Huckleberry Pie Posted February 26, 2008 Share Posted February 26, 2008 OK, a friend of mine at a Strawberry Shortcake forum has a Toshiba tablet notebook, with XPSP2, and is lagging for some reason. He gave me this HijackThis log: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 16:57:21, on 26/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe C:\WINDOWS\SYSTEM32\WISPTIS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\tabbtnu.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Java\jre1.5.0\bin\jusched.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\system32\00THotkey.exe C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\TFNF5.exe C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe C:\WINDOWS\system32\TPSMain.exe C:\WINDOWS\system32\TPSODDCtl.exe C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\TOSHIBA\TouchED\TouchED.Exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\system32\thpsrv.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe C:\Program Files\Toshiba\Tvs\TvsTray.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Hewlett-Packard\HP Deskjet 1280\Toolbox\mpm.exe C:\Program Files\CopperheadAntiSpyware\CopperScheduler.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\CursorXP\CursorXP.exe C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe C:\WINDOWS\system32\RAMASST.exe C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Apoint2K\Apntex.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\ThpSrv.exe C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe C:\Program Files\TOSHIBA\TME3\TMETEMNU.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\eksplorasi.exe" O1 - Hosts: <html><head><title>Yahoo! GeoCities</title> O1 - Hosts: </head><body> O1 - Hosts: <!-- following code added by server. PLEASE REMOVE --> O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE --><center> O1 - Hosts: <table border=0 width=675 cellspacing=0 cellpadding=0> O1 - Hosts: <tr><td valign=middle width="1%"> O1 - Hosts: <a href="/"><img src="http://us.yimg.com/i/us/geo/ygeo.gif" width=305 height=36 border=0 alt="Yahoo! GeoCities"></a> O1 - Hosts: </td><td valign=middle><table border=0 cellspacing=0 cellpadding=0 width="100%"> O1 - Hosts: <tr><td align=right valign=bottom nowrap> O1 - Hosts: <font face=arial size=-1><a href="http://www.yahoo.com">Yahoo!</a></font> O1 - Hosts: </td></tr></table> O1 - Hosts: <hr size=1> O1 - Hosts: </td></tr></table> O1 - Hosts: <p> O1 - Hosts: <table border=0 width=675 cellspacing=0 cellpadding=4> O1 - Hosts: <tr><td bgcolor=dcdcdc> O1 - Hosts: <font face=arial size=+1><b>Sorry, this site is temporarily unavailable!</b></font> O1 - Hosts: </td></tr> O1 - Hosts: <tr><td align=center> O1 - Hosts: <font face=arial>The web site you are trying to access has exceeded its allocated data transfer. Visit our <a href="http://help.yahoo.com/help/us/geo/">help area</a> for more information.<p>Access to this site will be restored within an hour. Please try again later.<br><font color=cc0000><b>http://<!--#echo var="SERVER_NAME" --><!--#echo var="REDIRECT_URL" --></b></font> O1 - Hosts: <p><table border=0 cellpadding=1 cellspacing=0><tr bgcolor=dcdcdc><td align=center valign=middle><table bgcolor=ffffcc border=0 cellpadding=3 cellspacing=0><tr><td align=center><font face=arial> Need extra data transfer? Sign up for <b>GeoCities Pro</b> or <b>Webmaster. <a href=http://geocities.yahoo.com/ps/info>Learn more</b></a>. </font></td></tr></table></td></tr></table> O1 - Hosts: </font><br></td></tr></table> O1 - Hosts: <table border=0 width=675 cellspacing=0 cellpadding=1> O1 - Hosts: <tr> O1 - Hosts: <td valign=top width=249 bgcolor=ffffff> O1 - Hosts: <table width="100%" cellpadding=1 cellspacing=0 border=0 bgcolor=dcdcdc><tr> O1 - Hosts: <td valign=top align=center><table width="100%" cellpadding=3 cellspacing=0 border=0 bgcolor=ffffff> O1 - Hosts: <tr bgcolor=dcdcdc><td><font face=arial><b>Search Yahoo! GeoCities</b></font></td></tr> O1 - Hosts: <tr bgcolor=white><td valign=top align=center> O1 - Hosts: <form action="http://rd.yahoo.com/geosearch/err508/*http://geocities.yahoo.com/search" method=get> O1 - Hosts: <input size="14" name="p" value=""> O1 - Hosts: <input type="SUBMIT" value="Search"> O1 - Hosts: <br><font face=arial size=-1><a O1 - Hosts: href="http://rd.yahoo.com/geosearch/err508/*http://geocities.yahoo.com/search/option">advanced search</a></font> O1 - Hosts: </form></td></tr></table> O1 - Hosts: <table width=100% border=0 cellspacing=0 cellpadding=3 bgcolor=ffffff> O1 - Hosts: <tr bgcolor=ccccff><td> O1 - Hosts: <font face=arial><b>Build Your Own Web Site...</b></font> O1 - Hosts: </td></tr> O1 - Hosts: <tr><td> O1 - Hosts: <font face=arial size=-1>With Yahoo! GeoCities, anyone can build a great web site...for free! O1 - Hosts: </td></tr> O1 - Hosts: <tr><td align=center> O1 - Hosts: <b><font face=arial><a href=http://geocities.yahoo.com/reg>Sign Up Now!</a></font></b> O1 - Hosts: </td></tr><tr><td align=center> O1 - Hosts: <a href=http://geocities.yahoo.com/reg><img src=http://us.geo1.yimg.com/pic.geocities.com/us/i/geo/pgs2.gif width=190 height=180 border=0 alt="Yahoo! GeoCities"></a> O1 - Hosts: </td></tr> O1 - Hosts: <tr><td align=right><font face=arial size=-1><a href=http://geocities.yahoo.com/v/info.html>Learn more...