1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

System Not Going On Standby

Discussion in 'Earlier Versions of Windows' started by eekamaus, Dec 23, 2001.

Thread Status:
Not open for further replies.
Advertisement
  1. eekamaus

    eekamaus Thread Starter

    Joined:
    Dec 23, 2001
    Messages:
    15
    USING WIN ME. "THE FOLLOWING MODULES HAVE INTERCEPTED
    (HOOKED) VARIOUS ASPECTS OF THE SYSTEM.

    HOOK TYPE: SHELL
    HOOKED BY: MMSYSTEM.DLL
    APPLICATION: MMTASK.TSK
    DLL PATH: C:\WINDOWS\SYSTEM\MMSYST...
    APPLICATION PATH: C:\WINDOWS\SYSTEM\MMTASK.TS


    I'M HAVING PROBLEMS PUTTING MY COMPUTER ON STANDBY MODE. I'VE TRIED THE HELP THAT CAME WITH THE COMPUTER BUT NO LUCK. I SUSPECT THE H0OK IS CAUSING THIS. MY COMPUTER SAYS THAT THE STANDBY IS WORKING FINE BUT ITS NOT.

    I ALSO HAVE A DAMAGED FILE THAT I DON'T KNOW HOW TO FIX.

    HTTP://CODECS.MICROSOFT.COM/CODECS/i386/VOXACM.CAB
    ITS A PROGRAM FILE I BELIEVE.

    I DON'T KNOW MUCH ABOUT COMPUTERS SO I AM LOST!:confused:
     
  2. SavvyLady

    SavvyLady

    Joined:
    Oct 14, 2001
    Messages:
    2,218
    in WinME its easy to do a system restore & you don't lose what you have downloaded. Go to start/help & click it to open... then on the left side about 2/3 the way down... look for Fix a Problem... and under that you will find system restore.... click it & then choose restore to an earlier time... pick a date on the calender ... maybe a week to 10 days ago & follow thru..
    come back & let us know how it went...


    if its far enough back to where there was no damaged file you will have fixed it.
     
  3. eekamaus

    eekamaus Thread Starter

    Joined:
    Dec 23, 2001
    Messages:
    15
    system restore only goes back to the middle of nov. i had a virus problem from oct to nov. i don't know if it is really gone.
    nav scans don't turn anything up. it would be great if i could go to sept. as for not losing data, that's not true i do lose things when i do a restore. is there anything else i could do? thanks
     
  4. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    36,151
    Hiya

    For the first error, are you getting any errors that pop up as in a window? Have you added any new hardware recently?

    Sometimes this error can occur with MMSYSTEM.DLL when it is missing from the [boot] section of the System.ini file. Can you confirm that it is there?

    Go to Find Files and type in system.ini

    Check that in the [boot] section it says:

    drivers=mmsystem.dll

    If it does, just close it. If not, add it.

    Ah, hang on, you said you had a virus. Lets see if thats all gone. Go here and download Startup Log

    http://home.earthlink.net/~rmbox/Reticulated/Toys.html

    Install and run it, allow for the DOS window to close, then copy/paste here.

    We'll go through that first before you change anything in system.ini.

    Regards

    eddie
     
  5. eekamaus

    eekamaus Thread Starter

    Joined:
    Dec 23, 2001
    Messages:
    15
    how do i paste the info?
     
  6. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    36,151
    Okay

    I assume that you've run it and that a log has been produced. Just go to the log, open it up and it will be in, say, wordpad.

    Then, go to Edit | Select All. Then, Copy.

    Then, when you're here, just rightclick inside the reply space (here) and choose Paste.

    Is that ok?

    eddie
     
  7. eekamaus

    eekamaus Thread Starter

    Joined:
    Dec 23, 2001
    Messages:
    15
    sorry i have not responded in awhile i have not used my computer for a while.


    ---------- C:\WINDOWS\desktop\StartUp.Log

    Start-Ups checked at 01-02-2002 9:17:44.89p
    __________________________________________________________________________
    __________________________________________________________________________

    StartUp Log for Windows 95/98 - Freeware by rmbox
    __________________________________________________________________________
    __________________________________________________________________________

    Comments:

    This is a log of all the programs on your computer that
    are starting automatically every time you start Windows.
    Using this log can be a quick way to spot trojans.

