from startup. Try to remove some of them that you don't really need and see if it improves.

Edited to add: Also check how big your virtual memory is. With 512 Mb of RAM, a 1536 Mb of virtual memory is recommended.

Last edited by eedoon; 05-20-06 at 07:31 AM.
Old 05-20-06, 06:51 PM
  #3  
Video Game Talk Reviewer
Thread Starter
 
Canis Firebrand's Avatar
 
Join Date: Dec 1999
Location: Formerly known as "Vryce"/Detroit, Michigan
Posts: 13,857
Likes: 0
Received 0 Likes on 0 Posts
I upped my virtual memory to 1536. I also turned off a few of the fancy features of xp, things like scrolling menus.

Earlire today, I had firefox open with 3 tabs open to 3 websites. Nothing was going on on my laptop, and it was idle as I was playing on my 360.

I got 2 low system warnings in a row. Something odd is going on with it, that I am certain. Though I'm not sure what. Ad-aware and spybot both find noting. Ran AVG and did a full system scan and it found nothing.

I'm at a loss as to what is happening.
Old 05-21-06, 08:44 PM
  #4  
Cool New Member
 
Join Date: Sep 2005
Location: Longmeadow, MA
Posts: 24
Likes: 0
Received 0 Likes on 0 Posts
Did you grab all the necessary updates from Lavasoft, Grisoft, etc. before doing a full system scan?

Your log looks good, aside from things that you may not use, from where I sit.
Old 05-22-06, 07:27 AM
  #5  
Video Game Talk Reviewer
Thread Starter
 
Canis Firebrand's Avatar
 
Join Date: Dec 1999
Location: Formerly known as "Vryce"/Detroit, Michigan
Posts: 13,857
Likes: 0
Received 0 Likes on 0 Posts
Yep. Made sure to update everything before running the scans.
Old 05-22-06, 10:49 AM
  #6  
DVD Talk Limited Edition
 
Join Date: Feb 2002
Location: On the penis chair
Posts: 5,169
Likes: 0
Received 0 Likes on 0 Posts
If you press Ctrl + Alt + Del and go to the Performance tab, how much physical memory that is available and how much is in the system cache?

A normal computer usage should take 100-200 Mb of RAM - although currently I am using around 500 Mb (1.5 Gb of RAM available out of 2 Gb), but that's because I'm running some program in the background.

And oh, regardless of what the warning said, how's the performance of your PC, is it slower than it should be?
Old 05-23-06, 09:11 AM
  #7  
Video Game Talk Reviewer
Thread Starter
 
Canis Firebrand's Avatar
 
Join Date: Dec 1999
Location: Formerly known as "Vryce"/Detroit, Michigan
Posts: 13,857
Likes: 0
Received 0 Likes on 0 Posts
I'll check on that when I look at my system later on today.

It does seem slower then it should be, as its a new laptop with an AMD Mobile Turion ML-32 chip. The laptop specs say it runs at 1.8 GHz. When I view my system properties, it says 768MHz, 512 meg ram.

I thought that was quite odd as well. I'll ost the performance tab stuff later on.

Thanks though for the continued help, it is apprecieated.
Old 05-23-06, 10:41 AM
  #8  
Video Game Talk Reviewer
Thread Starter
 
Canis Firebrand's Avatar
 
Join Date: Dec 1999
Location: Formerly known as "Vryce"/Detroit, Michigan
Posts: 13,857
Likes: 0
Received 0 Likes on 0 Posts
Originally Posted by eedoon
If you press Ctrl + Alt + Del and go to the Performance tab, how much physical memory that is available and how much is in the system cache?

A normal computer usage should take 100-200 Mb of RAM - although currently I am using around 500 Mb (1.5 Gb of RAM available out of 2 Gb), but that's because I'm running some program in the background.

And oh, regardless of what the warning said, how's the performance of your PC, is it slower than it should be?
With just my system up, One firefox window and the task manager up, here is what my system reports.

CPU usage - ranged from 2% - 20% while watching for a minute.
PF Usage 329 MB
Totals Handles 10155
Threads 563
Processes 53

Physicak Memory (K)
Total 522416
Available 139156 (It varied between 139100 and 139300)
System ache 252732

Commit Charge (K)
Total 337004 (small flucuations)
Limit 2061516
Peak 345672

Kernal Memory (K)
Total 81044
Paged 65888
NonPaged 15196

Some small variances while I was watching the performance tab.

In my system properties tab, this is what it reports.

System
Microsoft Windows XP
Media Center Edition
Version 2002
Service Pack 2

Manufacture info:

HP
AMD Turion(tm) 64 Movile
Tehnology ML-32
1.79 GHz, 512 MB of RAM
Physical Address Extension.

I do know that last night, when I looked my processor speed said 768 MHz, I definetly thought that was odd, but today it says 1.79 GHz.
Old 05-23-06, 11:28 AM
  #9  
Member
 
Join Date: Dec 2002
Location: Maryland
Posts: 176
Likes: 0
Received 0 Likes on 0 Posts
Your processor is PowerNow enabled. Basically it's the same thing as Intel's SpeedStep technology. So it's possible that it was actually at 768 MHz at one point and 1.79 GHz at another depending on what you were using it for.
Old 05-23-06, 11:47 AM
  #10  
DVD Talk Limited Edition
 
Join Date: Feb 2002
Location: On the penis chair
Posts: 5,169
Likes: 0
Received 0 Likes on 0 Posts
I don't see anything strange with the memory usage. CPU usage shouldn't be on the 20% mark while it's on idle. You need to run a CPU intensive software to reach that kind of mark (such as watching DVD or photoshopping). I might be wrong but it could be your antiviruses and OEM software that eating up your resources. If this is the case, then this is normal.

But in case it isn't, do you made any software installation before the low system resource warning appear? Also you mention that Ad-aware found a few files as well as some cookies. I think the cookies are harmless, but what kind of file did Ad-aware find?

The CPU clock glitch is a little weird, but if the overall performance didn't change, I would guess that you can disregard it (unless if it keeps happening).
Old 05-24-06, 03:47 AM
  #11  
DVD Talk Special Edition
 
Join Date: Sep 1999
Location: Great White North. Take Off Eh! You hosers ....
Posts: 1,455
Likes: 0
Received 0 Likes on 0 Posts
Did you use services.msc to shutdown processes?
Old 05-24-06, 08:12 AM
  #12  
Video Game Talk Reviewer
Thread Starter
 
Canis Firebrand's Avatar
 
Join Date: Dec 1999
Location: Formerly known as "Vryce"/Detroit, Michigan
Posts: 13,857
Likes: 0
Received 0 Likes on 0 Posts
I can't recall the file that ad-aware found. It only found it in one of my system restore points. If it had found it in anothre place, I'd have been a bit more worried. I jsut disabled system restore and rebooted so that all the restore points were removed.
Then turned system restore back on.

Not sure what services.msc is. The only time I touch processes is using msconfig to take out items from auto starting at boot up. Or, if a program is hanging/acting werid. I end the process using the ctrl-alt-delete task manager menu.

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread

Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information

Copyright 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.