New Thinkpad help

Hey guys, once again I call upon the superior knowledge of the Majors.

A friend of mine just bought a brand new Lenovo Thinkpad R61.

Asked me to clean all the crap off and put security software on it, normally this is a boring yet simple task for me but this thinkpad has a mountain of preloaded stuff I've never heard of.

Just starting up and opening task manager I have 93........yes 93 processes running and a total physical memory of 1013, 301mb cached and 30mb free.

Now I'm sorry but holy crap!
Also of the 13 svchost processors running, 1 is using 49mb of ram and 1 is using 207mb of ram.........207?

So I need some info about what I can uninstall/stop/disable.

Obviously anyone who can help will need to see a list of what is running. The only thing I can offer is a HJT log unless someone knows a way I can copy and paste a process list.

HJT LOG:

Logfile of HijackThis v1.99.1
Scan saved at 7:26:23 PM, on 06/10/2009
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)

Running processes:
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files (x86)\Digital Line Detect\DLG.exe
C:\Program Files (x86)\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files (x86)\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files (x86)\ThinkVantage\AMSG\Amsg.exe
C:\Program Files (x86)\Lenovo2\Drag-to-Disc\DrgToDsc.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files (x86)\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files (x86)\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files (x86)\Internet Explorer\ieuser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\WinZip\WZQKPICK.EXE
C:\PROGRA~2\WINZIP\winzip32.exe
C:\Users\Pamela\AppData\Local\Temp\wzd164\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O4 - HKLM\..\Run: [TPFNF7] "C:\Program Files (x86)\Lenovo\NPDIRECT\TPFNF7SP.exe" /r
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~2\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] "C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe"
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~2\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] "C:\Program Files (x86)\ThinkVantage\AMSG\Amsg.exe" /startup
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files (x86)\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files (x86)\Lenovo2\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ACTray] "C:\Program Files (x86)\ThinkPad\ConnectUtilities\ACTray.exe"
O4 - HKLM\..\Run: [ACWLIcon] "C:\Program Files (x86)\ThinkPad\ConnectUtilities\ACWLIcon.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files (x86)\Digital Line Detect\DLG.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files (x86)\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files (x86)\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files (x86)\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files (x86)\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IPS Core Service (IPSSVC) - Unknown owner - C:\Windows\system32\IPSSVC.EXE (file missing)
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: SQL Server (MSSMLBIZ) (MSSQL$MSSMLBIZ) - Unknown owner - c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: On Screen Display (TPHKSVC) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files (x86)\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

Any help is apreciated

 

Can you do a screen shot or two of the processes?

 

Yeah I can do that, give me a few minutes.

 

Ok here's the list.

http://i297.photobucket.com/albums/mm230/Nedlamar/prntscrn01.jpg

http://i297.photobucket.com/albums/mm230/Nedlamar/prntscrn02.jpg

http://i297.photobucket.com/albums/mm230/Nedlamar/prntscrn03.jpg

http://i297.photobucket.com/albums/mm230/Nedlamar/prntscrn04.jpg

http://i297.photobucket.com/albums/mm230/Nedlamar/prntscrn05.jpg

 

Just booted for the first time today, from hitting the power switch to everything fully loaded = 4:38 minutes.
Brand new laptop with nothing installed but factory preloads, thats absolutely horrendous.
Why do they do it? why not load windows and drivers and give you a disc with all the crap on it and let you decide what you want to try?

 

I just caught a screen of the svchost process showing 120ish mb usage.

http://i297.photobucket.com/albums/mm230/Nedlamar/prntscrn06.jpg

Honestly guys, I've worked on pc's and laptops for nearly 8 years, I've seen some super fast builds I've done for people and I've seen some bogged down slooooow frustrating machines, but never have I come across a new pc like this one, I mean seriously, with what this laptop has inside it should be pretty quick, at least when I open My Computer it shouldn't lock up and task bar turn white, mouse freezing. When I open ms paint I shouldn't be able to get up, go for a pee, grab a drink , come back and it's still not loaded and I certainly shouldn't be sitting here typing this message 4 words ahead of the screen.

Someone please give me some advice here, it's not that I don't know what I'm doing, I just don't recognise many of the processes and I'm not that familiar with Vista so I don't know what is needed and whats not.

 

Update, ok I gave up trying to work on this pc, it wouldn't let me unistall anything, kept crashing etc so I went for the recovery, I know it's a little extreme for a laptop only 3 days old lol but it worked, took a while (about 3 hours) to do a full restore and I got to pick which preloads it would have so I unchecked Norton and AOL, skype and a few others.

I'm not entierly sure if my friend had done something or caught a bug but I still have 82 processes running and 80% memory taken but it's 10 times faster than it was.
I will sit down with her and ask what she wants to keep and what not, I figured most of it out and could probably drop the number to 60-65. Anyone who may look at the above list if you know something that doesn't need to run or is just wasting space please say

 

Hello,

I also have a Lenovo Thinkpad R61, 15 months since I got it. It's running Windows XP Pro. There are 84 processes in Taskmanager, 6 of which are svchost.exe. I'm not sure how to tell how much of the memory is being taken up.

My Lenovo came with a trial version of Norton but it wasn't installed and I never did install it. I uninstalled the version of Office that came with it, I think it was 2007, and I installed Office 2003, which I had purchased previously. (The license is for 3 computers, and this was #2.) Other than that, I've got AVG free 8.5, purchased version of Malwarebytes, and Outpost Free firewall. The system boots up quickly and it runs smoothly. PC Tools Firewall had slowed down the boot time, but I'm using Outpost now, so boot up is back to its normal quick self.

I know Lenovo does install a lot of extra 'stuff', like all the Thinkvantage software. I only used it to create the set of recovery CD's and I use it to manage my internet connections. Otherwise I don't use it, but I'll leave it there anyway.

I don't know, maybe with your laptop it's a Vista issue? My laptop didn't come with AOL and skype on it either.

 

Ned, I've got two identical HP tablets running Vista. The difference being one as 1Gb of Ram and the other 2GB.
I did a minor tweak and removed all start up programs but for the AV on the 1GB LT using-
http://majorgeeks.com/Startup_CPL_d619.html

Have not tweaked services though.

Still LT with the 2GB RAM blows the tweaked machine from a standing start boot :-D
Cheers..
PS: What AV have you gone with? Don't see it in your processes!

 

@Amethyst.... Yeah sorry, this one is Vista loaded, and yeah it came over loaded if you ask me.

@sikvik.....This is a 1gb machine, t7300 core 2 duo 2.0. I havn't put anti virus on it as yet, she's getting sophos suit so I'm not loading any up, she just asked me to clean it up and get it moving like it should, I don't know how many mb of ram vista uses, I kno it's high but 800+ is too much. Thanks for the link, does that do something ccleaner doesn't? thats how I usually change startup?

 

CCleaner should not be used to control start ups. Enable all in CC.
Use Start up CPL. Here's the authors page and a tutorial.

http://www.mlin.net/StartupCPL.shtml

Cheers..

Ps: You can always go with a free AV. Antivir, Avast and AVG8.5 are highly recommended on MG's
http://www.majorgeeks.com/downloads29.html

 

Ok thanks, I'll give it a look

And I use Avast, like I said she's getting sophos from a business client in a day or so, so no point in throwing stuff on yet.

Out of curiosity, why do you say ccleaner shouldn't be used for startup? I've never experienced problems using it.

Thanks again.

 

CCleaner invokes msconfig.
Here's why msconfig should not be used for startups.
http://forums.majorgeeks.com/showthread.php?t=149804
Cheers..