    StartUp Log (version 1.54) - Release Date 12/12/2001

    __________________________________________________________________________
    __________________________________________________________________________

    StartUp Log Index

    1. HKLM Run
    2. HKCU Run
    3. HKLM RunOnce
    4. HKCU RunOnce
    5. HKLM RunServices
    6. HKLM RunServicesOnce
    7. WIN.INI file
    8. SYSTEM.INI file
    9. AUTOEXEC.BAT file
    10. StartUp folder
    11. All Users StartUp
    12. Misc. StartUp Configurations

    __________________________________________________________________________
    __________________________________________________________________________

    The following is a list of your current Start-Ups
    __________________________________________________________________________
    __________________________________________________________________________

    1. HKLM Run - Registry

    [RegPath]
    "StartUp"


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Creative Launcher"="C:\\Program Files\\Creative\\SBLive\\Launcher\\CTLauncher.exe"
    "AudioHQ"="C:\\Program Files\\Creative\\SBLive\\AudioHQ\\AHQTB.EXE"
    "PCTVOICE"="pctvoice.exe"
    "Adaptec DirectCD"="C:\\PROGRA~1\\ADAPTEC\\DIRECTCD\\DIRECTCD.EXE"
    "wcmdmgr"="C:\\WINDOWS\\wt\\updater\\wcmdmgrl.exe -launch"
    "SystemTray"="SysTray.Exe"
    "CountrySelection"="pctptt.exe"
    "ScanRegistry"="C:\\WINDOWS\\scanregw.exe /autorun"
    "TaskMonitor"="C:\\WINDOWS\\taskmon.exe"
    "PCHealth"="C:\\WINDOWS\\PCHealth\\Support\\PCHSchd.exe -s"
    "Norton Auto-Protect"="C:\\PROGRA~1\\NORTON~1\\NAVAPW32.EXE /LOADQUIET"
    "NAV DefAlert"="C:\\PROGRA~1\\NORTON~1\\DEFALERT.EXE"
    "Norton eMail Protect"="C:\\Program Files\\Norton AntiVirus\\POPROXY.EXE"
    "AVGCtrl"="C:\\PROGRA~1\\AVPERS~1\\AVGCTRL.EXE /min"
    "MSConfigReminder"="C:\\WINDOWS\\SYSTEM\\msconfig.exe /reminder"
    "LoadPowerProfile"="Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"
    "devldr16.exe"="C:\\WINDOWS\\SYSTEM\\devldr16.exe"
    "CreateCD"="C:\\PROGRA~1\\ADAPTEC\\EASYCD~1\\CREATECD\\CREATECD.EXE -r"


    ==========================================================================
    __________________________________________________________________________

    2. HKCU Run - Registry

    [RegPath]
    "StartUp"


    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="C:\\PROGRA~1\\MESSEN~1\\msmsgs.exe /background"


    ==========================================================================
    __________________________________________________________________________

    3. HKLM RunOnce - Registry

    [RegPath]
    "StartUp"


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]


    ==========================================================================
    __________________________________________________________________________

    4. HKCU RunOnce - Registry

    [RegPath]
    "StartUp"


    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]


    ==========================================================================
    __________________________________________________________________________

    5. HKLM RunServices - Registry

    [RegPath]
    "StartUp"


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
    "SchedulingAgent"="mstask.exe"
    "ScriptBlocking"="\"C:\\Program Files\\Common Files\\Symantec Shared\\Script Blocking\\SBServ.exe\" -reg"
    "Machine Debug Manager"="C:\\WINDOWS\\SYSTEM\\MDM.EXE"
    "*StateMgr"="C:\\WINDOWS\\System\\Restore\\StateMgr.exe"
    "SSDPSRV"="C:\\WINDOWS\\SYSTEM\\ssdpsrv.exe"
    "LoadPowerProfile"="Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"


    ==========================================================================
    __________________________________________________________________________

    6. HKLM RunServicesOnce - Registry

    [RegPath]
    "StartUp"


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]


    ==========================================================================
    __________________________________________________________________________

    7. WIN.INI File - (c:\windows\win.ini)

    Your win.ini run/load lines should look like run= and load= exclusively.
    There should be nothing to the right of the equal signs.


