Error message 1327 and slow laptop... hjt log inside....

[guestolo]

Is the computer shutting off, or is it restarting?

[jcurrieirocz]

the times it did it on its own it was shuting off. not restarting.

[guestolo]

I take it, this is a Laptop?
Are all the vent holes and fan openings clear of dust?

[jcurrieirocz]

yep very clean. but i have to admit when i had tryed the mbam i had it on my lap and it may of got too hot... but that doesnt explain the full scan shut downs when running mcafee...as it was on the table with lots of venting like now and all before,, also i know my mom never has it on her lap its always on a desk with lots of venting around it.
i guess ill try another full scan if you have no other ideas....

[guestolo]

What's the exact make/model of this laptop?

[jcurrieirocz]

Toshiba satellite A70
pent 4, 3.06ghz 1.37gb ram
p/n PSA70C-ML100E if that helps

[guestolo]

I have to leave for a bit, can you reboot this computer into Safe mode and try running another complete Virus scan, see if it shuts down, take note of what folder or file if possible
I know it's not always easy to catch

[jcurrieirocz]

so it scaned fine in safe mode... only took like 3hrs is this normal? anyhow i guess thats everything i can think of unless you think i should do something else. i mean it didnt shut down but im unsure if its actually going to do it again or not.
but regardless my error message isnt showing anymore and it looks like your mbam scanner picked up a trojan and a butch of that websearch stuff that kept getting on the computer. how do i keep that off or do you think its been on there a long time.
thanks again let me know if theres anything else i shoul do. also what programs should i use with mcafee if any on a regular basis. can I del everything we used to clean it up. thanks Jeff

[jcurrieirocz]

well something else just happend i beggining to think this computer is possesed.... i let it sit doing nothing for about 20mins came back to it and there a butch of windows saying different things had to close/shut down and asking me if i want to send a report,,,in the mean while shuting off my virus protection. it also wouldnt let me shut down so i had to remove the batt. and reboot. now i just ran mbam again but nothing showed up.

[Monkey Moejo]

Click >>Here<< and it should fix your computer. This happened to me but I didn't have questolo on my side! This is the fastest way to fix it!

[guestolo]

Download ComboFix from one of these locations:

[color=\"#0000FF\"]Link 1[/color]
[color=\"#0000FF\"]Link 2[/color]
[color=\"#0000FF\"]Link 3[/color]
[color=\"#FF0000\"]Save it ONLY to your Desktop[/color]

      --------------------------------------------------------------------
[color=\"#2E8B57\"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

• Double click on ComboFix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

[color=\"#2e8b57\"]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
[/color]


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

[jcurrieirocz]

k it ran and heres the scan report....but during the process at stage 2or3 a window poped up saying "dumphive.cfexe had a problem and needed to close send a report or no" then again just before it showed me the log report. is this normal?
also the 2nd combo link d/l site is just a message board just to let you know. the 1st one works great tho.

ComboFix 09-04-04.01 - Alma 2009-04-06 11:02:17.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1407.960 [GMT -7:00]
Running from: c:\documents and settings\Alma\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated)
FW: McAfee Personal Firewall *disabled*
 * Created a new restore point
.

(((((((((((((((((((((((((   Files Created from 2009-03-06 to 2009-04-06  )))))))))))))))))))))))))))))))
.

