Solved: Start up slow

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

dneighbor

Thread Starter
Joined
Dec 20, 2010
Messages
423
On start up this machine takes forever. I think I have a lot of processes and services running that I do not need.
 

dneighbor

Thread Starter
Joined
Dec 20, 2010
Messages
423
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:39:04 PM, on 1/10/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Lexmark Z2400 Series\ezprint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Carbonite\CarbonitePreinstaller.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vp32&d=0409&m=aspire_5810t
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?r0=1290729241
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vp32&d=0409&m=aspire_5810t
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vp32&d=0409&m=aspire_5810t
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"
O4 - HKLM\..\Run: [lxdqmon.exe] "C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Z2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: WebEx Service Host for Support Center (atashost) - WebEx Communications, Inc. - C:\Windows\system32\atashost.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: lxdqCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdqserv.exe
O23 - Service: lxdq_device - - C:\Windows\system32\lxdqcoms.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe

--
End of file - 8987 bytes
 

dneighbor

Thread Starter
Joined
Dec 20, 2010
Messages
423
DDS (Ver_10-12-12.02) - NTFSx86
Run by Pastor Carl Cutlip at 13:42:31.77 on Mon 01/10/2011
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_23
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3001.1933 [GMT -5:00]

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atashost.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdqserv.exe
C:\Windows\system32\lxdqcoms.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Lexmark Z2400 Series\ezprint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Carbonite\CarbonitePreinstaller.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Pastor Carl Cutlip\Downloads\dds(3).scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/?r0=1290729241
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vp32&d=0409&m=aspire_5810t
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vp32&d=0409&m=aspire_5810t
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vp32&d=0409&m=aspire_5810t
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [ODDPwr] "c:\program files\acer\optical drive power management\ODDPwr.exe"
mRun: [lxdqmon.exe] "c:\program files\lexmark z2400 series\lxdqmon.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [Acer Product Registration] "c:\program files\acer\acer registration\ACE1.exe" /startup
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [EzPrint] "c:\program files\lexmark z2400 series\ezprint.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [EgisTecLiveUpdate] "c:\program files\egistec egis software update\EgisUpdate.exe"
mRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe" /preinstalled
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Acer ePower Management] c:\program files\acer\acer powersmart manager\ePowerTrayLauncher.exe
mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\acer\acer vcm\Skype4COM.dll
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\pastor~1\appdata\roaming\mozilla\firefox\profiles\woshqljj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?r0=1290729241
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2010-12-25 20376]
R2 DsiWMIService;Dritek WMI Service;c:\program files\launch manager\dsiwmis.exe [2009-4-28 117256]
R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer powersmart manager\ePowerSvc.exe [2009-4-28 703008]
R2 lxdq_device;lxdq_device;c:\windows\system32\lxdqcoms.exe -service --> c:\windows\system32\lxdqcoms.exe -service [?]
R2 lxdqCATSCustConnectService;lxdqCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdqserv.exe [2008-2-27 98984]
R2 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2008-10-9 19504]
R2 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2008-10-9 16432]
R2 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2008-10-9 59952]
R2 MWLService;MyWinLocker Service;c:\program files\egistec\mywinlocker 3\x86\MWLService.exe [2008-10-27 306736]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\newtech infosystems\acer backup manager\IScheduleSvc.exe [2009-4-1 54528]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-9-23 144632]
R2 ODDPwrSvc;Acer ODD Power Service;c:\program files\acer\optical drive power management\ODDPWRSvc.exe [2009-4-28 114688]
R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2009-4-28 237568]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-5 988216]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-1-5 399416]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-4-28 112128]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C60x86.sys [2009-3-31 49664]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-26 135664]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-20 179712]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-9-23 50424]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2011-01-10 08:19:57 -------- d-----w- c:\program files\Windows Portable Devices
2011-01-10 08:04:15 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-01-10 08:04:15 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-01-10 08:04:15 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-01-10 08:02:27 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-01-10 08:02:27 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-01-10 08:02:27 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-01-09 21:26:31 -------- d-----w- c:\windows\pss
2011-01-09 21:25:52 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-01-09 20:27:33 388096 ----a-r- c:\users\pastor~1\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-01-09 19:43:22 2730536 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-01-09 19:43:19 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{13e5d772-ddad-4e7e-b79f-8befadf5d647}\mpengine.dll
2011-01-09 19:43:19 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-09 18:17:53 -------- d-----w- c:\windows\system32\vi-VN
2011-01-09 18:17:53 -------- d-----w- c:\windows\system32\eu-ES
2011-01-09 18:17:53 -------- d-----w- c:\windows\system32\ca-ES
2011-01-09 02:37:58 -------- d-----w- c:\users\pastor~1\appdata\local\ElevatedDiagnostics
2011-01-09 01:41:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-09 01:41:56 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-01-09 01:23:27 -------- d-----w- c:\users\pastor~1\appdata\local\Secunia PSI
2011-01-09 01:23:17 -------- d-----w- c:\program files\Secunia
2011-01-05 18:26:59 883712 ----a-w- c:\windows\system32\IMJP10.IME
2011-01-05 18:25:59 860160 ----a-w- c:\windows\system32\WerFaultSecure.exe
2011-01-05 18:24:53 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2011-01-05 18:24:45 218624 ----a-w- c:\windows\system32\wdscore.dll
2011-01-05 18:24:45 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2011-01-05 18:24:24 247808 ----a-w- c:\windows\system32\drvstore.dll
2011-01-05 01:10:33 -------- d-----w- c:\program files\ESET
2011-01-05 00:29:03 -------- d-----w- c:\program files\Microsoft ATS
2011-01-04 17:40:50 -------- d-----w- c:\users\pastor carl cutlip\Option
2011-01-04 15:30:23 -------- d-----w- c:\users\pastor~1\appdata\roaming\ParetoLogic
2011-01-04 15:30:23 -------- d-----w- c:\users\pastor~1\appdata\roaming\DriverCure
2011-01-04 15:30:04 -------- d-----w- c:\progra~2\ParetoLogic
2011-01-03 18:06:33 -------- d-----w- c:\program files\CCleaner
2011-01-03 12:56:03 -------- d-----w- c:\users\pastor~1\appdata\roaming\Malwarebytes
2011-01-03 12:55:52 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-03 12:55:51 -------- d-----w- c:\progra~2\Malwarebytes
2011-01-03 12:55:47 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-03 12:55:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-03 03:34:14 -------- d-----w- c:\program files\Trend Micro
2011-01-02 20:44:51 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2010-12-26 01:35:12 -------- d-----w- c:\program files\Linksys
2010-12-26 01:34:31 -------- d-----w- c:\program files\Pure Networks
2010-12-26 01:34:13 76184 ----a-w- c:\windows\system32\atsckernel.exe
2010-12-26 01:34:12 20376 ----a-w- c:\windows\system32\atashost.exe
2010-12-26 01:34:06 -------- d-----w- c:\progra~2\webex
2010-12-26 01:34:03 8892928 ----a-w- c:\progra~2\atscie.msi
2010-12-26 01:32:30 24880 ----a-w- c:\windows\system32\drivers\pnarp.sys
2010-12-26 01:31:47 26416 ----a-w- c:\windows\system32\drivers\purendis.sys
2010-12-26 01:31:43 -------- d-----w- c:\program files\common files\Pure Networks Shared
2010-12-26 01:31:30 -------- d-----w- c:\progra~2\Pure Networks