    These are the run and load lines in your WIN.INI file

    run=

    load=

    ==========================================================================
    __________________________________________________________________________

    8. SYSTEM.INI File - (c:\windows\system.ini)

    Your system.ini shell line should look like shell=Explorer.exe exclusively.
    You should only see Explorer.exe following the equal sign.


    This is the shell line in your SYSTEM.INI file

    shell=Explorer.exe

    ==========================================================================
    __________________________________________________________________________

    9. AUTOEXEC.BAT File - (c:\autoexec.bat)

    (Some trojans have been known to start from this file)


    These are your program startups and set paths in your autoexec.bat file

    SET windir=C:\WINDOWS
    SET winbootdir=C:\WINDOWS
    SET COMSPEC=C:\WINDOWS\COMMAND.COM
    SET PATH=C:\WINDOWS;C:\WINDOWS\COMMAND
    SET PROMPT=$p$g
    SET TEMP=C:\WINDOWS\TEMP
    SET TMP=C:\WINDOWS\TEMP

    ==========================================================================
    __________________________________________________________________________

    10. StartUp Folder - (c:\windows\start menu\programs\startup)

    Shortcuts to any program will automatically start when placed here.


    These are the shortcuts located in your StartUp folder

    C:\WINDOWS\Start Menu\Programs\StartUp\MSN Internet Access.lnk

    ==========================================================================
    __________________________________________________________________________

    11. All Users Folder - (c:\windows\all users\start menu\programs\startup)

    Shortcuts to any program will automatically start when placed here.


    These are the shortcuts located in your All Users StartUp folder


    *(No start-ups found)*

    ==========================================================================
    __________________________________________________________________________

    12. Miscellaneous StartUp Configurations

    -============================-
    Registry StartUp Directories
    -============================-

    Should show the Start Menu StartUp and All Users StartUp directories

    .....................................................................

    [1] HKCU - Shell Folders

    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders

    "Startup"="C:\\WINDOWS\\Start Menu\\Programs\\StartUp"

    .....................................................................

    [2] HKCU - User Shell Folders

    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders


    .....................................................................

    [3] HKLM - Shell Folders

    HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\Shell Folders

    "Common Startup"="C:\\WINDOWS\\All Users\\Start Menu\\Programs\\StartUp"

    .....................................................................

    [4] HKLM - User Shell Folders

    HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders


    .....................................................................

    -=======================-
    Registry Shell Spawning
    -=======================-

    Open Commands for Executable File Types

    @="\"%1\" %*"
    (.exe file - RegPath = HKCR\exefile\shell\open\command)

    @="\"%1\" %*"
    (.com file - RegPath = HKCR\comfile\shell\open\command)

    @="\"%1\" /S"
    (.scr file - RegPath = HKCR\scrfile\shell\open\command)

    @="\"%1\" %*"
    (.bat file - RegPath = HKCR\batfile\shell\open\command)

    @="\"%1\" %*"
    (.pif file - RegPath = HKCR\piffile\shell\open\command)

    @="C:\\WINDOWS\\SYSTEM\\MSHTA.EXE \"%1\" %*"
    (.hta file - RegPath = HKCR\htafile\shell\open\command)

    -=========================-
    HKLM RunOnceEx - Registry
    -=========================-


    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx]


    -=========================-
    HKU (.Default) Run - Registry
    -=========================-


    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="C:\\PROGRA~1\\MESSEN~1\\msmsgs.exe /background"


    -==============================-
    HKU (.Default) RunOnce - Registry
    -==============================-


    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\RunOnce]


    -================================-
    StubPaths - Registry (Partial Listing)
    -================================-

    (Please see the StubPath.txt on your desktop for complete listing)

    HKLM\Software\Microsoft\Active Setup\Installed Components


    "StubPath"="C:\\WINDOWS\\msnmgsr1.exe"
    "StubPath"="C:\\WINDOWS\\COMMAND\\sulfnbk.exe /L"
    "StubPath"=""
    "StubPath"="\"C:\\PROGRA~1\\OUTLOO~1\\setup50.exe\" /APP:OE /CALLER:IE50 /user /install"
    "StubPath"="\"C:\\PROGRA~1\\OUTLOO~1\\setup50.exe\" /APP:WAB /CALLER:IE50 /user /install"
    "StubPath"="C:\\WINDOWS\\SYSTEM\\updcrl.exe -e -u C:\\WINDOWS\\SYSTEM\\verisignpub1.crl"
    "StubPath"="C:\\WINDOWS\\SYSTEM\\ie4uinit.exe"

    -=================-
    WINSTART.BAT File - (c:\windows\winstart.bat)
    -=================-

    @C:\WINDOWS\tmpcpyis.bat

    -=================-
    DOSSTART.BAT File - (c:\windows\dosstart.bat)
    -=================-

    @echo off

    REM Notes:
    REM DOSSTART.BAT is run whenenver you choose "Restart the computer
    REM in MS-DOS mode" from the Shutdown menu in Windows. It allows
    REM you to load programs that you might not want loaded in Windows,
    REM (because they have functional equivalents) but that you do
    REM want loaded under MS-DOS. The two primary candidates for
    REM this are MSCDEX and a real mode driver for the mouse you ship
    REM with your system. Commands that you want present in both Windows
    REM and MS-DOS should be placed in the Autoexec.bat in the
    REM \Image directory of your reference server. Please note that for
    REM MSCDEX you will need to load the corresponding real-mode CD
    REM driver in Config.sys. This driver won't be used by Windows 98
    REM but will be available prior to and after Windows 98 exits.
    REM
    REM This file is also helpful if you want to F8 boot into MS-DOS 7.0
    REM before Windows loads and access the CD-ROM. All you have to do
    REM is press F8 and then run DOSSTART to load MSCDEX and your real
    REM mode mouse driver (no need to remember the command line parameters
    REM for these two files.
    REM
    REM - You MUST explicitly specify the CD ROM Drive Letter for MSCDEX.
    REM - The string following the /D: statement must explicitly match
    REM the string in CONFIG.SYS following your CD-ROM device driver.

    REM MSCDEX.EXE /D:OEMCD001 /l:d
    REM MOUSE.EXE


    -=====================-
    Screen Saver Settings (Possible system.ini start-up)
    -=====================-

    SCRNSAVE.EXE=C:\WINDOWS\SYSTEM\BLANKS~1.SCR

    ==========================================================================
    __________________________________________________________________________

    - Supplemental Environment Information -

    COMSPEC=C:\WINDOWS\COMMAND.COM
    PATH=C:\WINDOWS;C:\WINDOWS\COMMAND
    TEMP=C:\WINDOWS\TEMP
    TMP=C:\WINDOWS\TEMP
    winbootdir=C:\WINDOWS
    windir=C:\WINDOWS

    File - c:\windows\deletefi.ini

    ==========================================================================
    __________________________________________________________________________

    - End -
     
  8. eekamaus

    eekamaus Thread Starter

    Joined:
    Dec 23, 2001
    Messages:
    15
    WOW THAT WORKS! THANK YOU!!
    YOU PROBABLY KNOW THIS, BUT THERE IS SOMETHING CALLED A STUB PATH THAT ALSO APPEARED IN THE SCAN. I COULD NOT FIT IT IN THE SAME REPLY AS THAT START LOG SO HERE IT IS.

    ---------- StubPath.txt

    =========================================================
    StartUp Log Full StubPath List - 01-02-2002 9:17:49.39p
    =========================================================

    Comments:

    The application referenced by a StubPath entry is only run once
    when Windows is started.
    At that time a corresponding entry is automatically placed in the
    HKCU\...Active Setup\Installed Components section of the registry.
    This added entry tells Windows to ignore that particular StubPath
    in all future start-ups.
    Removing the added HKCU entry will make the StubPath active again.
    A New User logging into Windows can also activate it.

    This StubPath list is separate from StartUp.Log due to the large
    number of registry StubPaths that are found on some computers.

    -=====================-
    Stub Paths - Registry
    -=====================-

    [1] HKLM\Software\Microsoft\Active Setup\Installed Components
    [2] These are "all" of the StubPath start-ups in your registry:

    [3]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection SetupcPerUser 64 C:\\WINDOWS\\INF\\setupc.inf"
    [4]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection AppletsPerUser 64 C:\\WINDOWS\\INF\\applets.inf"
    [5]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_CVT_Inis 64 C:\\WINDOWS\\INF\\applets1.inf"
    [6]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection FontsPerUser 64 C:\\WINDOWS\\INF\\fonts.inf"
    [7]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_HNW_Inis 64 C:\\WINDOWS\\INF\\ICS.inf"
    [8]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_ICW_Inis 0 C:\\WINDOWS\\INF\\icw97.inf"
    [9]"StubPath"="RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP"
    [10]"StubPath"="regsvr32.exe /s /n /i:U shell32.dll"
    [11]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_moviemaker 64 C:\\WINDOWS\\INF\\moviemk.inf"
    [12]"StubPath"="C:\\WINDOWS\\msnmgsr1.exe"
    [13]"StubPath"="RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf"
    [14]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Msinfo 64 C:\\WINDOWS\\INF\\msinfo.inf"
    [15]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Msinfo2 64 C:\\WINDOWS\\INF\\msinfo.inf"
    [16]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection MotownMmsysPerUser 64 C:\\WINDOWS\\INF\\motown.inf"
    [17]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection MotownAvivideoPerUser 64 C:\\WINDOWS\\INF\\motown.inf"
    [18]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Base 64 C:\\WINDOWS\\INF\\msmail.inf"
    [19]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection SamplerPerUser 64 C:\\WINDOWS\\INF\\sampler.inf"
    [20]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection ShellPerUser 64 C:\\WINDOWS\\INF\\shell.inf"
    [21]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection Shell2PerUser 64 C:\\WINDOWS\\INF\\shell2.inf"
    [22]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_winbase_Links 64 C:\\WINDOWS\\INF\\subase.inf"
    [23]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_winapps_Links 64 C:\\WINDOWS\\INF\\subase.inf"
    [24]"StubPath"="C:\\WINDOWS\\COMMAND\\sulfnbk.exe /L"
    [25]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection TapiPerUser 64 C:\\WINDOWS\\INF\\tapi.inf"
    [26]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_MSWordPad_Inis 64 C:\\WINDOWS\\INF\\wordpad.inf"
    [27]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUserOldLinks 64 C:\\WINDOWS\\INF\\appletpp.inf"
    [28]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection MmoptRegisterPerUser 64 C:\\WINDOWS\\INF\\mmopt.inf"
    [29]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_CDPlayer_Inis 64 C:\\WINDOWS\\INF\\mmopt.inf"
    [30]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection OlsPerUser 64 C:\\WINDOWS\\INF\\ols.inf"
    [31]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection OlsMsnPerUser 64 C:\\WINDOWS\\INF\\ols.inf"
    [32]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_PCHealth 64 C:\\WINDOWS\\INF\\pchealth.inf"
    [33]"StubPath"=""
    [34]"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\mplayer2.inf,PerUserStub"
    [35]"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\wmp.inf,PerUserStub"
    [36]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Paint_Inis 64 C:\\WINDOWS\\INF\\applets.inf"
    [37]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Calc_Inis 64 C:\\WINDOWS\\INF\\applets.inf"
    [38]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_dxxspace_Links 64 C:\\WINDOWS\\INF\\applets1.inf"
