[tdr2009]

Whenever i shutdown it says stopping services... for a long time.
Whenever i log on it says Please wait for the user profile service... then Preparing your desktop...

I dont know how to fix it

Maybe a reinstall of my windows will work but i dont have nothing to do it with

And i have Windows Vista Home Basic 32 Bit

and AMD Athlon 64 Processor

[stormfish]

Download this run the program and post the log don't fix anything. http://download.cnet.com/Trend-Micro...-10227353.html

[tdr2009]

Quote:

Originally Posted by stormfish

Download this run the program and post the log don't fix anything. http://download.cnet.com/Trend-Micro...-10227353.html

Logfile of Trend Micro

HijackThis v2.0.2
Scan saved at 12:22:34 AM, on

7/17/2009
Platform: Windows Vista SP2

(WinNT 6.00.1906)
MSIE: Internet Explorer v7.00

(7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32

\winlogon.exe
C:\Windows\system32

\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32

\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32

\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Browser

Defender\BDTUpdateService.exe
C:\Program Files\NewTech

Infosystems\NTI Backup Now 5

\Client\Agentsvc.exe
C:\Acer\Empowering

Technology\eDataSecurity\eDSSer

vice.exe
C:\Acer\Empowering

Technology\eLock\Service\eLockS

erv.exe
C:\ACER\Empowering

Technology\eNet\eNet

Service.exe
C:\Program Files\Common

Files\LightScribe\LSSrvc.exe
C:\Windows\system32

\lxcgcoms.exe
C:\Acer\Mobility

Center\MobilityService.exe
C:\Program Files\NewTech

Infosystems\NTI Backup Now 5

\BackupSvc.exe
C:\Program Files\NewTech

Infosystems\NTI Backup Now 5

\SchedulerSvc.exe
C:\Program Files\PC Tools

Internet Security\pctsAuxs.exe
C:\Program Files\PC Tools

Internet Security\pctsSvc.exe
C:\Program Files\PC Tools

Internet Security\pctsTray.exe
C:\Program

Files\Microsoft\Search

Enhancement

Pack\SeaPort\SeaPort.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32

\SearchIndexer.exe
C:\Acer\Empowering

Technology\eSettings\Service\ca

puserv.exe
C:\Acer\Empowering

Technology\ePower\ePowerSvc.exe
C:\Windows\system32

\wbem\wmiprvse.exe
C:\Windows\system32

\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\PC Tools

Internet

Security\TFEngine\TFService.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ATI

Technologies\ATI.ACE\Core-

Static\MOM.exe
C:\Program

Files\Synaptics\SynTP\SynTPEnh.

exe
C:\Program Files\Launch

Manager\LManager.exe
C:\ACER\Empowering

Technology\eDataSecurity\eDSloa

der.exe
C:\ACER\Empowering

Technology\eLock\autolockproces

s\AutoLockProcess.exe
C:\Users\travis\AppData\Local\T

empImages\sdd1035.exe
C:\Acer\Empowering

Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering

Technology\EPOWER\EPOWER_DMC.EX

E
C:\Acer\Empowering

Technology\ACER.EMPOWERING.FRAM

EWORK.SUPERVISOR.EXE
C:\Users\travis\AppData\Local\T

emp\RtkBtMnt.exe
C:\Windows\system32

\wbem\wmiprvse.exe
C:\Program Files\ATI

Technologies\ATI.ACE\Core-

Static\CCC.exe
C:\Program

Files\Synaptics\SynTP\SynTPHelp

er.exe
C:\Users\travis\AppData\Local\G

oogle\Chrome\Application\chrome

.exe
C:\Users\travis\AppData\Local\G

oogle\Chrome\Application\chrome

.exe
C:\Users\travis\AppData\Local\G

oogle\Chrome\Application\chrome

.exe
C:\Windows\system32

\SearchProtocolHost.exe
C:\Windows\system32

\SearchFilterHost.exe
C:\Program Files\Trend

Micro\HijackThis\HijackThis.exe

R0 -

HKCU\Software\Microsoft\Interne

t Explorer\Main,Start Page =

http://www.forumswatcher.com/se

arch.htm
R1 -

HKLM\Software\Microsoft\Interne

t

Explorer\Main,Default_Page_URL

=

http://homepage.acer.com/rdr.as

px?

