| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 106553 | 2010-01-13 09:22:00 | Slow Boot Times and Security Essentials | Lizard (2409) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 848369 | 2010-01-18 05:48:00 | Okay, well the 45s boot with MSSE turned off happened only that one time, and now, no matter what I try, it still stubbornly refuses to boot in under 3 mins. That's even with all non-MS services disabled, and all startup programs disabled. So I've installed HijackThis and got a logfile. Speedy, can you see anything in this? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:41:36 p.m., on 18/01/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker. exe C:\Users\Peter\Bluebirds\BlueBirds.exe C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [bluebirds] C:\Users\Peter\Bluebirds\BlueBirds.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - platformdl.adobe.com O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlServi ce.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7885 bytes |
Lizard (2409) | ||
| 848370 | 2010-01-18 05:54:00 | Even if you disable the exe in startup its MsMpeng.exe that causes the slowdown. And WHERE did you disable the services? Not in Msconfig I hope. Coz you shouldnt disable them here You can tick these then tick fix checked or use ccleaner Close browsers O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" Whats this? C:\Users\Peter\Bluebirds\BlueBirds.exe |
Speedy Gonzales (78) | ||
| 848371 | 2010-01-18 06:31:00 | Thanks Speedy, I'll try that. I did disable the non-MS services in MS Config, but it was suggested in this MS support page. support.microsoft.com What is MsMpeng.exe - something to do with MSSE? As for Bluebirds, I'm not entirely sure, but it's something to do with the LG DVD drive. Even when there is no DVD in the drive, it shows the following files "currently on the disc" - autorun.inf, BlueBirds.exe, Drag&Burn.exe, Setup.exe. |
Lizard (2409) | ||
| 848372 | 2010-01-18 06:40:00 | I've fixed the four entries listed, but there's no impact on boot time - still around 3 mins. I notice there's a lot of "files missing" entries at the end of the logfile. Is this anything significant? |
Lizard (2409) | ||
| 848373 | 2010-01-18 06:48:00 | MsMpeng.exe is the anti-malware service exe for MSSE. Thats the file that makes the cpu usage go to 100%. And what slows you down on bootup. It'll tell you this under performance in control panel. Its because HJT doesnt know what the version of windows is, if its Windows 7. Dont worry about it. Well you shouldnt disable services under msconfig you do it in services. If its going to be permanent. I've never heard of bluebirds.exe | Speedy Gonzales (78) | ||
| 848374 | 2010-01-18 06:55:00 | So if MsMpeng.exe is the cause of the slowdown, does it affect everyone, or is it just me? And is there any way to either speed it up, or disable it? | Lizard (2409) | ||
| 848375 | 2010-01-18 06:59:00 | It is also part of windows malicious software removal tool. I did disable it once then found out it was invoked during the scheduled scan, so I canned that and rely on the real time action and just do a manual scan when the comp is free for an hour or so | gary67 (56) | ||
| 848376 | 2010-01-18 07:01:00 | Well its slowed this down as well. It used to boot faster. Not much you can do about it. Unless you uninstall it. Or kill the real time scanning. But then you'll have to open MSSE all the time. Which will be annoying | Speedy Gonzales (78) | ||
| 848377 | 2010-01-18 08:12:00 | Well, I killed MSSE, but it's still taking close to 3 mins to boot up, so I think it's safe to say that it wasn't the culprit. Anyone else have any ideas about what might be causing the long boot times? | Lizard (2409) | ||
| 848378 | 2010-01-18 08:23:00 | Kill sidebar. That'll also slow you down, and windows search in services (disable it). And indexing. And tick the services you disabled in msconfig | Speedy Gonzales (78) | ||
| 1 2 3 | |||||