2100-04-01 18:22 . 2001-04-02 17:47   173   --a------   c:\windows\X83_DS.ini
2100-02-24 15:15 . 2001-04-02 17:30   821   --a------   c:\windows\Lexmark_ICM.ini
2100-02-16 17:09 . 2001-02-16 16:37   62   --a------   c:\windows\system32\LEXUSBCI.INI
2009-04-05 18:16 . 2004-10-04 15:25   <DIR>   d--------   c:\documents and settings\Administrator\Application Data\toshiba
2009-04-05 18:16 . 2004-10-04 15:23   <DIR>   d--------   c:\documents and settings\Administrator\Application Data\InterTrust
2009-04-05 18:16 . 2009-04-05 18:16   <DIR>   d--------   c:\documents and settings\Administrator
2009-04-05 16:26 . 2009-04-05 16:26   <DIR>   d--------   c:\documents and settings\Alma\Application Data\Malwarebytes
2009-04-05 16:25 . 2009-04-05 16:26   <DIR>   d--------   c:\program files\Malwarebytes' Anti-Malware
2009-04-05 16:25 . 2009-04-05 16:25   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-05 16:25 . 2009-03-26 16:49   38,496   --a------   c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-05 16:25 . 2009-03-26 16:49   15,504   --a------   c:\windows\system32\drivers\mbam.sys
2009-04-05 15:29 . 2009-04-05 15:29   <DIR>   d--------   c:\program files\Common Files\Adobe AIR
2009-04-05 11:40 . 2009-04-05 11:41   <DIR>   d--------   C:\rsit
2009-04-05 01:39 . 2009-04-05 01:39   <DIR>   d--------   c:\program files\Trend Micro
2009-04-05 00:52 . 2009-04-05 15:57   <DIR>   d--------   c:\program files\NOS
2009-04-05 00:52 . 2009-04-05 15:57   <DIR>   d--------   c:\documents and settings\All Users\Application Data\NOS
2009-04-05 00:48 . 2009-04-05 00:47   410,984   --a------   c:\windows\system32\deploytk.dll
2009-04-05 00:48 . 2009-04-05 00:47   73,728   --a------   c:\windows\system32\javacpl.cpl
2009-04-05 00:23 . 2009-01-09 12:19   1,089,593   -----c---   c:\windows\system32\dllcache\ntprint.cat
2009-04-04 23:55 . 2008-04-17 12:12   107,368   --a------   c:\windows\system32\GEARAspi.dll
2009-04-04 23:55 . 2009-01-15 12:19   23,848   --a------   c:\windows\system32\drivers\GEARAspiWDM.sys
2009-04-04 23:54 . 2009-04-04 23:55   <DIR>   d--------   c:\program files\iTunes
2009-04-04 23:54 . 2009-04-04 23:54   <DIR>   d--------   c:\program files\iPod
2009-04-04 23:54 . 2009-04-04 23:54   <DIR>   d--------   c:\program files\Bonjour
2009-04-04 23:54 . 2009-04-04 23:55   <DIR>   d--------   c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-04-04 23:50 . 2009-04-04 23:50   <DIR>   d--------   c:\program files\Windows Installer Clean Up
2009-04-04 23:49 . 2009-04-04 23:49   <DIR>   d--------   c:\program files\MSECACHE
2009-04-04 23:19 . 2009-04-04 23:19   54,156   --ah-----   c:\windows\QTFont.qfn
2009-04-04 23:19 . 2009-04-04 23:19   1,409   --a------   c:\windows\QTFont.for
2009-04-04 22:45 . 2009-04-04 22:45   <DIR>   d--------   C:\cb580169a882c95443c199ef
2009-04-04 22:43 . 2009-04-04 22:43   <DIR>   d--------   c:\windows\system32\XPSViewer
2009-04-04 22:43 . 2009-04-04 22:43   <DIR>   d--------   c:\program files\Reference Assemblies
2009-04-04 22:43 . 2009-04-04 22:43   <DIR>   d--------   c:\program files\MSBuild
2009-04-04 22:41 . 2009-04-04 22:45   <DIR>   d--------   C:\bb524ae599a3b9e73e1c60aa
2009-04-04 22:37 . 2009-04-04 22:38   <DIR>   d--------   C:\937c44df877e0f2717fa19b5
2009-04-04 22:37 . 2008-07-06 05:06   1,676,288   ---------   c:\windows\system32\xpssvcs.dll
2009-04-04 22:37 . 2008-07-06 05:06   1,676,288   -----c---   c:\windows\system32\dllcache\xpssvcs.dll
2009-04-04 22:37 . 2008-07-06 03:50   597,504   -----c---   c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-04-04 22:37 . 2008-07-06 05:06   575,488   ---------   c:\windows\system32\xpsshhdr.dll
2009-04-04 22:37 . 2008-07-06 05:06   575,488   -----c---   c:\windows\system32\dllcache\xpsshhdr.dll
2009-04-04 22:37 . 2008-07-06 05:06   117,760   ---------   c:\windows\system32\prntvpt.dll
2009-04-04 22:37 . 2008-07-06 05:06   89,088   -----c---   c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-04-04 22:28 . 2009-04-04 22:39   <DIR>   d--------   C:\984c8dbfc0bed63687
2009-04-04 15:42 . 2009-04-04 23:55   <DIR>   d--------   c:\documents and settings\Alma\Application Data\Apple Computer
2009-04-04 12:05 . 2009-04-04 23:55   <DIR>   d----c---   c:\windows\system32\DRVSTORE
2009-04-04 12:05 . 2009-04-04 12:05   <DIR>   d--------   c:\program files\Apple Software Update
2009-04-04 12:04 . 2009-04-04 23:54   <DIR>   d--------   c:\program files\Common Files\Apple
2009-04-04 12:04 . 2009-04-04 12:04   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Apple
2009-03-20 19:22 . 2009-03-20 19:22   <DIR>   d--------   c:\windows\system32\config\systemprofile\Application Data\SACore
2009-03-06 17:04 . 2009-03-06 17:04   <DIR>   d--------   c:\documents and settings\LocalService\Application Data\SACore

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2100-04-08 19:45   69,632   ----a-w   c:\windows\system32\Lxasmdm.dll
2009-04-05 22:28   ---------   d-----w   c:\program files\Common Files\Adobe
2009-04-05 21:20   ---------   d--h--r   c:\documents and settings\All Users\Application Data\yahoo!
2009-04-05 21:15   ---------   d-----w   c:\documents and settings\Alma\Application Data\Nero
2009-04-05 07:47   ---------   d-----w   c:\program files\Java
2009-04-05 06:54   ---------   d-----w   c:\documents and settings\All Users\Application Data\Apple Computer
2009-04-05 06:53   ---------   d-----w   c:\program files\QuickTime
2009-04-05 06:32   ---------   d-----w   c:\program files\Azureus
2009-03-30 03:20   ---------   d-----w   c:\documents and settings\Alma\Application Data\ZoomBrowser EX
2009-03-30 01:08   ---------   d-----w   c:\documents and settings\All Users\Application Data\ZoomBrowser
2009-03-30 00:44   ---------   d-----w   c:\program files\McAfee
2009-03-22 23:56   ---------   d-----w   c:\documents and settings\All Users\Application Data\McAfee
2009-03-06 22:38   ---------   d-----w   c:\documents and settings\All Users\Application Data\SiteAdvisor
2009-03-05 23:33   ---------   d-----w   c:\program files\BHOK It Consulting
2009-03-05 22:09   ---------   d-----w   c:\program files\Common Files\McAfee
2009-03-05 22:08   ---------   d-----w   c:\program files\McAfee.com
2009-02-09 11:13   1,846,784   ----a-w   c:\windows\system32\win32k.sys
2008-08-01 04:01   64,992   ----a-w   c:\documents and settings\Alma\Application Data\GDIPFONTCACHEV1.DAT
2007-04-12 04:40   132   ---ha-w   c:\documents and settings\Alma\Application Data\Balzo.dat
2001-06-21 00:19   40,960   ----a-w   c:\program files\ACMonitor_X83.exe
2008-06-28 22:17   32,768   --sha-w   c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008062820080629\index.dat
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-05 65536]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"WeatherEye"="c:\program files\TheWeatherNetwork\WeatherEye\WeatherEye.exe" [2009-01-16 4519832]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 1961984]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-03 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-07-10 339968]
"CeEKEY"="c:\program files\TOSHIBA\E-KEY\CeEKey.exe" [2004-06-14 638976]
"CeEPOWER"="c:\program files\TOSHIBA\Power Management\CePMTray.exe" [2004-08-19 135168]
"EzButton"="c:\program files\EzButton\EzButton.EXE" [2004-05-13 712704]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2003-10-30 192512]
"TPNF"="c:\program files\TOSHIBA\TouchPad\TPTray.exe" [2004-03-14 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-07-20 122939]
"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-02-03 1089589]
"LtMoh"="c:\\Program Files\\ltmoh\\Ltmoh.exe" [2003-09-26 184320]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"PrinTray"="c:\windows\System32\spool\DRIVERS\W32X86\2\printray.exe" [2001-06-27 36864]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Lexmark X83 Button Monitor"="c:\progra~1\LEXMAR~1\ACMonitor_X83.exe" [2001-03-16 40960]
"Lexmark X83 Button Manager"="c:\progra~1\LEXMAR~1\AcBtnMgr_X83.exe" [2001-06-14 53248]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-16 398944]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-08 645328]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-01-09 1176808]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-05 148888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"NDSTray.exe"="NDSTray.exe" [BU]
"AGRSMMSG"="AGRSMMSG.exe" [2004-02-20 c:\windows\agrsmmsg.exe]