b=ACAW&l=0409&s=2&o=vb32&d=0109

&m=aspire_5515
R1 -

HKLM\Software\Microsoft\Interne

t

Explorer\Main,Default_Search_UR

L =

http://go.microsoft.com/fwlink/

?LinkId=54896
R1 -

HKLM\Software\Microsoft\Interne

t Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/

?LinkId=54896
R0 -

HKLM\Software\Microsoft\Interne

t Explorer\Main,Start Page =

http://homepage.acer.com/rdr.as

px?

b=ACAW&l=0409&s=2&o=vb32&d=0109

&m=aspire_5515
R0 -

HKLM\Software\Microsoft\Interne

t

Explorer\Search,SearchAssistant

=
R0 -

HKLM\Software\Microsoft\Interne

t

Explorer\Search,CustomizeSearch

=
R1 -

HKCU\Software\Microsoft\Interne

t Explorer\SearchURL,(Default)

=

http://www.forumswatcher.com/se

arch.htm
R0 -

HKCU\Software\Microsoft\Interne

t Explorer\Main,Local Page =
R0 -

HKLM\Software\Microsoft\Interne

t Explorer\Main,Local Page =
R0 -

HKCU\Software\Microsoft\Interne

t

Explorer\Toolbar,LinksFolderNam

e =
R3 - URLSearchHook:

freevideomaster Toolbar -

{01dfd24d-73eb-497f-8dfd-

7ea79365af4a} - C:\Program

Files\freevideomaster\tbfre1.dl

l
O1 - Hosts: ::1 localhost
O2 - BHO: freevideomaster

Toolbar - {01dfd24d-73eb-497f-

8dfd-7ea79365af4a} - C:\Program

Files\freevideomaster\tbfre1.dl

l
O2 - BHO: AcroIEHelperStub -

{18DF081C-E8AD-4283-A596-

FA578C2EBDC3} - C:\Program

Files\Common

Files\Adobe\Acrobat\ActiveX\Acr

oIEHelperShim.dll
O2 - BHO: Browser Defender BHO

- {2A0F3D1B-0909-4FF4-B272-

609CCE6054E7} - C:\Program

Files\Browser

Defender\PCTBrowserDefender.dll
O2 - BHO: WormRadar.com

IESiteBlocker.NavFilter -

{3CA2F312-6F6E-4B53-A66E-

4E65E497C8C0} - (no file)
O2 - BHO: Search Helper -

{6EBF7485-159F-4bff-A14F-

B9E3AAC4465B} - C:\Program

Files\Microsoft\Search

Enhancement Pack\Search

Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In 2

SSV Helper - {DBC80044-A445-

435b-BC74-9C25C1C588A9} -

C:\Program Files\Java\jre6

\bin\jp2ssv.dll
O3 - Toolbar: Browser Defender

Toolbar - {23B0D39A-E245-41B7-

BF86-1238CF62625E} - C:\Program

Files\Browser

Defender\PCTBrowserDefender.dll
O3 - Toolbar: (no name) -

{3041d03e-fd4b-44e0-b742-

2d9b88305f98} - (no file)
O3 - Toolbar: freevideomaster

Toolbar - {01dfd24d-73eb-497f-

8dfd-7ea79365af4a} - C:\Program

Files\freevideomaster\tbfre1.dl

l
O3 - Toolbar: Acer

eDataSecurity Management -

{5CBE3B7C-1E47-477e-A7DD-

396DB0476E29} -

C:\Windows\system32

\eDStoolbar.dll
O4 - HKLM\..\Run: [StartCCC]

"C:\Program Files\ATI

Technologies\ATI.ACE\Core-

Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl]

RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh]

C:\Program

Files\Synaptics\SynTP\SynTPEnh.

exe
O4 - HKLM\..\Run: [LManager]