    [39]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Enable_Inis 64 C:\\WINDOWS\\INF\\enable.inf"
    [40]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Wingames_Inis 64 C:\\WINDOWS\\INF\\games.inf"
    [41]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_ZoneGame_Inis 64 C:\\WINDOWS\\INF\\games.inf"
    [42]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_PBGame_Inis 64 C:\\WINDOWS\\INF\\games.inf"
    [43]"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\msmsgs.inf,BLC.Install.PerUser"
    [44]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection MotownRecPerUser 64 C:\\WINDOWS\\INF\\motown.inf"
    [45]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Vol 64 C:\\WINDOWS\\INF\\motown.inf"
    [46]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection MotownMPlayPerUser 64 C:\\WINDOWS\\INF\\motown.inf"
    [47]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_RNA_Inis 64 C:\\WINDOWS\\INF\\rna.inf"
    [48]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Sysmon_Inis 64 C:\\WINDOWS\\INF\\appletpp.inf"
    [49]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Sysmeter_Inis 64 C:\\WINDOWS\\INF\\appletpp.inf"
    [50]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_netwatch_Inis 64 C:\\WINDOWS\\INF\\appletpp.inf"
    [51]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_CharMap_Inis 64 C:\\WINDOWS\\INF\\appletpp.inf"
    [52]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Onlinelnks_Inis 64 C:\\WINDOWS\\INF\\appletpp.inf"
    [53]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_Dialer_Inis 64 C:\\WINDOWS\\INF\\appletpp.inf"
    [54]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection PerUser_ClipBrd_Inis 64 C:\\WINDOWS\\INF\\clip.inf"
    [55]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection MmoptMusicaPerUser 64 C:\\WINDOWS\\INF\\mmopt.inf"
    [56]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection MmoptJunglePerUser 64 C:\\WINDOWS\\INF\\mmopt.inf"
    [57]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection MmoptRobotzPerUser 64 C:\\WINDOWS\\INF\\mmopt.inf"
    [58]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection MmoptUtopiaPerUser 64 C:\\WINDOWS\\INF\\mmopt.inf"
    [59]"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\msnetmtg.inf,NetMtg.Remove.PerUser.W95"
    [60]"StubPath"="\"C:\\PROGRA~1\\OUTLOO~1\\setup50.exe\" /APP:OE /CALLER:IE50 /user /install"
    [61]"StubPath"="\"C:\\PROGRA~1\\OUTLOO~1\\setup50.exe\" /APP:WAB /CALLER:IE50 /user /install"
    [62]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection OlsAolPerUser 64 C:\\WINDOWS\\INF\\ols.inf"
    [63]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection OlsAttPerUser 64 C:\\WINDOWS\\INF\\ols.inf"
    [64]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection OlsProdigyPerUser 64 C:\\WINDOWS\\INF\\ols.inf"
    [65]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection OlsEarthlinkPerUser 64 C:\\WINDOWS\\INF\\ols.inf"
    [66]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection Shell3PerUser 64 C:\\WINDOWS\\INF\\shell3.inf"
    [67]"StubPath"="rundll.exe C:\\WINDOWS\\SYSTEM\\setupx.dll,InstallHinfSection Themes_MoreWindows_PerUser 0 C:\\WINDOWS\\INF\\themes.inf"
    [68]"StubPath"="rundll.exe Setupx.dll,InstallHinfSection Install 64 C:\\WINDOWS\\INF\\RUNLAST.INF"
    [69]"StubPath"="rundll rnasetup.dll,installoptionalcomponent rna"
    [70]"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\wpie5x86.inf,PerUserStub"
    [71]"StubPath"="C:\\WINDOWS\\SYSTEM\\updcrl.exe -e -u C:\\WINDOWS\\SYSTEM\\verisignpub1.crl"
    [72]"StubPath"="C:\\WINDOWS\\SYSTEM\\ie4uinit.exe"

    ----------------------------------------------------------------

    (End)
    GOOD LUCK. !
     
  9. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    36,151
    Well, that was quite a read :p

    Now, lets see if its any of your startup programs. I've encluded a description as well.

    Creative Launcher: For Creative Soundblaster Live! series soundcards. Adds a quick-launch bar to the top of the display and a System Tray icon. Available via Start -> Programs - not required

    AudioHQ: For Creative Soundblaster Live! series soundcards. System tray application for SB Live! functions. Available via Start -> Programs - not required

    PCTVOICE: The program PCTVoice is used by the modem to interface with your computer and also used for some V.80 functions for Video Conferencing. if you remove it, it comes back. It’s better to leave it

    Adaptec DirectCD: Unless you have a CD-RW in the drive to drag and drop files to it you don't need DirectCD. Available via Start -> Programs - not required

    wcmdmgr: It will periodically contact WildTangent servers to see if an update is available for your system and allows us to make the product exceptionally reliable. You can control its behavior, or disable it completely, inside your Windows Control Panel. Not required

    SystemTray: keep

    CountrySelection: Country selection for a PCtel HSP56 based modem. Often found in OEM (Dell,Compaq, HP, etc) systems for their modems included on the motherboard or as a seperate card. Once you've set the modem up to the chosen country it's not required

    ScanRegistry: keep

    TaskMonitor: The Task Monitor the disk-access patterns of programs when they are started and stores this information in log files in the Applog folder. Task Monitor also records the number of times you use a program. The Disk Defragmenter tool uses this information to optimize your hard disk so that programs that you use frequently are loaded faster. Not required - but can be useful

    PCHealth: WinME. This is a "scheduler" and does not turn off PC Health

    Norton Auto-Protect: Norton Anti-Virus's background scanning process. Can be inconvenient because it scans files when Run/Opened or Downloaded/Created and you can scan files manually via right-click after downloading/copying. However, in light of some of the viruses around these days it's probably best to put up with the inconvenience

    NAV DefAlert: Norton Anti-Virus Definitions Alert. Warns you if virus definitions are out of date. You should update definitions on at least a weekly basis anyway if you use the internet regularly

    Norton eMail Protect: Proxy E-mail protection from Norton Anti-Virus. If you have it installed, leave it enabled to automatically check for suspect attachments in E-mails that may contain viruses. E-mails are scanned on a proxy server before being downloaded to your system

    AVGCtrl: Did you have AVG? Have you uninstalled it if you had?

    MSConfigReminder: This is an entry that appears when you uncheck an item in the Startup group, and will disappear if on the next reboot you select the option to not be reminded that you are running in Selective Startup mode

    LoadPowerProfile: Power management specifics such as monitor shut-off, system standby, etc. keep

    devldr16.exe: Associated with Creative Labs sound cards. Provides audio support for DOS applications. Not needed if you don't have those.

    CreateCD: Adaptec Easy CD Creator system tray application (pre version 5). Available via Start -> Programs - not required

    Okay, for the ones you don't want, go to Run and type MSCONFIG. Startup tab. Uncheck the ones you don't want, apply and restart. If you're unsure, do each seperately. but apply and restart after each one.

    You also have this:

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr
    entVersion\Run]
    "MSMSGS"="C:\\PROGRA~1\\MESSEN~1\\msmsgs.exe /background"


    but its not in your startup. Did you ever have MSN Messenger? This is the registry entry for it that needs to be removed. But that may not be causing this.

    Can you post the contents of your system.ini and I'll confirm that the drivers bit is in there.

    No virus from what I can see, btw.

    Regards

    eddie
     
  10. eekamaus

    eekamaus Thread Starter

    Joined:
    Dec 23, 2001
    Messages:
    15
    system.ini will not copy because there is no EDIT tab to select all.

    AVG CONTROL - DO NOT KNOW WHAT THIS IS. EXCEPT THAT IT HAS TO DO WITH MOUSE CONTROLS. I HAD A FREE CUSTOM CURSOR AT ONE TIME FROM COMET CURSOR(?) BUT I GOT RID OF IT BECAUSE IT PUT ITS OWN ADRESS BAR WHICH I DID NOT WANT.

    MSN MESSENER: IT CAME WITH THE COMPUTER, BUT I NEVER USE IT. IT RUNS IN THE BACKGROUND WHEN I'M LOGGED ON ACCORDING TO A MESSAGE I GOT WHEN I CLICKED ON ITS ICON ON THE TASKBAR.

