Scanner Advice Please..Again

Ian FG · January 25, 2005

er...not quite what i meant kendo, but I see where you're coming from

kendo · January 25, 2005

I hope not,must get tissue.

nursejudy · January 26, 2005

Dear me ...trying to be serious ..how do I un zip

this download or file...

IanR · January 26, 2005

If you don't know how to un-zip the file, go here: http://home.earthlink.net/~rmbox/Reticulat...ed/Only_IE.html and download startlog.com (near the bottom of the page).

Cheers

Ian.

Ian FG · January 26, 2005

Or you could go here: http://www.winzip.com/ and download the evaluation version.

nursejudy · January 27, 2005

there sure seems a lot!!!!

-------- C:WINDOWSdesktopStartUp.Log

Start-Ups checked at 26/01/2005 20:28:45.88

__________________________________________________________________________

StartUp Log for Windows 95/98 - Freeware by rmbox

__________________________________________________________________________

Comments:

This is a log of all the programs on your computer that

are starting automatically every time you start Windows.

Using this log can be a quick way to spot trojans.

StartUp Log (version 1.58) - Release Date 11/9/2002

__________________________________________________________________________

StartUp Log Index

1. HKLM Run

2. HKCU Run

3. HKLM RunOnce

4. HKCU RunOnce

5. HKLM RunServices

6. HKLM RunServicesOnce

7. WIN.INI file

8. SYSTEM.INI file

9. AUTOEXEC.BAT file

10. StartUp folder

11. All Users StartUp

12. Misc. StartUp Configurations

__________________________________________________________________________

The following is a list of your current Start-Ups

__________________________________________________________________________

1. HKLM Run - Registry

[RegPath]

"StartUp"

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"ScanRegistry"="c:windowsscanregw.exe /autorun"

"TaskMonitor"="c:windowstaskmon.exe"

"SystemTray"="SysTray.Exe"

"LoadPowerProfile"="Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"

"EACLEAN"="C:Program FilesCompaqEasy Access Button Supporteaclean.exe /NORESTART"

"CPQEASYACC"="C:PROGRAM FILESCOMPAQEASY ACCESS BUTTON SUPPORTCpqeaui.exe"

"AtiCwd32"="Aticwd32.exe"

"AtiKey"="Atitask.exe"

"Essdc"="essdc.exe"

"CPQSTUTFIX"="C:Windowsstutfix.exe"

"Aureal A3D Interactive Audio Init"="A3dInit.exe"

"Compaq Internet Setup"="C:CompaqInternetInetWizard.exe /RUN"

"Watch Dog Program"="C:COMPAQINTERNETWATCHDOG.EXE"

"LoadQM"="loadqm.exe"

"Logitech Utility"="LOGI_MWX.EXE"

"Zone Labs Client"=""C:Program FilesZone LabsZoneAlarmzlclient.exe""

"StillImageMonitor"="C:WINDOWSSYSTEMSTIMON.EXE"

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOptionalComponents]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOptionalComponentsMS

FS]

"Installed"="1"

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOptionalComponentsMA

PI]

"NoChange"="1"

"Installed"="1"

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOptionalComponentsIM

AIL]

"Installed"="1"

==========================================================================

__________________________________________________________________________

2. HKCU Run - Registry

[RegPath]

"StartUp"

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]

"MsnMsgr"=""c:Program FilesMSN MessengerMsnMsgr.Exe" /background"

"PopUpStopperProfessional"=""C:PROGRAM FILESPANICWAREPOP-UP STOPPER PROFESSIONALPOPUPSTOPPERPROFESSIONAL.EXE""

"H/PC Connection Agent"=""C:PROGRAM FILESMICROSOFT ACTIVESYNCWCESCOMM.EXE""

==========================================================================

__________________________________________________________________________

3. HKLM RunOnce - Registry

[RegPath]

"StartUp"

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOnce]

==========================================================================

__________________________________________________________________________

4. HKCU RunOnce - Registry

[RegPath]

"StartUp"

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunOnce]

==========================================================================

__________________________________________________________________________

5. HKLM RunServices - Registry

[RegPath]

"StartUp"

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices]

"LoadPowerProfile"="Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"

"Aureal A3D Interactive Audio"="sa3dsrv.exe"

"TrueVector"="C:WINDOWSSYSTEMZONELABSVSMON.EXE -service"

==========================================================================

__________________________________________________________________________

6. HKLM RunServicesOnce - Registry

[RegPath]

"StartUp"

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServicesOnce]

==========================================================================

__________________________________________________________________________

7. WIN.INI File - (c:windowswin.ini)

Your win.ini run/load lines should look like run= and load= exclusively.

There should be nothing to the right of the equal signs.

These are the run and load lines in your WIN.INI file

run=

load=

==========================================================================

__________________________________________________________________________

8. SYSTEM.INI File - (c:windowssystem.ini)

Your system.ini shell line should look like shell=Explorer.exe exclusively.

You should only see Explorer.exe following the equal sign.

