[JUJU bar]

Okay, so this problem prevents me from using the laptop at all! Please listen to my sad story.

Before I begin, I own a Toshiba Satellite M105-S3051. Following are the specs:

Memory - 1024 MB
Hard disk drive - 100 GB

I bought it three years ago for school. There's nothing new I had downloaded recently, except I "activated" or "initiated" the Microsoft Outlook program by adding my email/password. Other than that, there isn't anything "new" or "risky" I did.

So what's wrong with it?

It's perfectly fine when it starts up. It takes a while to load, but it's been that way since the beginning. When everything is done and loading, I can use the laptop fine for about 10 minutes before everything starts to lag. Like you know when you put your mouse over a link, the arrow turns into a hand? It takes like 15 seconds for that to happen. Similarly, when you type the vertical bar --> | that flashes on and off takes forever. Both of these situations reflect the "slowness" of my laptop.

I press control+alt+delete to see what's going on.. and the CPU is maximizing to 100% about every 15 seconds. I'm only running Mozilla and maybe Microsoft Word, but the System Idle Process is barely 10 or so. What's weird is it's not one program that's taking CPU, but several constantly change the amount of CPU they're hogging. But there's one program that significantly and consistently takes CPU and that is RTVSCAN.EXE

I've researched a bit and it seems like it has to do with some sort of windows automatic update system.

I really know nothing about computers... and I feel like my computer isn't plagued with viruses... I don't understand why my laptop is suddenly behaving like this...

Is this something fixable or do I have to get a new laptop? Everything seems to work fine. It's just everything lags...

Do I need more memory?



Thanks for even reading this! Anything will help! I want to contact Toshiba, but I'm nto sure if they even deal with these kinds of problems...

[awdark]

Get Malwarebytes and do a scan, usually problems that pop up like this are spyware.

I don't know if that is a real rtvscan file, sometimes they name fakes like real files to trick you into thinking they are safe which is why I want you to scan.

Sometimes its the fault of the antivirus... I have had some times where a update (either windows or antivirus) caused a conflict and it made the antivirus scan the same files over and over

[Argentine]

try to defrag your drive and use CCleaner to clean your registry etc.

[RX7ven]

if your using outlook, chances are the windows indexing service and windows search feature is enabled. rtvscan sounds like a symantec process, symantec sucks and slows down your computer anyways, i dont like it. mcafee isnt any better either. check your indexing service to make sure its disabled.
start->run->services.msc
indexing service - stop service if running, then disable it
windows search - stop service, then disable it.

i work in IT and the windows searh/indexing service slows down alot of computers.

and if your using vista, get rid of it. lol vista sucks, get xp or windows 7.
if you want to uninstall norton, use the norton removal tool instead of doing it from the control panel. (link below)
http://service1.symantec.com/SUPPORT/tsgen...&view=docid

[JUJU bar]

^Neither had started... I have XP.

The thing is, I wish I could do all these things but it starts lagging after 10 minutes so anything that requires more than that is a bit difficult for me. But I've started a new user account to buy more time and do the things you guys suggested. Thanks!

[RX7ven]

boot up at safemode

spamm f8 before the windows xp loading screen, then goto start->run->msconfig
goto the startup tab, and disable everything froms starting up. and if it is indeeed norton thats taking up all your resources, remove it.

[gq_boi77]

Try to get rid of symantec products, uninstall it or something. Sounds like symantec is scanning behind the background. Does not harm to your computer but just that the lag is annoying.
You should go into safemode, and run msconfig and disable symantec as startup file.

[awdark]

You do know that Symantec Antivirus 2009 does have pretty good reviews right? A lot of reviews said they did a complete 180 from bloatware and is almost on par with nod for a lot of things.

[JUJU bar]

I mean, I agree, I feel like Symantec hasn't bothered me before... it's just this sudden slow...age. lol.

I did the virus-check with the malwarebytes, and they found about 30 infected... things. and i pressed delete and it asked me to reboot, but i don't really know what happened... currently, i'm on another user on the same laptop, and everything is running smoothly... why is that?? i always wondered. can the "virus" spread to other users too? why are new users so fast even though it's the same laptop?

[Daedalus_357]

I mean, I agree, I feel like Symantec hasn't bothered me before... it's just this sudden slow...age. lol.

I did the virus-check with the malwarebytes, and they found about 30 infected... things. and i pressed delete and it asked me to reboot, but i don't really know what happened... currently, i'm on another user on the same laptop, and everything is running smoothly... why is that?? i always wondered. can the "virus" spread to other users too? why are new users so fast even though it's the same laptop?

Well, the fact that you found about 30+ infected files tells me that you NEED to get some reliable anti-virus software. I know most people want / like freeware, but freeware has its limitations sadly, no matter how much people will it (lol). i'd suggest buying some antivirus software, such as McAfee, that has an active scanning feature.

secondly, as for your slow speed, especially when hovering over links and such, this tells me your machine may still be contaminated. this could be caused by a worm (possibly Conficker?), or any other types of spyware / malware that has gone undetected by malwarebytes. also, when you first start your computer, go to TASK MANAGER by right clicking on an empty space on the taskbar (see image) and select "Task Manager". this will bring up the Task Manager. in the task manager, sort by user name by clicking the "User Name" bar until your user name is at or close to the top. take a look at the processes running under your user name and either take a screenshot of it or writing down all the process names in notepad, then post the results in here.

Send me a pm after you post so i know it's ready and i'll take a look at the results and see where to proceed from there rather than blindly beating around the bush for an answer.

[RnBaddict]

If you have ABSOLUTELY NOTHING IMPORTANT on your computer.......Just format to clean out everything and have a virus/spyware/adware free computer all over again

[Argentine]

well if you know where to look,you dont have to shell out cash for good anti-virus *wink*

reformatting is usually a last resort,but like the previous user said,if there is nothing valueble,might as well reformat.Be ready to sit infront of it for a long time though lol

[NPB-XK]

Download HJT and scan and send me the log by copy pasting it.
(FROM your infected user).
http://download.cnet.com/Trend-Micro-Hijac...4-10227353.html

[JUJU bar]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:36:39 PM, on 5/22/2009
Platform: Windows XP SP2
MSIE: Internet Explorer v6.00 SP2
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Be Secure 2006\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Be Secure 2006\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Be Secure 2006\Symantec Client Firewall\SymSPort.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\SBCLIG~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\SYS32DLL.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: 790151 helper - {22186AA4-E2A6-45E8-BF4F-5C103C0458B0} - C:\WINDOWS\system32\790151\790151.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCLIG~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [SYS32DLL] SYS32DLL
O4 - HKUS\S-1-5-19\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-811310523-4216100793-4027123411-1007\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (User 'Alternate')
O4 - HKUS\S-1-5-21-811310523-4216100793-4027123411-1007\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w (User 'Alternate')
O4 - HKUS\S-1-5-18\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {21FDDE58-51A6-402A-8040-39DA033DC196} (Pull0PlayerX Control) - http://image.pullbbang.com/newTop/Pull0Control.ocx
O16 - DPF: {340CCF52-D65F-4A11-80B3-13DC23697B59} (BugsInstall Control) - http://player.bugs.co.kr/install/BugsInstall.cab
O16 - DPF: {36F46B1E-11B7-4221-B4F7-F1FC9687E7F7} (YBox Control) - http://kr.music.yahoo.com/Components/YMusicPack.cab
O16 - DPF: {5ED65AE2-5858-4966-B077-947647321308} (HaninXCtrl Control) -
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {68253470-5D4F-4CDF-8D9C-353C14A2F013} (SVPorsche Control) - http://img.yahoo.co.kr/multi/2005/tool/pla...6/SVPorsche.cab
O16 - DPF: {6A2E758A-028B-46BB-A11D-0608AB5A4ED3} (DaumBGMCtrl Class) - http://listen.daum.net/52st/bgmplayer/Daum52stBGMPlayer.cab
O16 - DPF: {7606693A-C18D-4567-AF85-6194FF70761E} (GomWeb Control) - http://app.ipop.co.kr/gom/GomWeb.cab
O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - http://player.bugs.co.kr/install/XTools.cab
O16 - DPF: {BCA935CA-7E41-4F73-BA9C-FAB4393DBAC0} (MADanalCtrl Control) - http://www.csafer.net/ActiveX/MAStreamCtrl.cab
O16 - DPF: {BD6BB450-7C69-43B8-96F3-689CAE57AB51} (SBSWebPlayer Class) - http://netv.sbs.co.kr/object/player/SBSWebPlayer.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {DF88B6BB-3A73-4443-95A4-23A1568CAC80} (Coxgrd Control) - http://www.upiece.co.kr/piece/plugin_new/coxgrd.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/SU1.5/ocx/15034/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Amazon Unbox Video Service (ADVService) - Amazon.com - C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Be Secure 2006\Symantec AntiVirus\DefWatch.exe
O23 - Service: DVD-RAM_Service - Matsumini coopera Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Be Secure 2006\Symantec Client Firewall\ISSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Be Secure 2006\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Be Secure 2006\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Be Secure 2006\Symantec Client Firewall\SymSPort.exe

--
End of file - 13733 bytes

[RX7ven]

wow... u got a ton of stuff running, lol

the only suspicious thing i see is SYS32DLL.exe located in C:\WINDOWS\system32
try to end the process, the goto that directory and see if you can delete it. if not download file assasin and try to delete that file.

[JUJU bar]

well, i don't open these things, they just automatically run...

and by finding it on the registry... enlighten me?

i can't delete it because it won't let me. so i'll try the assassin thing. lol.

okay i deleted it. hopefully that file wasn't too important. lol.

[Daedalus_357]

i agree with RX7, that is a LOT of processes... you could potentially disable a good 70% of those processes and most likely get a good majority of your speed back.

Step 1: go to C:\Documents and Settings\<YOUR USERNAME HERE>\Start Menu\Programs\Startup and delete EVERYTHING in that folder.
(this folder is also located in Start->all programs->Startup, you could just delete the folder from there as well.)

Step 2: go to Start --> Run and type "msconfig" without quotes. when the SYSTEM CONFIGURATION UTILITY window appears, click on the tab labeled "STARTUP" and UNCHECK everything in there that is NOT in the "C:\WINDOWS\SYSTEM32\..." path (look at the "command" seperator for the path). this will stop a good majority of the non-essential programs from starting up.

WARNING!! DO NOT UNDER ANY CIRCUMSTANCES UNCHECK ANY BOXES OUTSIDE OF THE STARTUP TAB IN MSCONFIG. YOU RISK CRASHING YOUR COMPUTER / PREVENTING IT FROM STARTING CORRECTLY IF YOU DO.


Step 3: if your computer still lags at this point, go to the control panel and start the "Add / Remove Programs" feature, then systematically un-install any non-essential programs. If these three steps do not work, get a USB flash drive or external hard disk, back up all your essential / important files to the drive, and re-install your operating system with the recovery cd that should have been included with your laptop.

i hope these steps help you, good luck.

[RnBaddict]

HOLY JEZUZ i have a quad core processor and 2024MB of memory and even i dont run this many stuff on my background

No wander your CPU is always max out

[JUJU bar]

HOLY JEZUZ i have a quad core processor and 2024MB of memory and even i dont run this many stuff on my background

No wander your CPU is always max out

Well, that's not a fair statement. Like I said, the CPU has always been under control until recently. I mean, I've had this laptop for 3 years and probably the same batch of programs have been running since then...

[NPB-XK]

You gotta do as Daedalus_357 said.

Meanwhile, I'll look on something else.
Press Win+Pause and go to System Restore tab and check it to turn it off.
By then:
Scan with HijackThis again and check the following:
O2 - BHO: 790151 helper - {22186AA4-E2A6-45E8-BF4F-5C103C0458B0} - C:\WINDOWS\system32\790151\790151.dll
The other O2 - BHOs are up to you.
O4 - HKCU\..\Run: [SYS32DLL] SYS32DLL
O4 - HKLM\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w
O4 - HKUS\S-1-5-19\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-811310523-4216100793-4027123411-1007\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (User 'Alternate')
O4 - HKUS\S-1-5-21-811310523-4216100793-4027123411-1007\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w (User 'Alternate')
O4 - HKUS\S-1-5-18\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RHTDCPL] rundll32 C:\WINDOWS\system32\SmsnUtl.dll,w (User 'Default user')
O16 - DPF: {5ED65AE2-5858-4966-B077-947647321308} (HaninXCtrl Control) -

Fix checked.
Reboot.
Then scan with HijackThis again to see if SYS32DLL gets back.
If it gets back, get http://www.combofix.org/
Install and scan and send me the log file (it's gonna be huge). It is to back trace what the heck revived it.
If it's all fine, you can uncheck the System Restore thing. And we'll move on...