C:\PROGRA~1\LAUNCH~1

\LManager.exe
O4 - HKLM\..\Run: [ISTray]

"C:\Program Files\PC Tools

Internet Security\pctsTray.exe"
O4 - HKLM\..\Run:

[eDataSecurity Loader]

C:\Acer\Empowering

Technology\eDataSecurity\eDSloa

der.exe
O4 - HKLM\..\Run:

[AutoLockProcess]

C:\Acer\Empowering

Technology\eLock\autolockproces

s\autolockprocess.exe
O4 - HKCU\..\Run: [sdd1034]

C:\Users\travis\AppData\Local\T

empImages\sdd1035.exe
O4 - HKUS\S-1-5-19\..\Run:

[Sidebar] %ProgramFiles%

\Windows Sidebar\Sidebar.exe

/detectMem (User 'LOCAL

SERVICE')
O4 - HKUS\S-1-5-19\..\Run:

[WindowsWelcomeCenter]

rundll32.exe

oobefldr.dll,ShowWelcomeCenter

(User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run:

[Sidebar] %ProgramFiles%

\Windows Sidebar\Sidebar.exe

/detectMem (User 'NETWORK

SERVICE')
O4 - .DEFAULT User Startup:

Think Green Weather.lnk =

C:\Program

Files\Stardock\DesktopGadgets\T

hink Green Weather\Think Green

Weather.exe (User 'Default

user')
O4 - Global Startup: Empowering

Technology Launcher.lnk = ?
O8 - Extra context menu item:

E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~2

\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) -

{23B0D39A-E245-41B7-BF86-

1238CF62625E} - (no file)
O9 - Extra button: (no name) -

{85d1f590-48f4-11d9-9669-

0800200c9a66} -

C:\Windows\bdoscandel.exe (file

missing)
O9 - Extra 'Tools' menuitem:

Uninstall BitDefender Online

Scanner - {85d1f590-48f4-11d9-

9669-0800200c9a66} -

C:\Windows\bdoscandel.exe (file

missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29

-B746-314DEE697D83} -

http://upload.facebook.com/cont

rols/2008.10.10_v5.5.8/Facebook

PhotoUploader5.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3

-BD87-1E41684E07BB} (Fun Web

Products Installer Start) -

http://ak.exe.imgfarm.com/image

s/nocache/funwebproducts/ei-

4/PopularScreenSaversInitialSet

up1.0.1.1.cab
O16 - DPF: {238F6F83-B8B4-11CF

-8771-00A024541EE3} -

http://a516.g.akamai.net/f/516/

25175/7d/runaware.download.akam

ai.com/25175/citrix/icaweb-

20070115.cab
O16 - DPF: {67DABFBF-D0AB-41FA

-9C46-CC0F21721616} -

http://download.divx.com/player

/DivXBrowserPlugin.cab
O16 - DPF: {D1E7CBDA-E60E-4970

-A01C-37301EF7BF98} (Futuremark

SystemInfo) -

http://service.futuremark.com/v

irtualmark/tc/FMSI.cab
O16 - DPF: {D71F9A27-723E-4B8B

-B428-B725E47CBA3E} -

http://imikimi.com/download/imi

kimi_plugin_0.5.1.cab
O20 - AppInit_DLLs:

