Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

tcptapi process slowing down machine

Posted on 2004-10-29
3
Medium Priority
?
187 Views
Last Modified: 2010-05-18
I have a windows 2000 professional machine that is very slow running any apps.  I went to Task Manager and looked at the processes.  I noticed one called tcptapi that was using up to 98% of the processor at times and 40% at the lowest.  I kill that process, but within a couple seconds it starts up again.  I searched the registry for tcptapi and found it in HKLM/Software/Microsoft/Windows/CurentVersion/Run.  It was call *tcptapi with a value of C:\winnt\cursors\tcptapi.exe.  I go to that directory and there is no tcptapi.exe there (Hidden files are being shown).  I do however find a tmp file called ipatpct.tmp.  This cannot be deleted while the tcptapi process is running.  I then log out and access the computer from another computer on the network to delete that tmp file.  So, I now have both the registry key and tmp file deleted, but once I log back in the registry key is back, the process starts back up, and the tmp file has returned.  At least this time I can stop the process without it immediately starting again.  I can remove the tmp file again, along with stopping the process, and removing the registry key, but as soon as I log off and back on, it is back.  Any suggestions?
0
Comment
Question by:goodnetworking
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 18

Accepted Solution

by:
luv2smile earned 1000 total points
ID: 12444114
Have you tried running AdAware and Spybot on the system to help clean it of any malware crap?

Adaware http://www.lavasoftusa.com/software/adaware/

And

Spybot http://www.safer-networking.org/en/spybotsd/index.html

Run them both in safe mode and normal mode.
0
 
LVL 18

Expert Comment

by:luv2smile
ID: 12444122
Also make sure you update both programs before running them.
0
 

Author Comment

by:goodnetworking
ID: 12445146
Thank you!  After updating Ad-Aware, it found the culprit.  It was some Spyware called Virtomundo.  I believe the file that kept running the process was called tcpole.exe.  It found a couple others related to this spyware also.  It did only find it after the program was updated though.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question