0

I need to know which programs to disable at start up that I don't need. Could some please walk me through this step by step. Below is my running programs that start up:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Video ActiveX Access\iesmn.exe
C:\Program Files\Video ActiveX Access\imsmain.exe
C:\Program Files\WinAntiSpyware 2007\was7.exe
C:\Program Files\Common Files\WinAntiSpyware 2007\was7cw.exe
C:\Program Files\Common Files\WinAntiSpyware 2007 Free\uwasers.exe
C:\Program Files\Common Files\WinAntiSpyware 2007 Free\uwasdc.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Video ActiveX Access\imsmn.exe
C:\Program Files\Video ActiveX Access\iesmin.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Corel\WordPerfect Office 2000\Register\Remind32.exe
C:\Program Files\Corel\WordPerfect Office 2000\programs\alarm.exe
C:\Program Files\Corel\WordPerfect Office 2000\programs\dad9.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
C:\Program Files\WinAntiSpyware 2007\wasffNT.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

4
Contributors
11
Replies
12
Views
10 Years
Discussion Span
Last Post by gerbil
0

For a start you definitely don't want WinAntispyware 2007 - it IS actually spyware, a fake, and gives fake detections to lead you to purchase.! Video activeX is another baddie. Any pgm you do not use every time you turn on is not needed to start... Google toolbar - dyu use it much, or is it more of a space waste? Anyway, post the full log and let someone help you remove the bad gear. Don't be shy now... :)

0

I use RegCleaner for this purposes.
And delete all unknown program except Ctfmon.exe.
It is Language switcher.

0

I have listed the list above and that's what I need someone to tell me what things I don't need at start up and how to get them not to start up.

0

Here is my hijack log:

Logfile of HijackThis v1.99.1
Scan saved at 2:16:44 AM, on 5/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Corel\WordPerfect Office 2000\programs\dad9.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: America Online Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Desktop Application Director 9.LNK = C:\Program Files\Corel\WordPerfect Office 2000\programs\dad9.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hp officejet 4100 series.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10801} (FlyLoader Class) - http://www.flyword.com/loaderword_win.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1166873966468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166873944062
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: OPXPGina - C:\Program Files\Softex\OmniPass\opxpgina.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

0

Heya, tiff, do you like the microsoft home pages? if you do not want them then fix these:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
How about the google toolbar, it probably came with some other software you installed and missed de-selecting the toolbar. You can uninstall it from add/remove pgms.... and then fix these if they remain:
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
Java. Set this one to manual update [via control panel, java], and just remember to do it every month... the windows update icon appearing is a good reminder to me. I can see that yours is not working anyway, so update now, manually, and delete all old versions in add/remove pgms.
How often do you connect your camera? do it manually..
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
How often do you tweak your intel graphics? do it manually...
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
This one checks for HP software updates evry start up. Manually, once every couple months would do, really?
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
Do you use the tray button to connect to AOL? If so leave this one alone, otherwise fix it also:
O4 - Global Startup: America Online Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
This one fires up your printer software. Of course, it wiil start when you want to print something anyway, so it is unnecessary also:
O4 - Global Startup: hp officejet 4100 series.lnk = ?

That should cut a few things from your startup.. remember that you can start most pgms only when you need them from icons or Start pgms links... it all saves RAM.
cheers.

0

How do I disable from starting up when I start my computer and only use them when I need them. What about the other background processes that start up when I start my computer that I don't need how do I disable them aswell? I need step by step instructions because I don't know much about this.

0

I understand, tiffini. A lot of those processes in your list are needed, some are vital; the ones I listed can be removed if you so wish; to make the process a little clearer we'll go through them this way.... Note that when I say "fix them" I mean to place a checkmark against each particular entry in the Hijackthis scan report and then to press Fix Checked when you have finished. Hijackthis will then remove those entries from the startup catalog. But google toolbar etc can be removed via add/remove pgms, the java updater can be stopped via the java panel in control panel... I'll regroup everything so that the guide flows a little better.

The google toolbar, it probably came with some other software you installed and you missed de-selecting the toolbar. You can uninstall it from add/remove pgms.

Java. Like a lot of updaters the Java one works well if your pc happens to be connected when the schedule rolls around...so I set this one to manual update [via control panel, java], and just remember to do it every month... the windows update icon appearing is a good reminder to me. I can see that yours is not working anyway, so update now, manually, and delete all old versions in add/remove pgms, and then change the updater.

Now this next bunch I mean you to include in the fix list if you don't want them to run automatically; review each item, and place a checkmark against it if you don't want it. So start hijackthis, press Scan Only, and start checking... if something is no longer in the list then ignore it.

-Add these three Google entries if they are not wanted, that is, check them:
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

-How often do you connect your camera? You can start the pgm manually when you do... check this:
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE

-How often do you tweak your intel graphics? do it manually... check this
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe

This one checks for HP software updates every start up. Manually, once every couple months would do, really? So check this:
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

-This one fires up your printer software. Of course, it will start when you want to print something anyway, so it is unnecessary; check this:
O4 - Global Startup: hp officejet 4100 series.lnk = ?

-Do you use the tray button to connect to AOL? If so LEAVE this one alone, otherwise check it also:
O4 - Global Startup: America Online Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe

-And finally, do you like the microsoft home pages? if you do not want them then check these:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

Good. Now you should have several entries checked in that scan. Go ahead and press the Fix Checked button now. And if things turn out to be not what you want there is a backup file in hijackthis where you can later reverse the changes.
See how you go..

0

How do I go in and deselect them manually so that they are not deleted and I could use them when I need them?

0

Ah. Let me enlarge upon my guidances even more. The entries that I have given you are not actual programs, or processes, rather they are particular references in your registry which are instructing windows to start each actual process upon startup of Windows. Deleting these entries merely removes the start instruction, the process itself is untouched and remains available for you to start via a desktop icon or from Start > programs list, or by other means... think of an athlete in the blocks - you would be taking away the starter's gun, but the athlete would still be there ready to go when you umm... push him. Here I give you a complete entry instead of the window's shorthand:
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe becomes:
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe -that is an instruction in a certain area of your registry to start that process upon boot, independantly of who is the user. This next one is for you as the user, not necessarily for any other user:
O4 - HKCU\Software\Microsoft\Windows\CurrentVersion\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -once again, removing this registry entry only removes the auto startup instruction. You can still put an icon up on your desktop to start it manually [if you do not uninstall it via add/remove pgms].
To stop a process from autostarting you have to either remove these entries or change them so they are not read, which amounts to the same thing. You can rewrite them to registry manually, or simply by reinstalling the particular pgm.
I should mention that some pgms give you the option to remove the startup entry when you install, or sometimes later via a menu of choices. eg, java.
Does that help?

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.