C:\PROGRA~1\Google\GOOGLE~1

\GOEC62~1.DLL C:\PROGRA~1

\Google\GOOGLE~1\GOEC62~1.DLL

eNetHook.dll
O23 - Service: ASKUpgrade -

Unknown owner - C:\Program

Files\AskBarDis\bar\bin\ASKUpgr

ade.exe
O23 - Service: Ati External

Event Utility - ATI

Technologies Inc. -

C:\Windows\system32

\Ati2evxx.exe
O23 - Service: Browser Defender

Update Service - Threat Expert

Ltd. - C:\Program Files\Browser

Defender\BDTUpdateService.exe
O23 - Service: NTI Backup Now 5

Agent Service (BUNAgentSvc) -

NewTech Infosystems, Inc. -

C:\Program Files\NewTech

Infosystems\NTI Backup Now 5

\Client\Agentsvc.exe
O23 - Service: eDataSecurity

Service - HiTRSUT -

C:\Acer\Empowering

Technology\eDataSecurity\eDSSer

vice.exe
O23 - Service: eLock Service

(eLockService) - Acer Inc. -

C:\Acer\Empowering

Technology\eLock\Service\eLockS

erv.exe
O23 - Service: eNet Service -

Acer Inc. - C:\ACER\Empowering

Technology\eNet\eNet

Service.exe
O23 - Service: eSettings

Service (eSettingsService) -

Unknown owner -

C:\Acer\Empowering

Technology\eSettings\Service\ca

puserv.exe
O23 - Service: InstallDriver

Table Manager (IDriverT) -

Macrovision Corporation -

C:\Program Files\Common

Files\InstallShield\Driver\11

\Intel 32\IDriverT.exe
O23 - Service:

LightScribeService Direct Disc

Labeling Service

(LightScribeService) - Hewlett

-Packard Company - C:\Program

Files\Common

Files\LightScribe\LSSrvc.exe
O23 - Service: lxcg_device -

- C:\Windows\system32

\lxcgcoms.exe
O23 - Service: MobilityService

- Unknown owner -

C:\Acer\Mobility

Center\MobilityService.exe
O23 - Service: NTI Backup Now 5

Backup Service (NTIBackupSvc) -

NewTech InfoSystems, Inc. -

C:\Program Files\NewTech

Infosystems\NTI Backup Now 5

\BackupSvc.exe
O23 - Service: NTI Backup Now 5

Scheduler Service

(NTISchedulerSvc) - Unknown

owner - C:\Program

Files\NewTech Infosystems\NTI

Backup Now 5\SchedulerSvc.exe
O23 - Service: PC Tools

Auxiliary Service

(sdAuxService) - PC Tools -

C:\Program Files\PC Tools

Internet Security\pctsAuxs.exe
O23 - Service: PC Tools

Security Service

(sdCoreService) - PC Tools -

C:\Program Files\PC Tools

Internet Security\pctsSvc.exe
O23 - Service: ThreatFire - PC

Tools - C:\Program Files\PC

Tools Internet

Security\TFEngine\TFService.exe
O23 - Service: ePower Service

(WMIService) - acer -

C:\Acer\Empowering

Technology\ePower\ePowerSvc.exe

--
End of file - 10712 bytes

[stormfish]

How many anti-virus programs do you have installed?

[tdr2009]

Quote:

Originally Posted by stormfish

How many anti-virus programs do you have installed?

i only have PC Tools Internet Security 2009

[stormfish]

Well your main problem is vista.But their are many things we can do first click start and type msconfig in the startup tab disable everthing but your security programs click apply do not restart next while still in system config go to the services tab and make sure that you select hide all microsoft services after that disable anything that is not related to your security programs,drivers,and any software you want to use now reboot.
What are your computers specs?
Also download this http://www.malwarebytes.org/mbam.php and do a scan.

[tdr2009]

Quote:

Originally Posted by stormfish

Well your main problem is vista.But their are many things we can do first click start and type msconfig in the startup tab disable everthing but your security programs click apply do not restart next while still in system config go to the services tab and make sure that you select hide all microsoft services after that disable anything that is not related to your security programs,drivers,and any software you want to use now reboot.
What are your computers specs?
Also download this http://www.malwarebytes.org/mbam.php and do a scan.

Well i have an Acer but i can restore my computer to factory settings when i start up i can press Alt+F10 and it has 2 options:
Restore to factory Settings

Restore to users backup

and somehow all of the backups i made got deleted.

So can i just do that because i can back up stuff no problem

[stormfish]

Well you can restore your computer to factory Settings but make sure that the stuff you backup is not infected with malware.

[tdr2009]

Quote:

Originally Posted by stormfish

Well you can restore your computer to factory Settings but make sure that the stuff you backup is not infected with malware.

ok