evdle4u6.exe and jle7.exe

Computing.Net > Forums > Windows XP > evdle4u6.exe and jle7.exe

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

evdle4u6.exe and jle7.exe

Name: Link
Date: December 10, 2003 at 06:24:50 Pacific
OS: xp home
CPU/Ram: 1.7 celeron/200meg

Comment:

3%-10% cpu. I cannot find any info on these. Any Ideas??I am cleaning/tuning a friends laptop(hp ze4200). I've run adaware, spybot, virus scan, and have manually removed several unnecessary startup programs. There are 2 processes( evdle4u6.exe and jle7.exe ) running that are constantly using between
Thanks in advanced, Link

Sponsored Link

Ads by Google

Response Number 1

Name: gtlakes
Date: December 10, 2003 at 06:36:24 Pacific

Reply:

A google search for evdle4u6.exe
resulted in this link.
Check it out.
http://forums.techguy.org/t181616/s9dd32d5d4285ab4a34581877274bb324.html

Response Number 2

Name: Link
Date: December 10, 2003 at 06:49:26 Pacific

Reply:

Thanks, however I already seen this, its just included in a hijack list of programs, nothing specific for either of these programs.
Link

Response Number 3

Name: Tom41
Date: December 10, 2003 at 07:14:07 Pacific

Reply:

Appears to be Trojan.Peper. Download 'Hijack This!'. Unzip, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, click "Save Log", and copy and paste it in a reply.
HijackThis!

Response Number 4

Name: jllinko
Date: December 10, 2003 at 08:29:46 Pacific

Reply:

Tom41,
Thanks for your assistance. Here is the list you requested.
Link

Logfile of HijackThis v1.97.7
Scan saved at 11:05:57 AM, on 12/10/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\VetMsgNT.exe
C:\WINDOWS\System32\carpserv.exe
C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\MSN Messenger\MsnMsgr.exe
C:\WINDOWS\System32\Jle7.exe
C:\WINDOWS\System32\Evdle4U6.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\download\hijackthis\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us4nb.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us4nb.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us4nb.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.rr.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us4nb.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://srch-us4nb.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Roadrunner
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [TV Now] C:\Program Files\HPQ\Notebook Utilities\TvNow.exe /RK
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [2P6WFAX43ZHE7C] C:\WINDOWS\System32\Lww1.exe
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKCU\..\Run: [Forbes] C:\Program Files\Forbes\ForbesAlerts.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.exe" /background
O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
O4 - Global Startup: EZ Firewall.lnk = C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.exe
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.rr.com
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Response Number 5

Name: Tom41
Date: December 10, 2003 at 08:32:36 Pacific

Reply:

Please follow these steps, in exactly that order:
Run this uninstaller:
http://home01.wxs.nl/~kleyn080/uninst.exe
When done, use the following tool to delete the files themselves:
Download Drpepertobackup.exe, save to disk, and doubleclick the file; it will self extract to c:\.
Find the "C:\drpeper\Find backup and Delete Peper files.vbs" file and double click it.
http://www.mjc1.com/files/mo/drpepertobackup.exe

On the first prompt, copy and paste: Jle7.exe
.... and hit ok.
On the second, paste: Evdle4U6.exe and hit ok again.

It will find all the files, delete them and will make backups in the same folder.
It'll open a text file (Peper.txt) with the list of all files deleted.
When finished, reboot and run another hijack scan and post the log.

please do not install emm386.exe and himem.sys web.exe and up_lib.exe Spoolss.exe and Spoolss.dll files	spoolss.exe and spoolss.dll download difference between cmd.exe and command.com iexplore.exe and explore.exe
See More

Response Number 6

Name: Link
Date: December 10, 2003 at 16:33:43 Pacific

Reply:

Tom41,
Problem resolved. Thank you very much. I have more problems. The cpu now idles at 2 percent with process lsass and taskmgr using cpu and svchost and explorer occasionally popping in. Any ideas? Other wise, thanks again.
PS - How did you know what the problem was, the funny file names, some other process/startup running, great shot in the dark???
Link

Response Number 7

Name: Link
Date: December 10, 2003 at 16:45:18 Pacific

Reply:

Tom41,
And why didnt Norton pick up on this??
Link

Sponsored Link

Ads by Google

Computer Problems

How to create a full imag...

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Windows XP Forum Home

Sponsored links

Ads by Google

Results for: evdle4u6.exe and jle7.exe

svchost.exe and alg.exe and Zonealarm fr

Summary

www.computing.net/answers/windows-xp/svchostexe-and-algexe-and-zonealarm-fr/16389.html

Explorer.exe and SVChost.exe

Summary

www.computing.net/answers/windows-xp/explorerexe-and-svchostexe/158150.html

netcfg.exe and factory.exe

Summary

www.computing.net/answers/windows-xp/netcfgexe-and-factoryexe/78528.html

From the Geek Dictionary
offline - This is a term used to describe the current state a person is in with relat...

Ask a Question!

Weekly Poll
What do you think of the new preview of Chrome OS?

Poll Finishes In 6 Days.
Discuss in The Lounge
Poll History

Recent Posts
quit working

Best CD/DVD Printers

pc powers on but no boot

need mouse

After an XP reinstall, backup drives go RAW

All Awaiting Reply

Tom's News
Woman Tracks Down Club Attacker on Facebook

Geolocation Functions Come to Twitter

New Craigslist Trend: Trade Sex for Rent?

Law Firm Investigates MS Over Xbox Live Bans

Amazon Charges $25 for Palm Pixi and $80 for Pre

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE