:Dhi im looking at start up list for windows xp i see a few keys i never seen befor and a few i dont trust in msconfig

Desktop, N/A, Start Menu
Desktop, N/A, Start Menu (Common User)
Dla, C:\WINDOWS\system32\dla\tfswctrl.exe, HKEY_LM\Run
Exif Launcher, N/A, Start Menu (Common User)
Iamapp, C:\Program Files\Norton Personal Firewall\IAMAPP.EXE, HKEY_LM\Run

what this
KernelFaultCheck, %systemroot%\system32\dumprep 0 -k, HKEY_LM\Run

NAV Agent, C:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe, HKEY_LM\Run

:-\what this?
Pctvoice, Pctspk.exe, HKEY_LM\Run

:-\blaze no trust this one
Uninstall0001, "C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe" LASTCALL!adverts.stripsaver.com!StatsStripSaver, HKEY_LM\Run

{QUOTE-> quoting: MRBLAZE link=board=27;threadid=4758;start=0#31128 date=1036829818]what this
KernelFaultCheck, %systemroot%\system32\dumprep 0 -k, HKEY_LM\Run <-QUOTE}
This one I'm familar with by seeing it on my XP system, though I don't know all the particulars of it. That program key is added to the startup tab following a fatal system error and is related to handling crash dump files. (On my system, Regprot warns me of it first boot after a crash.) It's okay to leave there.

If you need more info on it, see this (search for "dumprep" on this page):

http://www.kellys-korner-xp.com/xp_d.htm
{QUOTE-> what this?
Pctvoice, Pctspk.exe, HKEY_LM\Run <-QUOTE}
I don't know this directly, but from a search it could be the program that lets the modem pass sound to the system speakers (modem card to sound card interface?). They probably want to continue to have that capability, I'd guess.

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x0447a22831ebd5118ff40090279cd0f9,00.html

Some quick Google and other searches:
[hr]
stripsaver
In HOSTS is a site clicks.stripsaver.com that will be blocked by HOSTS.
After a quick look at Google I think stripsaver has to do with a porn site and/or screensaver.


Pctvoice
See for example:
http://www.igknighttec.com/Articles/Files/startup_list.php
Quote:
The program PCTVoice is used by the modem to interface with your computer and also used for some V.80 functions for Video Conferencing. Not required in startup

And:
http://www.weatherwatchers.org/bbs/wxstationboard/messages/359.html


Pctspk
See for example here:
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x0447a22831ebd5118ff40090279cd0f9,00.html
Some quote:
Next day I just ended the process in the Task Manager, and then noticed that all this programme seems to is: play the "modem dial up noises" through the PC speakers, so I guess thats what the name stands for now, PCToSPeaKers.


tfswctrl
See for example:
http://www.greatis.com/regrun3atyouroption.htm
Quote:
tfswctrl.exe
HP DLA CD recording software. Read more: http://groups.google.com.ru/groups?q=tfswctrl.exe&hl=ru&selm=3r3caucbvifm30pvnodasnes1oe9e2t266%404ax.com&rnum=1

cool thank you guys so much so basicly i get rid of strip saver the totem one right

ok i deleteted the strip saver from start up but do i delet the totem shared folder located in my common files folder located in windows xp?

cause im looking at totem folder
and it has two folders in it

Uninstall0001
Update

in totem shared folder under uninstall0001 folder has the following stuff in it
profile folder
Distribution.dll
msvcr70.dll
Network.dll
Stats.dll
System.dll
Upd
Update.dll
Windows.dll

in same folder but profile folder located in totem shared uninstall0001 folder called profile these files exsist

data.ndq
profile.lsf

In the update folder in totem shared i se these files
Advertising.dll.028
distribution.dll.012
msvcr70.dll.010
ScreenSaver.dll.019
System.dll.034
Windows.dll.035
Bpk.dll.028
FavoriteLinks.dll.026
Network.dll.026
Stats.dll.025
Update.dll.027
WindowsEx.dll.014

so do i delet this so called totem shared folder containing these files looks like scum ware to me?

Hiya Blaze!!

Have you looked in Add/Remove Programs to see if there is actually an uninstall option for this totem stuff? If you've already scanned this system for malware (AV/AT, etc) and used SpyBot S&D and the like, then this is probably only a questionable piece of software, not malware. It's own uninstall might be the best thing to do.

The contents of the Uninstall0001 folder appear to be saved .dll files that might be put back in place if the uninstall is run. (You could right click on these files and check out their various attribute fields to see if they are normal window files or simply an earlier version of totem software files.)

If no uninstall exists, you could do a search in regedit for keys related to these files and these folders, just to see "how deeply" this software is integrated into that system. It might help to know that.

Fun, fun ;)
LowWaterMark

:Dhiiiiiiiiiiiiiiiiiiiiii

no there is no real unintall nor can i find it just a folder with that name

i look in xp add and remove its not there.

thats why i was wondering if i could delet it?

totem shared folder might have advertiseing scumware

i already checked with adware or spybot nothing came up wondering if this totem shared folder is some new stuff ;D

I'd still search in regedit for references to those folders. If there aren't any ties to the registry, then it probably isn't used anymore anyway, since you deleted the strip saver. So deleting it all probably wouldn't hurt then.

{QUOTE-> quoting: MRBLAZE link=board=27;threadid=4758;start=0#31414 date=1036959243]
i already checked with adware or spybot nothing came up wondering if this totem shared folder is some new stuff ;D
<-QUOTE}
Hi MRBlaze,

You could always contact PepiMK @ http://www.net-integration.net/cgi-bin/forums/ikonboard.cgi?s=3dcec0e47288ffff;act=SF;f=28 to ask if he wants a sample.

Regards,

Pieter

Do a search at Google for "Totem Shared" and you'll see that that Totem Shared folder belongs to that porn screensaver.

i posted at pepis lol i havent see anything except when i use regcleaner it says its software

{QUOTE-> quoting: MRBLAZE link=board=27;threadid=4758;start=0#31421 date=1036961068]
i posted at pepis lol i havent see anything except when i use regcleaner it says its software
<-QUOTE}

Blaze, no offense, but you posted on the wrong forum over there. Patrick most obviously will not read that post. Better post on the "PepiMK" forum ;).

regards.

paul

;D Just a quick note Mr. Blaze...That strip-saver was one of the programs that kept reappearing in my files, even after I deleted, searched, deleted. It just kept coming back. Finally I got brave and regedited it out of the system registry. Gone now. Didn't have the other files you refer to. See Ya, crkit1
PS. Still waiting for that info we talked about for my husband. ;)

:Dlol im lost sorry paul didnt mean to do that lol ;D

:) Hi MRBLAZE!

You may have it already but here's the link to PepiMK Forums (http://www.net-integration.net/cgi-bin/forums/ikonboard.cgi). I post there regularly (Gladiator Updates, news etc). Hope this helps you out.

Best regards from Larry! :)

;D Gladiator Security Labs Forums (http://forum.gladiator-antivirus.com/) ;D