This is the shell line in your SYSTEM.INI file

shell=Explorer.exe

==========================================================================

__________________________________________________________________________

9. AUTOEXEC.BAT File - (c:autoexec.bat)

(Some trojans have been known to start from this file)

These are your program startups and set paths in your autoexec.bat file

@ECHO OFF

SET BLASTER=A220 I5 D1

LH C:WINDOWSCOMMANDDOSKEY

if exist c:pipost.bat call c:pipost.bat

mode con codepage prepare=((850) c:windowsCOMMANDega.cpi)

mode con codepage select=850

keyb uk,,c:windowsCOMMANDkeyboard.sys

Set tvdumpflags=10

==========================================================================

__________________________________________________________________________

10. StartUp Folder - (c:windowsstart menuprogramsstartup)

Shortcuts to any program will automatically start when placed here.

These are the shortcuts located in your StartUp folder

C:WINDOWSStart MenuProgramsStartUpMicrosoft Office.lnk

C:WINDOWSStart MenuProgramsStartUpLogitech Desktop Messenger.lnk

C:WINDOWSStart MenuProgramsStartUphp instant support.lnk

==========================================================================

__________________________________________________________________________

11. All Users Folder - (c:windowsall usersstart menuprogramsstartup)

Shortcuts to any program will automatically start when placed here.

These are the shortcuts located in your All Users StartUp folder

*(No start-ups found)*

==========================================================================

__________________________________________________________________________

12. Miscellaneous StartUp Configurations

-============================-

Registry StartUp Directories

-============================-

Should show the Start Menu StartUp and All Users StartUp directories

.....................................................................

[1] HKCU - Shell Folders

HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShell Folders

"Startup"="C:WINDOWSStart MenuProgramsStartUp"

.....................................................................

[2] HKCU - User Shell Folders

HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell Folders

.....................................................................

[3] HKLM - Shell Folders

HKLMSoftwareMicrosoftWindowsCurrentVersionexplorerShell Folders

"Common Startup"="C:WINDOWSAll UsersStart MenuProgramsStartUp"

.....................................................................

[4] HKLM - User Shell Folders

HKLMSoftwareMicrosoftWindowsCurrentVersionexplorerUser Shell Folders

.....................................................................

-=======================-

Registry Shell Spawning

-=======================-

Open Commands for Executable File Types

@=""%1" %*"

(.exe file - RegPath = HKCRexefileshellopencommand)

@=""%1" %*"

(.com file - RegPath = HKCRcomfileshellopencommand)

@=""%1" /S"

(.scr file - RegPath = HKCRscrfileshellopencommand)

@=""%1" %*"

(.bat file - RegPath = HKCRbatfileshellopencommand)

@=""%1" %*"

(.pif file - RegPath = HKCRpiffileshellopencommand)

@="C:WINDOWSSYSTEMMSHTA.EXE "%1" %*"

(.hta file - RegPath = HKCRhtafileshellopencommand)

-=========================-

HKLM RunOnceEx - Registry

-=========================-

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnceEx]

-=========================-

HKU (.Default) Run - Registry

-=========================-

[HKEY_USERS.DefaultSoftwareMicrosoftWindowsCurrentVersionRun]

"MsnMsgr"=""c:Program FilesMSN MessengerMsnMsgr.Exe" /background"

"PopUpStopperProfessional"=""C:PROGRAM FILESPANICWAREPOP-UP STOPPER PROFESSIONALPOPUPSTOPPERPROFESSIONAL.EXE""

"H/PC Connection Agent"=""C:PROGRAM FILESMICROSOFT ACTIVESYNCWCESCOMM.EXE""

-==============================-

HKU (.Default) RunOnce - Registry

-==============================-

[HKEY_USERS.DefaultSoftwareMicrosoftWindowsCurrentVersionRunOnce]

-================================-

StubPaths - Registry (Partial Listing)

-================================-

(Please see the StubPath.txt on your desktop for complete listing)

HKLMSoftwareMicrosoftActive SetupInstalled Components

"OldStubPath"="c:windowsSYSTEMie4uinit.exe"

"RealStubPath"="C:WINDOWSSYSTEMIE4UINIT.EXE"

"StubPath"="c:windowsCOMMANDsulfnbk.exe /L"

"RealStubPath"=""C:PROGRA~1OUTLOO~1setup50.exe" /APP:OE /CALLER:IE50 /user /install"

"OldRealStubPath"=""C:PROGRA~1OUTLOO~1setup50.exe" /APP:OE /CALLER:IE50 /user /install"

"StubPath"=""

"StubPath"="C:WINDOWSSYSTEMupdcrl.exe -e -u C:WINDOWSSYSTEMverisignpub1.crl"

"StubPath"=""C:PROGRA~1OUTLOO~1setup50.exe" /APP:WAB /CALLER:IE50 /user /install"

-=================-

DOSSTART.BAT File - (c:windowsdosstart.bat)

-=================-

@ECHO OFF

LH C:WINDOWSCOMMANDMSCDEX.EXE /D:IDECD001 /M:12

SET MOUSE=C:COMPAQIMOUSE

LH C:COMPAQIMOUSEIMOUSE.COM

C:Program FilesLogitechMouseWaremouse.exe

-=================-

WININIT.BAK File - (c:windowswininit.bak)

(name) (type) (size)(modified)(time)

wininit bak 1,516 20/01/05 14:06

-=================-

[rename]

C:PROGRA~1ADOBEACROBA~1.0READERACROJS32.DLL=C:PROGRA~1ADOBEACROBA~1.0READERACROJ

S32.1

C:PROGRA~1ADOBEACROBA~1.0READERACRORD32.EXE=C:PROGRA~1ADOBEACROBA~1.0READERACROR

D32.1

C:PROGRA~1ADOBEACROBA~1.0READERCOOLTYPE.DLL=C:PROGRA~1ADOBEACROBA~1.0READERCOOLT

YPE.1

C:PROGRA~1ADOBEACROBA~1.0READERAGM.DLL=C:PROGRA~1ADOBEACROBA~1.0READERAGM.1

C:PROGRA~1ADOBEACROBA~1.0READERADMUI316.FON=C:PROGRA~1ADOBEACROBA~1.0READERADMUI

316.1

C:PROGRA~1ADOBEACROBA~1.0READERPLUG_INSCREATE~1.API=C:PROGRA~1ADOBEACROBA~1.0REA

DERPLUG_INSCREATE~1.1

C:PROGRA~1ADOBEACROBA~1.0READERPLUG_INSWEBLNK32.API=C:PROGRA~1ADOBEACROBA~1.0REA

DERPLUG_INSWEBLNK32.1

C:PROGRA~1ADOBEACROBA~1.0READERPLUG_INSEWH32.API=C:PROGRA~1ADOBEACROBA~1.0READER

PLUG_INSEWH32.1

C:PROGRA~1ADOBEACROBA~1.0READERPLUG_INSIEWEB32.API=C:PROGRA~1ADOBEACROBA~1.0READ

ERPLUG_INSIEWEB32.1

C:PROGRA~1ADOBEACROBA~1.0READERPLUG_INSAHLS32.API=C:PROGRA~1ADOBEACROBA~1.0READE

RPLUG_INSAHLS32.1

C:PROGRA~1ADOBEACROBA~1.0READERPLUG_INSWEBBUY.API=C:PROGRA~1ADOBEACROBA~1.0READE

RPLUG_INSWEBBUY.1

C:PROGRA~1ADOBEACROBA~1.0READERPLUG_INSACROFORMAFILL32.API=C:PROGRA~1ADOBEACROBA

~1.0READERPLUG_INSACROFORMAFILL32.1

C:PROGRA~1ADOBEACROBA~1.0READERPLUG_INSMOVIEMOVIE32.API=C:PROGRA~1ADOBEACROBA~1.

0READERPLUG_INSMOVIEMOVIE32.1

C:PROGRA~1ADOBEACROBA~1.0READERACTIVEXPDF.OCX=C:PROGRA~1ADOBEACROBA~1.0READERACT

IVEXPDF.1-=====================-

Screen Saver Settings (Possible system.ini start-up)

-=====================-

SCRNSAVE.EXE=C:WINDOWSSYSTEMTRAVEL.SCR

==========================================================================

__________________________________________________________________________

- Supplemental Environment Information -

TMP=c:windowsTEMP

TEMP=C:windowsTEMP

winbootdir=C:WINDOWS

PATH=C:WINDOWS;c:windows;c:windowsCOMMAND

COMSPEC=C:WINDOWSCOMMAND.COM

TVDUMPFLAGS=10

windir=C:WINDOWS

File - c:windowsWininit.bak

==========================================================================

__________________________________________________________________________

- End -

IanR · January 29, 2005

Judy

Let's see if we can speed up your PC.

Go to the "Start" menu, click on "Run" and type "msconfig" without the quotes. Then click "OK".

At the top right hand side of the window that appears, you will see a "Startup" option. Click on that.

Then remove (by clicking on them) the ticks from the following:

Any reference to EACLEAN.EXE (unless you use easy access keyboard functions)

Any reference to ATICWD and ATICWD32 (unless you have and use TV out on your Video Card).

Any reference to LOGI-MWX.EXE (re-enable this later if your mouse does not work properly).

Any reference to LOADQM.EXE.

Any reference to STIMON.EXE (You may have to re-enable this at a later date if you install a USB scanner).

Any reference to ATITASK.EXE (Unless you frequently access display functions).

Any reference to WATCHDOG.EXE (Unless you utilise Compaq Internet Services).

Any reference to CPQEAUI (Unless you're using quick access keys).

When done, click on "OK". You will be asked to restart your PC for the changes to take effect. Click "Restart Now".

Any problems after that, post back.

Cheers

Ian.

nursejudy · January 29, 2005

Dear Ian

I have followed your instructions to the letter and computer IS running faster....thanks so much

Judith

*Ant* · January 29, 2005

Well i'm glad mine just sits on me desk, I ain't running after no bloody computer every time I want to send an e-mail.

nursejudy · January 29, 2005

I have my jogging bottoms and trainers on at the ready!!!!

Sign In

Scanner Advice Please..Again

Recommended Posts

Link to comment

Share on other sites

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Important Information