==================== Find3M ====================

2010-12-10 00:50:24 51964 ----a-w- c:\progra~2\SPL1E68.tmp
2010-12-07 23:55:17 51964 ----a-w- c:\progra~2\SPLBF1.tmp
2010-12-05 18:49:27 51964 ----a-w- c:\progra~2\SPL721.tmp
2010-12-01 15:32:56 51964 ----a-w- c:\progra~2\SPL6328.tmp
2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:20:12 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-18 13:37:35 81920 ----a-w- c:\windows\system32\consent.exe
2010-10-18 13:31:24 2038272 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 13:43:05.51 ===============
 

dneighbor

Thread Starter
Joined
Dec 20, 2010
Messages
423
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5498

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

1/10/2011 1:55:15 PM
mbam-log-2011-01-10 (13-55-15).txt

Scan type: Quick scan
Objects scanned: 133936
Time elapsed: 2 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 

Phantom010

Retired Trusted Advisor
Joined
Mar 9, 2009
Messages
34,796
Try running StartUpLite from Malwarebytes' Anti-Malware.

The program doesn't need any installation. Simply run the program as Administrator and choose the Disable option for the items displayed.
 

dneighbor

Thread Starter
Joined
Dec 20, 2010
Messages
423
Did yhat and when I hit continue it pops up with a ERROR about "there was an error creating MSCOnfig Key
 

Phantom010

Retired Trusted Advisor
Joined
Mar 9, 2009
Messages
34,796
Not sure what happened there. Did you run the program after right-clicking and selecting "Run as Administrator"?

If no luck,

You can take note of the items suggested by the program.

Then, by yourself, press the Windows key + R to open a Run box.

Type msconfig.

Select the Startup tab.

Uncheck the items suggested by the program.

Click OK.

Reboot the computer.
 

dneighbor

Thread Starter
Joined
Dec 20, 2010
Messages
423
OK I re ran it. It came up the same. So it went to the Config and start up tab. But two items that they said to disable, I could not find. Hotkeyscmds and persistence.
 

Phantom010

Retired Trusted Advisor
Joined
Mar 9, 2009
Messages
34,796
Look carefully, they're in there. :)

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
 

dneighbor

Thread Starter
Joined
Dec 20, 2010
Messages
423
Great I found them. I am getting windows has blocked some start up commands tab popping up. Also can I disable Winlock and Network Magic?
 

dneighbor

Thread Starter
Joined
Dec 20, 2010
Messages
423
Wow I think this thing is fixed. You did a Great Job. Very good instructions. Thank You Very Much. Don
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top