|
|
#1
April 27th, 2003, 10:42 AM
|
||||
|
||||
Need a little help with SSM and the registry.
My wife was messing around on the computer and put a checkmark in the monitor register and she said that she clicked closed when the pop up popped up that has the red or green boxes (I know nothing about this cuz I never checked the box). She said it was red and I seen that red was to block. Now I ran Start up list and notice that McAfee VS wasn't there in the start up. Now when I restarted my computer McAfee VS starts. But the registry don't show that it starts up. Heres what the start up list says:
StartupList report, 4/27/2003, 10:30:12 AM StartupList version: 1.52 Started from : C:\unzipped\startuplist\StartupList.EXE Detected: Windows XP SP1 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106) * Using default options ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\Smc.exe C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Messenger Plus! 2\MsgPlus.exe C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe C:\Program Files\Proxomitron Naoko-4\Proxomitron.exe C:\Program Files\EarthLink TotalAccess\TaskPanl.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\DllHost.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Messenger\msmsgs.exe C:\unzipped\ssm\SysSafe.exe C:\unzipped\startuplist\StartupList.exe -------------------------------------------------- Listing of startup folders: Shell folders Common Startup: [C:\Documents and Settings\All Users\Start Menu\Programs\Startup] Digital Line Detect.lnk = ? -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run IgfxTray = C:\WINDOWS\System32\igfxtray.exe HotKeysCmds = C:\WINDOWS\System32\hkcmd.exe BCMSMMSG = BCMSMMSG.exe MessengerPlus2 = "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" SmcService = C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui MSConfig = C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run FAST Defrag = McAfee.InstantUpdate.Monitor = "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry key not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Yahoo!\Common\ycomp5_1_3_0.dll - {02478D38-C3F9-4efb-9B51-7695ECA05670} (no name) - C:\PROGRA~1\SPYBOT~1.1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\PROGRA~1\AdShield\AdShield\AdShield.dll - {7559B76E-0222-4d77-9499-CCE9EB4EDC2F} (no name) - c:\windows\googletoolbar_en_1.1.70-big.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7} -------------------------------------------------- Enumerating Task Scheduler jobs: .job McAfee.com Scan for Viruses - My Computer (1) (COMPUTER-Me).job McAfee.com Scan for Viruses - My Computer (COMPUTER-Me).job -------------------------------------------------- Enumerating Download Program Files: [BrowseFolderPopup Class] InProcServer32 = C:\WINDOWS\MCBin\Shared\MGBrwFld.dll CODEBASE = http://download.mcafee.com/molbin/Shared/MGBrwFld.cab [Yahoo! Audio Conferencing] InProcServer32 = C:\Program Files\Yahoo!\Messenger\yacscom.dll CODEBASE = http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v43/yacscom.cab [YInstStarter Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\yinsthelper.dll CODEBASE = http://download.yahoo.com/dl/installs/yinst.cab [HouseCall Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocx CODEBASE = http://a840.g.akamai.net/7/840/537/2003042101/housecall.antivirus.com/housecall/xscan53.cab [{8EDAD21C-3584-4E66-A8AB-EB0E5584767D}] CODEBASE = http://toolbar.google.com/data/GoogleActivate.cab [Update Class] InProcServer32 = C:\WINDOWS\System32\iuctl.dll CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37676.669212963 [YahooYMailTo Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\ymmapi.dll CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi.dll -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\System32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll -------------------------------------------------- End of report, 5,919 bytes Report generated in 0.234 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only See it don't show McAfee starting, but McAfee starts. Now isn't this odd? I think SSM has something to do with it. Is there a way to fix this?
__________________
The mind is like a drunken monkey dancing on hot coals. |
|
#2
April 27th, 2003, 10:53 AM
|
||||
|
||||
|
Re:Need a little help with SSM and the registry.
Hi Notageek,
Not familiar with McAfee but I found this on Pacs Portal: McAfeeVirusScanService Avsynmgr.exe From McAfee VirusScan version 5.x. Runs VirusScan System Tray (Vsstat.exe), WebScanX (Webscanx.exe), VirusScan System Scan (Vshwin32.exe) and VirusScan Console (Avconsol.exe) under one application Check your services to see if it starts from there. It will if my suspicion is right. Regards, Pieter
__________________
Regards, Pieter Itīs nice to be important, but itīs more important to be nice. It's human to make mistakes. It's even more so to blame the computer for it. |
|
#3
April 27th, 2003, 11:01 AM
|
||||
|
||||
|
Re:Need a little help with SSM and the registry.
