1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

svcinit.exe

Discussion in 'Earlier Versions of Windows' started by jaymes101, Oct 4, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. jaymes101

    jaymes101 Thread Starter

    Joined:
    Feb 24, 2002
    Messages:
    82
    Have I just not noticed before: when I run Hijack, I'm getting "win.ini:run=C:\Windows\svinit.exe.

    What is this? Is it a necessary functions of Windows?

    When I go to the "C" drive, I can't find a folder for it.

    When I attempt to delete it from Hijack, I get a message: "D'oh - remind me to bug you about this"
     
  2. beekeeper

    beekeeper

    Joined:
    Aug 17, 2003
    Messages:
    125
    Get rid of it

    start - run - type msconfig - ok - startup tab

    uncheck svcinit.exe and reboot
     
  3. jaymes101

    jaymes101 Thread Starter

    Joined:
    Feb 24, 2002
    Messages:
    82
    Okay done!

    When I rebooted, I saw that a new entry on msconfig>startup:
    "run=" had been checked. I disabled "Process Win.ini file" from the mscongif>General (yes/no) then rebooted and didn't have the "run=" anymore.

    What is this?
     
  4. beekeeper

    beekeeper

    Joined:
    Aug 17, 2003
    Messages:
    125
    As you can see there are 20 possible variants of run=, none particually friendly:

    X run= (1) <random filename> Added as a result of the SUBSEVEN and many other VIRUSES!
    N run= (2) cmmpu.exe MIDI emulator driver for the integrated sound chip by C-Media based on the CMI-8330 chip set normally found in cheap motherboards. Also installed as part of the software for a Guillemot Maxi Muse sound card (PCI)
    N run= (3) hpfsched HPFSCHED is a small TSR that will remind you to clean the cartridges in your DeskJet from time to time in order to keep print quality high. It can be removed from the run line in win.ini if you do not want that feature
    N run= (4) lxdboxcp.exe Lexmark DOS-Printing Control Program for the Lexmark 2050. Only required if you need to print from DOS
    N run= (5) pcfix2k.exe pcfix2k splash screen
    X run= (6) ptlseq.cpl PhoenixNet BIOS adware. See here
    U run= (7) ramsys.exe Advanced Startup Manager from Rays Lab
    X run= (8) VLFHO.exe VIRUS!
    ? run= (9) wallflip.exe Desktop wallpaper changer?
    X run= (10) Virus_Cleaner.exe Added as a result of the PANOL VIRUS!
    X run= (11) MagicRulez.exe Added as a result of the MINIMAN VIRUS!
    X run= (12) dllreg.exe Added as a result of the NIBU , BAMBO and DUMARU VIRUSES!
    X run= (13) Sp00lsv.exe Added as a result of the GRAYBIRD.E VIRUS!
    X run= (14) cekirge.scr Added as a result of the KERGEZ.A VIRUS!
    X run= (15) Mail_Check.exe Added as a result of the PANOIL.C VIRUS!
    X run= (16) explore.exe Added as a result of the GRAYBIRD.G VIRUS!
    X run= (17) CapsideRed.pif Added as a result of the CASPID VIRUS!
    X run= (18) svch0st.EXE Added as a result of the GRAYBIRD VIRUS!
    X run= (19) HgzServer.exe Added as a result of the GRAYBIRD.C VIRUS!
    X run= (20) SVCH0ST.EXE Added as a result of the GRAYBIRD.D VIRUS!

    It would seem likely that you contracted a virus at some stage -update your anti-virus and do a full scan. Also D/L and run spybot (see google for D/L station). Also see if any of the above .exe files connected with viruses appear on your msconfig list - and manually uncheck using the same procedure
     
  5. BlueSpruce

    BlueSpruce

    Joined:
    Jul 24, 2003
    Messages:
    420
    It indicates a Keylogger is on your system
    C:\Windows\svinit.exe > Starr Keylogger
     
  6. jaymes101

    jaymes101 Thread Starter

    Joined:
    Feb 24, 2002
    Messages:
    82
    Well I think that I got everything. I have Spybot - ran it. There were 5 alerts I got rid of. Ran Adware - it found a Coulom (sp) dailer. Got rid of that one. My computer speed seems to be a lot better. I tried to track down "Starr Keylogger" but I no longer have the "svinit.exe" file. So unless I'm missing something else that I should be concern about, I guess that this particular thread is resolved. Thanks for the help. Everyone on this site is awesome!!!!
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/169509

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice