Below is a log from asviewer. I am curious about a couple of items (Items in bold). Any explanation about these items, along with any additional advise will be greatly appreciated. It seems like I could clean this up a lot, but I don't know enough to do it safely. Any suggestions or guidance would help. Thanks in advance.

-{ Quote: "DiamondCS Autostart Viewer (www.diamondcs.com.au) - Report for , 05-30-2004
c:\windows\system32\autoexec.nt
C:\WINDOWS\system32\mscdexnt.exe
C:\WINDOWS\system32\redir.exe
C:\WINDOWS\system32\dosx.exe
c:\windows\system32\config.nt
C:\WINDOWS\system32\himem.sys
c:\windows\wininit.ini [rename]
[B]NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=
NUL=[/B]
C:\PROGRA~1\PHOTOD~1.1\PLUGINS\TWAIN_32.8BA=C:\PROGRA~1\JAMCAM~1.0\TWAIN_32.8BA
c:\windows\system.ini [drivers]
timer=timer.drv
c:\windows\system.ini [boot]\shell
C:\WINDOWS\Explorer.exe
c:\windows\system.ini [boot]\scrnsave.exe
C:\WINDOWS\System32\scrnsave.scr
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
C:\WINDOWS\Explorer.exe
HKCU\Control Panel\Desktop\scrnsave.exe
C:\WINDOWS\System32\scrnsave.scr
HKCR\vbsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\vbefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wshfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wsffile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\CTHelper
C:\WINDOWS\system32\CTHELPER.EXE
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\AsioReg
REGSVR32.EXE /S CTASIO.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\NvCplDaemon
RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\nwiz
nwiz.exe /install
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ccApp
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Jet Detection
C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\CTStartup
C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Zone Labs Client
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TDS3
C:\Program Files\DiamondCS\TDS3\TDS-3.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Ad-watch
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\UpdReg
C:\WINDOWS\UpdReg.EXE
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MsnMsgr
C:\Program Files\MSN Messenger\MsnMsgr.Exe
HKU\.Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\RunNarrator
C:\WINDOWS\system32\Narrator.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\System32\webcheck.dll
C:\WINDOWS\System32\stobject.dll
C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job
C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job
C:\Program Files\Norton SystemWorks\OBC.exe
C:\WINDOWS\Tasks\Symantec Drmc.job
C:\Program Files\Common Files\Symantec Shared\SymDrmc.exe
C:\WINDOWS\Tasks\Symantec NetDetect.job
C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
C:\Documents and Settings\Dustin H. Allen\Start Menu\Programs\Startup\IMsecure.lnk
C:\Program Files\IMsecure\IMsecure.exe
C:\Documents and Settings\Dustin H. Allen\Start Menu\Programs\Startup\Norton System Doctor.LNK
C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
C:\Documents and Settings\Dustin H. Allen\Start Menu\Programs\Startup\Process Guard.lnk
C:\Program Files\DiamondCS\ProcessGuard\procguard.exe
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
HKLM\System\CurrentControlSet\Control\WOW\cmdline
C:\WINDOWS\system32\ntvdm.exe
HKLM\System\CurrentControlSet\Control\WOW\wowcmdline
C:\WINDOWS\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\
C:\WINDOWS\System32\dcsws2.dll
C:\WINDOWS\system32\mswsock.dll
C:\WINDOWS\system32\rsvpsp.dll
HKLM\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\
C:\WINDOWS\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\
C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
HKLM\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\
RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
HKLM\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\
C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
HKLM\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\
C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
HKLM\Software\Microsoft\Active Setup\Installed Components\{306D6C21-C1B6-4629-986C-E59E1875B8AF}\
C:\WINDOWS\System32\rundll32.exe
HKLM\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\
%ProgramFiles%\Outlook Express\setup50.exe
HKLM\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\
rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
HKLM\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\
rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.QuietInstall.PerUser
HKLM\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\
rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
HKLM\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}\
%ProgramFiles%\Outlook Express\setup50.exe
HKLM\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\
regsvr32.exe /s /n /i:U shell32.dll
HKLM\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\
C:\WINDOWS\system32\ie4uinit.exe
HKLM\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\
C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install
HKLM\System\CurrentControlSet\Services\AFD\
C:\WINDOWS\System32\drivers\afd.sys
HKLM\System\CurrentControlSet\Services\AudioSrv\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\Browser\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\ccEvtMgr\
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
HKLM\System\CurrentControlSet\Services\ccSetMgr\
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
HKLM\System\CurrentControlSet\Services\CDRPDACC\
\??\C:\Program Files\321Studios\Shared\CDRPDACC.SYS
HKLM\System\CurrentControlSet\Services\Creative Service for CDROM Access\
C:\WINDOWS\System32\CTsvcCDA.exe
HKLM\System\CurrentControlSet\Services\CryptSvc\
C:\WINDOWS\system32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\DCSUserProt\
C:\Program Files\DiamondCS\ProcessGuard\dcsuserprot.exe
HKLM\System\CurrentControlSet\Services\Dhcp\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\dmserver\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\Dnscache\
C:\WINDOWS\System32\svchost.exe -k NetworkService
HKLM\System\CurrentControlSet\Services\drvnddm\
C:\WINDOWS\system32\drivers\drvnddm.sys
HKLM\System\CurrentControlSet\Services\ERSvc\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\Eventlog\
C:\WINDOWS\system32\services.exe
HKLM\System\CurrentControlSet\Services\GhostStartService\
C:\PROGRA~1\NORTON~1\NORTON~4\GHOSTS~2.EXE
HKLM\System\CurrentControlSet\Services\helpsvc\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\HidServ\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\lanmanserver\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\lanmanworkstation\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\LmHosts\
C:\WINDOWS\System32\svchost.exe -k LocalService
HKLM\System\CurrentControlSet\Services\navapsvc\
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
HKLM\System\CurrentControlSet\Services\NProtectService\
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
HKLM\System\CurrentControlSet\Services\NVSvc\
C:\WINDOWS\System32\nvsvc32.exe
HKLM\System\CurrentControlSet\Services\PfModNT\
\??\C:\WINDOWS\System32\drivers\PfModNT.sys
HKLM\System\CurrentControlSet\Services\PlugPlay\
C:\WINDOWS\system32\services.exe
HKLM\System\CurrentControlSet\Services\PolicyAgent\
C:\WINDOWS\System32\lsass.exe
HKLM\System\CurrentControlSet\Services\procguard\
\??\C:\WINDOWS\System32\drivers\procguard.sys
HKLM\System\CurrentControlSet\Services\ProtectedStorage\
C:\WINDOWS\system32\lsass.exe
HKLM\System\CurrentControlSet\Services\RemoteRegistry\
C:\WINDOWS\system32\svchost.exe -k LocalService
HKLM\System\CurrentControlSet\Services\RpcSs\
C:\WINDOWS\system32\svchost -k rpcss
HKLM\System\CurrentControlSet\Services\SamSs\
C:\WINDOWS\system32\lsass.exe
HKLM\System\CurrentControlSet\Services\SAVScan\
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
HKLM\System\CurrentControlSet\Services\SBService\
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
HKLM\System\CurrentControlSet\Services\Schedule\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\seclogon\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\SENS\
C:\WINDOWS\system32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\ShellHWDetection\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\Speed Disk service\
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
HKLM\System\CurrentControlSet\Services\Spooler\
C:\WINDOWS\system32\spoolsv.exe
HKLM\System\CurrentControlSet\Services\srservice\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\stisvc\
C:\WINDOWS\System32\svchost.exe -k imgsvc
HKLM\System\CurrentControlSet\Services\Symantec Core LC\
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
HKLM\System\CurrentControlSet\Services\symlcbrd\
\??\C:\WINDOWS\System32\drivers\symlcbrd.sys
HKLM\System\CurrentControlSet\Services\SYMTDI\
\??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS
HKLM\System\CurrentControlSet\Services\tfsnboio\
C:\WINDOWS\system32\dla\tfsnboio.sys
HKLM\System\CurrentControlSet\Services\tfsncofs\
C:\WINDOWS\system32\dla\tfsncofs.sys
HKLM\System\CurrentControlSet\Services\tfsndrct\
C:\WINDOWS\system32\dla\tfsndrct.sys
HKLM\System\CurrentControlSet\Services\tfsndres\
C:\WINDOWS\system32\dla\tfsndres.sys
HKLM\System\CurrentControlSet\Services\tfsnifs\
C:\WINDOWS\system32\dla\tfsnifs.sys
HKLM\System\CurrentControlSet\Services\tfsnopio\
C:\WINDOWS\system32\dla\tfsnopio.sys
HKLM\System\CurrentControlSet\Services\tfsnpool\
C:\WINDOWS\system32\dla\tfsnpool.sys
HKLM\System\CurrentControlSet\Services\tfsnudf\
C:\WINDOWS\system32\dla\tfsnudf.sys
HKLM\System\CurrentControlSet\Services\tfsnudfa\
C:\WINDOWS\system32\dla\tfsnudfa.sys
HKLM\System\CurrentControlSet\Services\Themes\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\TrkWks\
C:\WINDOWS\system32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\uploadmgr\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\vsmon\
C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service
HKLM\System\CurrentControlSet\Services\W32Time\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\WebClient\
C:\WINDOWS\System32\svchost.exe -k LocalService
HKLM\System\CurrentControlSet\Services\winmgmt\
C:\WINDOWS\system32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\WMDM PMSP Service\
C:\WINDOWS\System32\MsPMSPSv.exe
HKLM\System\CurrentControlSet\Services\wuauserv\
C:\WINDOWS\system32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\WZCSVC\
C:\WINDOWS\System32\svchost.exe -k netsvcs
" }-

Hi Dallen, I edited your email addy from the AS viewer text in your post :)

Hopefully one of the experts will know about your wininit.ini & the NUL =
Could be to do with an improperly removed program that wininit is trying to initiate on startup or a registry entry that was not removed properly by an uninstaller? Hence the NUL = entries

Just guessing - Pilli

Dallen when you view the ini file in Notepad, can you still see those NUL references?

Wayne - DiamondCS,
Sorry for the delayed response to your question. The answer is yes, I can see the NUL references when I open the C:\Windows\wininit.ini file in Notepad. What does that mean?

Usually means you have run an installer or uninstaller multiple times, I'd just edit those NUL lines out and not worry about it. The NUL lines are often used by an uninstaller to delete files which were in use at the time..

So should I manually open the file and delete those NUL entries, or right-click on the entries using asviewer and select "Delete autostart reference"? It probably doesn't matter, but I thought I'd ask just in case.

I'd do it manually in Notepad, just search for NUL=
Use Autostart Viewer afterwards to confirm that youve cleaned them

Either way though, this isn't anything major - just a bit of 'garbage' in an ini file, that's all. :)

Done. Thanks, if you see anything else in there that could use some attention, please let me know.