Hi Pieter, McAfee still starts, it just show on Start up list that it's not in the registry. I just find this rather puzzling. I think my wife blocked it somehow with SSM. I just wanted to put it back in the registry as a start up. Could JV16 do this?
__________________
The mind is like a drunken monkey dancing on hot coals. |
|
#4
April 27th, 2003, 11:21 AM
|
||||
|
||||
|
Re:Need a little help with SSM and the registry.
Hi Notageek,
Startuplist doesnīt show the Services that start up. Could you post a Autostart Viewer log. Download and run the program: Click Main > Show Services > Main > Save to create the .txt file. Or do you have a Startuplist from before? So I can see whatīs missing. Like I said Iīm not familiar with McAfee, and I donīt want it on my conscience to cripple your protection. JV16 will be of little help when you want to add something to the registry, unless it concerns restoring entries removed by JV16. Regards, Pieter
__________________
Regards, Pieter Itīs nice to be important, but itīs more important to be nice. It's human to make mistakes. It's even more so to blame the computer for it. |
|
#5
April 27th, 2003, 11:26 AM
|
||||
|
||||
|
Re:Need a little help with SSM and the registry.
DiamondCS Autostart Viewer (www.diamondcs.com.au) - Report for Me@COMPUTER, 04-27-2003
c:\windows\system32\autoexec.nt C:\WINDOWS\system32\mscdexnt.exe C:\WINDOWS\system32\redir.exe C:\WINDOWS\system32\dosx.exe c:\windows\system32 onfig.nt C:\WINDOWS\system32\himem.sys c:\windows\wininit.ini [rename] NUL=C:\WINDOWS\System32\winlnet.dllEMPOR~1\Content.IE5\index.dat NUL=C:\WINDOWS\downlo~1\ymsgrins.exe HKCR\vbsfile\shell\open ommand\ C:\WINDOWS\System32\WScript.exe "%1" %* HKCR\vbefile\shell\open ommand\ C:\WINDOWS\System32\WScript.exe "%1" %* HKCR\jsfile\shell\open ommand\ C:\WINDOWS\System32\WScript.exe "%1" %* HKCR\jsefile\shell\open ommand\ C:\WINDOWS\System32\WScript.exe "%1" %* HKCR\wshfile\shell\open ommand\ C:\WINDOWS\System32\WScript.exe "%1" %* HKCR\wsffile\shell\open ommand\ C:\WINDOWS\System32\WScript.exe "%1" %* HKLM\Software\Microsoft\Windows\CurrentVersion\Run\IgfxTray C:\WINDOWS\System32\igfxtray.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Run\HotKeysCmds C:\WINDOWS\System32\hkcmd.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Run\BCMSMMSG C:\WINDOWS\BCMSMMSG.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Run\MessengerPlus2 C:\Program Files\Messenger Plus! 2\MsgPlus.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SmcService C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui HKLM\Software\Microsoft\Windows\CurrentVersion\Run\MSConfig C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto HKCU\Software\Microsoft\Windows\CurrentVersion\Run\McAfee.InstantUpdate.Monitor C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Avsynmgr.exe C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\System32\webcheck.dll C:\WINDOWS\System32\stobject.dll C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (1) (COMPUTER-Me).job c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (COMPUTER-Me).job c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk C:\Program Files\Digital Line Detect\DLG.exe HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute autocheck autochk * HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit C:\WINDOWS\system32\userinit.exe HKLM\System\CurrentControlSet\Control\WOW mdline C:\WINDOWS\system32\ntvdm.exe HKLM\System\CurrentControlSet\Control\WOW\wowcmdline C:\WINDOWS\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386 HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ C:\WINDOWS\System32\CSLSP.DLL C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\rsvpsp.dll HKLM\System\CurrentControlSet\Services\VxD\JAVASUP\ C:\WINDOWS\system32\JAVASUP.VXD
__________________
The mind is like a drunken monkey dancing on hot coals. |
|
#6
April 27th, 2003, 11:39 AM
|
||||
|
||||
|
Re:Need a little help with SSM and the registry.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Avsynmgr.exe
C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe Itīs there allright. Weīll need some input from someone using McAfee to see if that is enough. Is using System Restore an option? Just to make sure. Regards, Pieter
__________________
Regards, Pieter Itīs nice to be important, but itīs more important to be nice. It's human to make mistakes. It's even more so to blame the computer for it. |
|
#7
April 27th, 2003, 11:42 AM
|
||||
|
||||
|
Re:Need a little help with SSM and the registry.
I have System restore ready to go if I have to use it. But I went to Cyber help forum and they said it wasn't loading from looking at Stratup list. I looked at ASveiwer and it showed it.
__________________
The mind is like a drunken monkey dancing on hot coals. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
