proccessee freezing my computer

i have 512 ram and i cleaned all the viruses (i think) and my computer freezes

at the startup i have 3 processes that are the same accept they take up more space

 i have mainsrv.exe

smss.exe that look funny

please help me this system is freezing and i need to get it up and running thanks
i check the computer with ad ware and scanned it for viruses

Who is Participating?
well if the folder is undeletable because of a virus the above might have helped you...but anyway...

there are many reasons a folder can be undeletable...but it's usually a filename problem or a permissions problem. in either case there is not really a 'easy' solution.

this is what you need to do.

1. Read this document to reset ALL the permissions on the folder
How to set, view, change, or remove file and folder permissions in Windows XP;en-us;q308418

2. Read this document to delete the folder
You cannot delete a file or a folder on an NTFS file system volume;en-us;320081

they are long, but so are the steps to deleting a folder that is not deletable. good luck.
LucFEMEA Server EngineerCommented:
Hi ibartek,

Svchost.exe is a perfectly normal systemfile.
mainsrv.exe belongs to a program named ProPrinter.
smss.exe also is a perfectly normal systemfile.

About your freezing problem, check out your system temperatures, see if anything is overheating.


having multiple instances of svchost.exe is normal too btw
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

Did you have a lot of viri on the computer.  I assume since you said you think you got rid of all of them.  Did you re-run your Anti Virus program with updated defs. after you ran to remove the ones you had.  When I find a computer with many virus infections I usually run the AV program once and then reboot the machine into safe mode and do it again to make sure it caught everything.

As for your freezing problem it is kind of hard to figure out with the little information provided.

Try downloading hijackthis and run the scan and save the log file and then copy and paste it in here so we can have a look at what is going on.

Good Luck.
ibartekAuthor Commented:
Logfile of HijackThis v1.97.7
Scan saved at 4:48:33 PM, on 02/09/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\areias\prefs.js)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\msgr.en-us.en-ca\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [HPWH myPrintMileage Agent] C:\Program Files\Hewlett-Packard\hp business inkjet 1100 series\Toolbox\mpm.exe
O4 - HKLM\..\Run: [Extranet AutoDial] C:\Program Files\AMADEUS VPN\AutoExt.exe
O4 - HKLM\..\Run: [gbevli] C:\WINDOWS\System32\aercfq.exe
O4 - HKLM\..\Run: [tcpsyssrv.bat] C:\WINDOWS\tcpsyssrv.bat
O4 - HKLM\..\Run: [tcpsyssrv.exe] C:\WINDOWS\tcpsyssrv.exe
O4 - Global Startup: LYFY.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {051FE707-9706-11D5-A836-000102A7C938} (Amadeus Automatic Update) -
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {266BB960-7DA8-11D4-A849-00008321B7D9} (Amadeus Cmd Page Cross Communication) -
O16 - DPF: {29C13B62-B9F7-4CD3-8CEF-0A58A1A99441} -
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {3D518D7D-422F-4787-AC71-10BB552E897B} (Amadeus_SP2_Patcher Class) -
O16 - DPF: {421A63BA-4632-43E0-A942-3B4AB645BE51} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {665C05C1-517D-11D3-BE4A-00008322ED5D} (MSIInspect.Inspector) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) -
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} -
O16 - DPF: {CDE9DD16-37C8-11D5-8476-000102A80AF0} (Socks Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
O16 - DPF: {E037FC50-FE36-11D3-BEEB-00008322EEB5} (PPUpdate Class) -
O16 - DPF: {EBE01DF7-D451-11D5-A842-000102A97CAB} (AmadeusInit.Init) -

please help me
i'd get rid of these...

O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [gbevli] C:\WINDOWS\System32\aercfq.exe
O4 - HKLM\..\Run: [tcpsyssrv.bat] C:\WINDOWS\tcpsyssrv.bat
O4 - HKLM\..\Run: [tcpsyssrv.exe] C:\WINDOWS\tcpsyssrv.exe
O4 - Global Startup: LYFY.EXE
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -

make sure once you remove them that you then give a full scan of ad-aware
I agree with Dvation......some of these look like they could be a virus.  In particular I would look at LYFY.EXE.

Can you give us more detail as to what or how many virus were removed from the computer.  Was the computer infected and then you installed an AV program to remove them or did the AV program just not have updated defs. and that is how it got infected.

Also have you tried running the AV program from safe mode?

ibartekAuthor Commented:
i had some trojens some bagels and BKDR RSCRTA

i have soem suspicious files on my cmputer but they won't delete

i log in as admin but they are set to read only and don't have an option to edit

so i cannot delete them from the recycle bin and from the c dive

is there any tool thta could set the options and i would be able to delete
it say access denided

and also

when i have a file in the rycycle bin and it says that it cannot be deleted because the dir isn't empty but when i look itto the recycle bin
there isn't anything

please help me with this

what OS are you running? I may have a fix for not being able to delete some files/read only,
run these :

Spybot :
adaware :                       online scan for trojans
If it finds a virus, write it down; then look up the virus information removal and delete it using the proper protocol
ibartekAuthor Commented:

but i also cannot delete some folders
ibartek ...
assuming you have cable internet or dsl, reboot the computer...before the windows xp logo comes up, keep tapping F8 to get into safe mode.

When the safe mode menu comes up, choose 'Safe Mode with Networking' ... this will disable all startup items not necessary for you to be on the internet.

the go to this website to clean the viruses off your computer...
ibartekAuthor Commented:
listen i did that 10
i have 2 folders that are access denined and i cannot change their options to
do what ever i waqnt with it

the only option that is there

is read only

i need to delete it and
even in safe mde the message comes up and says access denid

please help me find a tool that could

delete these access denied folders and hidden files


i tried moveonboot but it doesn't work


One thing that you can try, which I have done for things like this, is boot into the XP cd and choose the recovery console to boot into.  Once you are there navigate to the folder that contains the files/folders you cannot delete and then delete them that way.

You can type del or delete and then a space and then the file name with the extension if it has one and it will delete the file.  Be careful to make sure you don't delete system files.

Another option is if you have another windows machine (must be a win 2k or xp) is to take your drive out of your machine and slave it into the other machine.  Look for the files and then delete them that way.  

Good Luck I hoped this helps.
good suggestions tmireles, but i don't think that will help you with permission problems, as both in the recovery console and from another xp/2000 machine, permissions will be retained...but who knows, its always worth a shot
You might be right on this in recovery console.  I had a bad virus I couldn't get rid off because it was starting up as a service and would not let me kill the process or anything else.  It could not be deleted in regular or safe mode so I ended up trying the recovery console and this worked for me so not sure if the situation is the same.

If connected to another machine he might have to take ownership of the files but not real sure as I don't know if the access denied is just because the files are in use.  But worth a try with another machine and if it doesn't work then we will have to walk him through how to take ownership of the files.

Its either that or reformat and re-install and I am guessing he doesn't want to do that.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.