Please help!

Discussion in 'SpywareBlaster & Other Forum' started by medieval, Feb 5, 2003.

Thread Status:
Not open for further replies.
  1. medieval

    medieval Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    3
    I have spywareblaster installed and I went to "about" and then "system info" within spywareblasters menu, my help and support page came up and I went into my software environment and then running tasks. ALOT came up including Kernel32.dll. were all these things listed running on MY computer now? And if so, then what can I do? I have Spywareblaster and Spybot S&D installed, updated and running on my computer. Please advise, Kelly
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,312
    Location:
    Netherlands
    Hi medieval,

    Could you surf here: http://www.lurkhere.com/~nicefiles/ and download Startuplist 1.51
    Unzip and run it and paste the contents of your log in your next post. Or if you´re uncomfortable with posting it, mail it to me.

    Regards,

    Pieter

    Added URL tags :oops:
     
  3. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,995
    Yes, that is a list of everything currently running on your computer provided by Windows' built-in System Information feature.

    By following the suggestion posted by Pieter, we can take a look at the list of everything you have running, and help you disable any tasks you might not need that could be just causing your computer to run more slowly (if you'd like). :)

    Best regards,

    -Javacool
     
  4. medieval

    medieval Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    3
    Here is the list, I also IM'ed it to Pieter. Thanks for everyone's help!

    StartupList report, 2/5/2003, 4:14:14 PM
    StartupList version: 1.51
    Started from : C:\WINDOWS\DESKTOP\STARTUPLIST.EXE
    Detected: Windows ME (Win9x 4.90.3000)
    Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\AVSYNMGR.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSSTAT.EXE
    C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\AVCONSOL.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\WEBSCANX.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\MOTIVE\MOTMON.EXE
    C:\WINDOWS\OPTIONS\CABS\LOGITECH\HP_FINDER.EXE
    C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\ALOGSERV.EXE
    C:\WINDOWS\WT\WCMDMGR.EXE
    C:\PROGRAM FILES\MICRO RF WIRELESS OFFICE SOLUTION\KEYBOARD\IKEYMAIN.EXE
    C:\PROGRAM FILES\MICRO RF WIRELESS OFFICE SOLUTION\MOUSE\AMOUMAIN.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\CALLWAVE\IAM.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE
    C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\WINDOWS\DESKTOP\STARTUPLIST.EXE

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Startup:
    [C:\WINDOWS\Start Menu\Programs\StartUp]
    Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXE
    PowerReg Scheduler.exe
    MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
    TaskMonitor = C:\WINDOWS\taskmon.exe
    SystemTray = SysTray.Exe
    LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    Delay = C:\WINDOWS\delayrun.exe
    MotiveMonitor = C:\Program Files\Motive\motmon.exe
    DJRegFix = regedit /s c:\hp\djregfix.reg
    HPLogiFinder = \WINDOWS\OPTIONS\CABS\LOGITECH\HP_FINDER.EXE
    wcmdmgr = C:\WINDOWS\wt\wcmdmgrl.exe -launch
    Alogserv = C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
    PCHealth = C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    iKeyWorks = C:\PROGRA~1\MICROR~1\KEYBOARD\IKEYMAIN.EXE
    WheelMouse = C:\PROGRA~1\MICROR~1\MOUSE\AMOUMAIN.EXE
    MSConfigReminder = C:\WINDOWS\SYSTEM\msconfig.exe /reminder

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    *StateMgr = C:\WINDOWS\System\Restore\StateMgr.exe
    McAfeeVirusScanService = C:\Program Files\McAfee\McAfee VirusScan\AVSYNMGR.EXE

    --------------------------------------------------

    C:\WINDOWS\WININIT.BAK listing:
    (Created 4/2/2003, 12:15:50)

    [rename]
    NUL=C:\PROGRA~1\REDVPR~1\POPUPP~1\IELIBTRI.DLL


    --------------------------------------------------

    C:\AUTOEXEC.BAT listing:

    SET PATH=C:\WINDOWS;C:\WINDOWS\COMMAND
    SET windir=C:\WINDOWS
    SET winbootdir=C:\WINDOWS
    SET COMSPEC=C:\WINDOWS\COMMAND.COM
    SET PROMPT=$p$g
    SET TEMP=C:\WINDOWS\TEMP
    SET TMP=C:\WINDOWS\TEMP

    --------------------------------------------------

    C:\WINDOWS\WINSTART.BAT listing:

    C:\WINDOWS\tmpcpyis.bat

    --------------------------------------------------


    Enumerating Browser Helper Objects:

    Guard-IE - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL - {D2F719F3-106A-402B-9996-3A5B12ACA564}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    Tune-up Application Start.job
    PCHealth Scheduler for Data Collection.job
    Maintenance-Defragment programs.job
    Maintenance-ScanDisk.job
    Maintenance-Disk cleanup.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [CWDL_DownLoadControl Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\CWDL_DOWNLOAD.DLL
    CODEBASE = http://www.callwave.com/include/cab/CWDL_DownLoad.CAB

    [CV3 Class]
    InProcServer32 = C:\WINDOWS\SYSTEM\WUV3IS.DLL
    CODEBASE = http://windowsupdate.microsoft.com/R1044/V31Controls/x86/mil/en/actsetup.cab

    [Microsoft ProgressBar Control, version 5.0 (SP2)]
    InProcServer32 = C:\WINDOWS\SYSTEM\COMCTL32.OCX
    CODEBASE = http://bin.mcafee.com/molbin/Shared/ComCtl32/6,0,80,22/ComCtl32.cab

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    [Update Class]
    InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
    CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37606.8506597222

    [RdxIE Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.1\RDXIE.DLL
    CODEBASE = http://207.188.7.150/23a5c0e303251110e805/netzip/RdxIE601.cab

    --------------------------------------------------
    End of report, 5,970 bytes
    Report generated in 0.465 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
  5. medieval

    medieval Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    3
    Pieter gave me some things I can remove, but what is the Kernel32.dll running? and should it go? Thanks again, Kelly
     
  6. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,995
    That's a normal Windows file - I'd recommend that you don't touch it.

    There is the chance, of course, that it could have been replaced by a version infected with a virus (or that it could be stored in a different location, but have the same file name as the normal Windows file) - but as long as you have an up-to-date anti-virus scanner, I wouldn't worry about it.

    Best regards,

    -Javacool
     
  7. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    This might be a little out of bound but...... was wondering if there's a way to stop the Quicktime 5.0 to start in the system tray at every startup.

    I've removed it from my startup with msconfig but seems to be back there....
     
Thread Status:
Not open for further replies.