Unknown Startup Programs

Discussion in 'Malware Help (A Specialist Will Reply)' started by navahmad, Jul 3, 2008.

  1. navahmad

    navahmad Private E-2

    CCleaner tells me the following programs are in my registry to begin at startup. I tried searching for most of them, but the following are entries I am unsure about:

    KEY Program File
    HKLM:Run TP4EX tp4ex.exe (in root, not in system folder)
    HKLM:Run b0874d03 rundll32.exe "C:\WINDOWS\system32\snlqojcy.dll", b

    Could you please tell me if these entries are safe?

    Thanks
     
    navahmad, Jul 3, 2008
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    TimW, Jul 3, 2008
    #2
  3. navahmad

    navahmad Private E-2

    Unknown Startup Program s --> slow laptop

    Hi,

    I originally posted about some unknown startup programs showing up in my registry. I ran all of the readme and I believe it cleaned somethings up, dealing with my original questions. However, now my laptop is slower than ever. Please find my logs attached.

    Thanks
     

    Attached Files:

    navahmad, Jul 3, 2008
    #3
  4. navahmad

    navahmad Private E-2

    Re: Unknown Startup Program s --> slow laptop

    Here is my last log file.
     

    Attached Files:

    navahmad, Jul 3, 2008
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    The scans seemed to have removed most of it.

    Can you tell me what this is:
    C:\Windows\x

    Use windows explorer to find and delete:
    C:\WINDOWS\system32\kmlmoutv.ini
    C:\WINDOWS\system32\kmlmou~1.ini
    C:\WINDOWS\system32\ycjoqlns.ini

    Please delete everything you can in this folder:
    C:\Documents and Settings\Naveed\Local Settings\Temp\

    Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Now tell me what issues you are still having.
     
    TimW, Jul 4, 2008
    #5
  6. navahmad

    navahmad Private E-2

    I edited C:/windows/x in notepad, and this is what appeared:

    [InstallShield Silent]
    Version=v6.00.000
    File=Log File
    [ResponseResult]
    ResultCode=0
    [Application]
    Name=ThinkVantage Access Connections
    Version=1.00.000
    Company=Lenovo
    Lang=0009

    The 3 .ini files were not on my computer. What could have happened there was that I mistakingly ran the readme out of order. I ran the MGTools files before I ran combofix.exe. I don't know if that would have made a difference.

    Things are definitely noticeably faster. Windows startup is still long, it takes me about a good 2 minutes from startup before firefox 3 will launch. There's also a good 30 second delay between clicking on a folder on my desktop and the folder actually opening.

    That's all that I notice at this point.

    Thanks!
     
    navahmad, Jul 5, 2008
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Yes...running the scans out of order will lead to some confusion. :)

    You may wish to use a Startup Manager

    Also anti-virus and spyware programs can lead to slow starts as well.
     
    TimW, Jul 5, 2008
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds