|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
January 28th, 2005, 12:24 PM
|
|||
|
|||
|
Please Help!
Hello,
I'm having a few problems with my pc. Here is info. on pc - Intel [R] Pentium [R] 4 CPU 2.00 GHz AT/AT COMPATIBLE 261,424 KB RAM Windows 2k PRo This was a customized pc, we collected parts from different brands.. and assembled by ourselves. (me, my dad) Now, i'm having problems with the pc - 1. I just did a new installation few days back due to constant restarting of the pc.. and it stayed perfect for about 4-5 days. Now, it starts restarting again continuously, however, once or twice i can log on without any problems. Then, the next time i shut down, the problem starts again - as soon as i see the desktop, an error comes up with "cmd.exe" and says "iel.exe is not a valid win32 application", opens up a dos window and then an internet explorer window. 2. I checked the processes and there are LOTS of processes running which slow my pc down. For example, windup.exe, zaadt.exe, rundll32.exe. 3. Here is my HijackThis log - Logfile of HijackThis v1.99.0 Scan saved at 10:49:49 AM, on 28/01/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: E:\WINNT\System32\smss.exe E:\WINNT\system32\winlogon.exe E:\WINNT\system32\services.exe E:\WINNT\system32\lsass.exe E:\WINNT\system32\svchost.exe E:\WINNT\system32\spoolsv.exe E:\WINNT\System32\svchost.exe E:\WINNT\System32\nvsvc32.exe E:\WINNT\system32\regsvc.exe E:\WINNT\system32\MSTask.exe E:\WINNT\System32\WBEM\WinMgmt.exe E:\WINNT\system32\svchost.exe E:\WINNT\Explorer.EXE E:\Program Files\MSN Messenger\MsnMsgr.Exe E:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Program Files\WinRAR\WinRAR.exe D:\Hot Games\Diablo II\Diablo II.exe E:\DOCUME~1\DILEEP~1\LOCALS~1\Temp\Rar$EX00.563\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [TCPXP Update] tcpxp.exe O4 - HKLM\..\Run: [Windows Compliant] zaadtt.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WindowsRegKey update] windup.exe O4 - HKLM\..\Run: [NetPumper] "E:\Program Files\NetPumper\NetPumperIEProxy.exe" O4 - HKLM\..\Run: [Sygate Personals Firewall] myjrif.exe O4 - HKLM\..\RunServices: [TCPXP Update] tcpxp.exe O4 - HKLM\..\RunServices: [Windows Compliant] zaadtt.exe O4 - HKLM\..\RunServices: [WindowsRegKey update] windup.exe O4 - HKLM\..\RunServices: [Sygate Personals Firewall] myjrif.exe O4 - HKCU\..\Run: [Windows Compliant] zaadtt.exe O4 - HKCU\..\Run: [TCPXP Update] tcpxp.exe O4 - HKCU\..\Run: [WindowsRegKey update] windup.exe O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Sygate Personals Firewall] myjrif.exe O4 - HKCU\..\Run: [Yahoo! Pager] E:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet O8 - Extra context menu item: &Google Search - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward Links - res://E:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://E:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Download with NetPumper - E:\Program Files\NetPumper\AddUrl.htm O8 - Extra context menu item: Similar Pages - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://E:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINNT\web\related.htm O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - E:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - E:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/en/filesharingctrl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - E:\WINNT\System32\dmadmin.exe O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - E:\WINNT\System32\nvsvc32.exe All the help is appreciated. Thanks 
|
|
#2
January 31st, 2005, 02:19 PM
|
|||
|
|||
|
Print out these instructions and then close all windows including Internet Explorer.
Then I want you to fix some of those entries. Please do the following: Please make sure that you can view all hidden files. Instructions on how to do this can be found here: How to see hidden files in Windows Run Hijackthis again, click scan, and Put a checkmark next to each of these. Then click the Fix button: O4 - HKLM\..\Run: [TCPXP Update] tcpxp.exe O4 - HKLM\..\Run: [Windows Compliant] zaadtt.exe O4 - HKLM\..\Run: [WindowsRegKey update] windup.exe O4 - HKLM\..\Run: [Sygate Personals Firewall] myjrif.exe O4 - HKLM\..\RunServices: [TCPXP Update] tcpxp.exe O4 - HKLM\..\RunServices: [Windows Compliant] zaadtt.exe O4 - HKLM\..\RunServices: [WindowsRegKey update] windup.exe O4 - HKLM\..\RunServices: [Sygate Personals Firewall] myjrif.exe O4 - HKCU\..\Run: [Windows Compliant] zaadtt.exe O4 - HKCU\..\Run: [TCPXP Update] tcpxp.exe O4 - HKCU\..\Run: [WindowsRegKey update] windup.exe O4 - HKCU\..\Run: [Sygate Personals Firewall] myjrif.exe Reboot your computer into Safe Mode Then delete these files or directories (Do not be concerned if they do not exist) c:\windows\system32\tcpxp.exe c:\windows\system32\zaadtt.exe c:\windows\system32\windup.exe c:\windows\system32\myjrif.exe Reboot your computer to go back to normal mode and post a new log.
__________________
Grinler BleepingComputer.com: Computer Help & Tutorials for the beginning computer user
|
|
| Viewing: Dev Shed Forums > System Administration > Antivirus Protection > Please Help! |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
