Jump to content

MSCONFIG STARTUP LIST

Flamejanes

By Flamejanes
in Windows XP

 Share

Recommended Posts

Flamejanes

Flamejanes

Posted
Posted

I have winxp and I was wondering if someone could help me fix a problem? When I open "Msconfig" I see that there are like "20 something plain square boxes" :} in my startup list, located in (software\microsoft\windows nt\currentversion\windows)

I don't know if that's (HKLM or HKCU or what) thats the only location description it shows. How do I find it & delete it? Any help would be deeply appreciated


Cartoonite

Cartoonite

Posted
Posted

Could be either HKLM or HKCU. Most likely it is a combination of both.

I suggesting checking both keys. Might also want to run up-to-date virus, spyware and trojan scans, just to make sure your PC is clean.

Plain check boxes in the Startup section of msconfig make me nervous. :}

Flamejanes

Flamejanes

Posted
  • Author
Posted

Yeah it makes me nervous also :unsure: I've ran ad-aware se, spybot, xoft spy, ewido security suite, registry mechanic 4, norton & even sbc anti-spy thingy but, nothing finds & delete it. I believe it what's causing my cd-r burner to be in use. (WMP reports my cd-r drive as being in use already & wont burn most times) :w00t:

Takeshi

Takeshi

Posted
Posted

You can open regedit and manually go to HKCU and HKLM Run keys and look for these entries and delete them.

Msconfig won't delete them even if you untick the boxes.

Other tools like HijackThis will list all the startup entries in more detail than msconfig and enable you to delete them easily.

Tarun

Tarun

Posted
Posted
I have winxp and I was wondering if someone could help me fix a problem? When I open "Msconfig" I see that there are like "20 something plain square boxes"  :}  in my startup list, located in (software\microsoft\windows nt\currentversion\windows)

I don't know if that's (HKLM or HKCU or what) thats the only location description it shows. How do I find it & delete it?  Any help would be deeply appreciated

Use HijackThis and paste a log in the Malware Prevention forum.

Flamejanes

Flamejanes

Posted
  • Author
Posted

Here is my HJT Log

Logfile of HijackThis v1.99.0

Scan saved at 9:17:41 AM, on 6/7/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\Explorer.exe

C:\Program Files\Yahoo!\browser\ybrwicon.exe

C:\HP\KBD\KBD.EXE

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CMPDPSRV.EXE

C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\interMute\SpamSubtract\SpamSub.exe

C:\PROGRA~1\Yahoo!\browser\ycommon.exe

C:\WINDOWS\System32\msiexec.exe

C:\Program Files\Yahoo!\browser\YBrowser.exe

C:\Program Files\Yahoo!\Messenger\YPAGER.EXE

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\hijackthis.exe

F2 - REG:system.ini: Shell=C:\WINDOWS\Explorer.exe

O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [iPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [CMPDPSRV] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CMPDPSRV.EXE

O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe

O16 - DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} (WXcom Class) - http://us.dl1.yimg.com/download.yahoo.com/...ntr_current.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{851FA0D9-8763-4662-83EA-DCB1C7FEEFBC}: NameServer = 69.50.166.94 69.31.80.244

O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Norton AntiVirus Auto-Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Cartoonite

Cartoonite

Posted
Posted

Looks okay to me, but I don't really have much experience with HTJ.

Use HijackThis and paste a log in the Malware Prevention forum.

This is not the Malware Prvention forum. You may get more enlightened responces from there. :P

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...