c:\documents and settings\Alma\Start Menu\Programs\Startup\
Billminder.lnk - c:\quickenw\billmind.exe [2006-02-18 25600]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Exif Launcher.lnk - c:\program files\FinePixViewer\QuickDCF.exe [2005-04-21 241664]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2004-10-04 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office10\\WINWORD.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\McAfee\\MBK\\McAfeeDataBackup.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"6889:TCP"= 6889:TCP:az

R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2004-10-02 6016]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2009-03-06 210216]
S2 BulkUsb;Genesys Logic USB Scanner Controller NT 5.0;c:\windows\system32\drivers\usbscan.sys [2005-05-08 15104]
.
Contents of the 'Scheduled Tasks' folder

2009-04-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-03-05 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-09 10:53]

2009-03-05 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-09 10:53]

2005-04-21 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-04-13 17:12]

2005-04-21 c:\windows\Tasks\Registration reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-04-13 17:12]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Simple Star PhotoShow Media Manager - c:\progra~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
HKCU-Run-Nero PhotoShow Media Manager - c:\progra~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
HKCU-Run-Sonic RecordNow! - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://ca.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://ca.search.yahoo.com/search?fr=mcafee&p=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-06 11:04:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ...

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-04-06 11:06:23
ComboFix-quarantined-files.txt  2009-04-06 18:06:20

Pre-Run: 43,580,510,208 bytes free
Post-Run: 43,637,399,552 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

199   --- E O F ---   2009-04-05 07:19:12

[guestolo]

How are things running on this machine now?

[jcurrieirocz]

umm i didnt really use it yet much to try it out i wasnt sure if you were done or not,,,but if you want ill test it out for a bit and see. The computer was shuting down cause it was hot i guess (my mom normally uses a fan base or something to sit it on) anyhow that still doesnt explain to me the 2 shutdowns on full scan only and both at 1% kinda funny right. anyhow she said that it does lock up often with everthing wanting to close if you dont use the computer for like 20mins or so and let it sit (only happen to me once tho in the last day or so),,,but if continue to use it it was fine. As for start up and speed it seems alot better then before, and the error messages are gone. It hasnt shut down on me lately but ive not been useing it too much.
Ill continue to test it out for the next day or two and let yah know how it turns out...but for now youve been a huge help as always and I thank you again and my mom thanks you too. later 4 now
Jeff
PE, Canada

[guestolo]

Go ahead and delete RSIT.exe on desktop
As well as it's folder C:\rsit

Also, manually delete fix.reg, export.bat>>and it's folder (files)

Go to START>>RUN>>
copy and paste the following

 [color=\"#FF0000\"]combofix /u[/color]
and press enter
This will uninstall ComboFix and it's components

I suggest that you add SpywareBlaster to your protection software
SpywareBlaster  by JavaCool  
At the link you can read more about it then continue with
Free Download on the right>>Continue Download at next page
Basically it

*Will block bad ActiveX Controls
*Block Malevolent cookies in Internet Explorer and Firefox
*Restrict actions of potentially dangerous sites in Internet Explorer

Select Manual updating when installing
After installation, Check for updates
After updating, select "Protection Status" on the Left
Then select "Enable all Protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"
or again, click on Protection Startus>>enable all protection

The Toshiba Satellite A70, like a lot of other Laptops, are known for overheating
My Dell was doing the same, not shutting down however, but I was comfortable enough to open the inside of it and clean the whole inside, Including removing the Processor and cleaning off the old Thermal Paste and apply my own
I don't expect you to go that far, but you may want to get a can of compressed air and clean what you can from the outside of the laptop thru any holes
Or if you are comfortable inside the laptop
Take a look at this link
The Heatsink on this model, is well known to clog up with dust
http://www.laptopka.com/2006/03/18/taking-apart-notebook/

[jcurrieirocz]

oh i dont mind opening it up.... and cleaning it,,,ive opened alot worse items
k looks like like i still have unrelated isues so im starting a new thread about them...
jeff