</a></font><br><br></td></tr> O1 - Hosts: </table> O1 - Hosts: </td></tr></table> O1 - Hosts: </td> O1 - Hosts: <td width=1> </td> O1 - Hosts: <td valign=top align=center width=425> O1 - Hosts: <script language="JavaScript" type="text/javascript" O1 - Hosts: src="http://adserver.yahoo.com/a?f=76001284&p=geocities&l=MON&c=sr"> O1 - Hosts: </script> O1 - Hosts: <noscript> O1 - Hosts: <iframe O1 - Hosts: src="http://adserver.yahoo.com/a?f=76001284&p=geocities&l=MON&c=sh&bg=ffffff" O1 - Hosts: width=470 height=580 marginwidth=0 marginheight=0 hspace=0 O1 - Hosts: vspace=0 frameborder=0 scrolling=no> O1 - Hosts: </iframe> O1 - Hosts: </noscript> O1 - Hosts: </td> O1 - Hosts: </tr> O1 - Hosts: </table> O1 - Hosts: <br> O1 - Hosts: <table cellpadding=0 cellspacing=0 border=0 width=675><tr><td bgcolor=a0b8c8> O1 - Hosts: <table cellpadding=1 cellspacing=1 border=0 width="100%"> O1 - Hosts: <tr valign=top bgcolor=ffffff><td align=center> O1 - Hosts: <font face=arial size=-2><A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://address.yahoo.com/">Address Book</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://alerts.yahoo.com/">Alerts</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://auctions.yahoo.com/">Auctions</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://billpay.yahoo.com/">Bill Pay</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://bookmarks.yahoo.com/">Bookmarks</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://briefcase.yahoo.com/">Briefcase</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://broadcast.yahoo.com/">Broadcast</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://calendar.yahoo.com/">Calendar</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://chat.yahoo.com/">Chat</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://classifieds.yahoo.com/">Classifieds</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://clubs.yahoo.com/">Clubs</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://companion.yahoo.com/">Companion</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://experts.yahoo.com/">Experts</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://games.yahoo.com/">Games</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://greetings.yahoo.com/">Greetings</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://geocities.yahoo.com/">Home Pages</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://invites.yahoo.com/">Invites</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://mail.yahoo.com/">Mail</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://maps.yahoo.com/">Maps</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://members.yahoo.com/">Member Directory</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://messenger.yahoo.com/">Messenger</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://my.yahoo.com/">My Yahoo!</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://news.yahoo.com/">News</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://paydirect.yahoo.com/">PayDirect</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://people.yahoo.com/">People Search</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://personals.yahoo.com/">Personals</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://photos.yahoo.com/">Photos</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://shopping.yahoo.com/">Shopping</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://sports.yahoo.com/">Sports</A> · <A O1 - Hosts: href="http://rd.yahoo.com/footer/?http://finance.yahoo.com/">Stock Quotes</A> · <A O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe O4 - HKLM\..\Run: [CrossMenu] C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE /Client O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [ThpSrv] c:\WINDOWS\system32\thpsrv /logon O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [TosRotation] "C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe" O4 - HKLM\..\Run: [TAcelMgr] C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe O4 - HKLM\..\Run: [TSkrMain] C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe O4 - HKLM\..\Run: [TAudEffect] C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe /run O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [HPWS myPrintMileage Agent] C:\Program Files\Hewlett-Packard\HP Deskjet 1280\Toolbox\mpm.exe O4 - HKLM\..\Run: [Copperhead] C:\Program Files\CopperheadAntiSpyware\CopperScheduler.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'Default user') O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O4 - Global Startup: Device Detector 2.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DNS Serial Number Service - Unknown owner - C:\WINDOWS\system32\moviemk.exe (file missing) O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe -- End of file - 18165 bytes What do you think? Any processes/malware to kill? Link to comment Share on other sites More sharing options...
Pandora Posted February 28, 2008 Share Posted February 28, 2008 Maybe give us a bit more useful information, like system specs and the date of purchase. Doesn't have to be malware that is making it slow, could just be slow hardware in combination with an unmaintained version of Windows. Link to comment Share on other sites More sharing options...
Huckleberry Pie Posted February 29, 2008 Author Share Posted February 29, 2008 Maybe give us a bit more useful information, like system specs and the date of purchase.Doesn't have to be malware that is making it slow, could just be slow hardware in combination with an unmaintained version of Windows. Actually, it was more or less resolved; I had him get rid of the "Shell=Explorer.exe "C:\WINDOWS\eksplorasi.exe"" reference and the Brontok worm thing that's lagging his rig; I think he bought it in 2005 or 2006... Link to comment Share on other sites More sharing options...
Righty Posted March 2, 2008 Share Posted March 2, 2008 I'd still give ti a spyware / virus scan and run a registry cleaner. Link to comment Share on other sites More sharing options...
Huckleberry Pie Posted March 2, 2008 Author Share Posted March 2, 2008 I'd still give ti a spyware / virus scan and run a registry cleaner. You mean a complete and through one? Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now