    I CAME ACROSS THE FOLLOWING IN SYSTEM INFORMATION:
    {00000075-9980-0010-8000-00AA00389B71} Damaged 0,0,0,1 http://codecs.microsoft.com/codecs/i386/voxacm.CAB
    IN THE INTERNET CACHE LIST OF ITEM. WHAT IS THIS?

    ALSO I DID A FREE TROJAN SCAN FROM ANTI-TROJAN.NET AND IT SAID I HAD AN OPEN PORT 5000 WITH YAHOO MESSENGER CHAT BEING THE APPLICATION. HOW DO I CLOSE IT.
    GLAD TO HEAR NO VIRUSES!!!!
     
  11. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    36,151
    Hiya

    You said that you had Comet Cursor. Did you remove it via AddRemove? It may have left some traces, so go here and download AddAware www.lavasoftusa.org
    Install and run it, ensuring Deep Registry Scan is enabled. Remove all except any references to Web3000 or new.net. If you're unsure, copy/paste the list.

    Whilst you're there, download and install RefUpdate. Run it to update the Reference file.

    For the system.ini, hust rightclick inside the notepad and choose Select All, then do it again and choose Copy. Paste here.

    You say that the codecs file that is corrupt is in the Internet Cache. Have you emptied it lately?

    Tools | Internet Options. General tab. Under Delete Files, delete offline content.

    Is it still there? It may be due to your WMP codecs.

    Go here and download the codecs:

    http://www.microsoft.com/downloads/search.asp?

    As I'm at work, we can't do all the stuff at home, so put Windows Me in OS, Windows Media Player in Products and do by date. Its around Sept.

    Regards

    eddie
     
  12. eekamaus

    eekamaus Thread Starter

    Joined:
    Dec 23, 2001
    Messages:
    15
    Scan initialized on 1/21/2002 10:22:06 PM.
    (AAW release 5.62, referencefile 087-22.09.2001)
    =================================================


    Started memory scan
    ====================
    Running processes:

    #:1 Name: C:\WINDOWS\SYSTEM\KERNEL32.DLL
    ----------------------------
    Threads:4
    ProcID:4279207333
    ParentProcID:2123310197
    BasePriority:High

    #:2 Name: C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    ----------------------------
    Threads:1
    ProcID:4294951749
    ParentProcID:4279207333
    BasePriority:Normal

    #:3 Name: C:\WINDOWS\SYSTEM\mmtask.tsk
    ----------------------------
    Threads:1
    ProcID:4294861445
    ParentProcID:4294951749
    BasePriority:Normal

    #:4 Name: C:\WINDOWS\SYSTEM\MPREXE.EXE
    ----------------------------
    Threads:1
    ProcID:4294863041
    ParentProcID:4294951749
    BasePriority:Normal

    #:5 Name: C:\WINDOWS\SYSTEM\MSTASK.EXE
    ----------------------------
    Threads:3
    ProcID:4294858325
    ParentProcID:4294863041
    BasePriority:Normal

    #:6 Name: C:\WINDOWS\SYSTEM\MDM.EXE
    ----------------------------
    Threads:2
    ProcID:4294883049
    ParentProcID:4294863041
    BasePriority:Normal

    #:7 Name: C:\WINDOWS\SYSTEM\SSDPSRV.EXE
    ----------------------------
    Threads:4
    ProcID:4294874381
    ParentProcID:4294863041
    BasePriority:Normal

    #:8 Name: C:\WINDOWS\SYSTEM\DEVLDR16.EXE
    ----------------------------
    Threads:3
    ProcID:4294775949
    ParentProcID:4294859045
    BasePriority:Normal

    #:9 Name: C:\WINDOWS\EXPLORER.EXE
    ----------------------------
    Threads:12
    ProcID:4294800289
    ParentProcID:4294951749
    BasePriority:Normal

    #:10 Name: C:\PROGRAM FILES\CREATIVE\SBLIVE\LAUNCHER\CTLAUNCHER.EXE
    ----------------------------
    Threads:1
    ProcID:4294781817
    ParentProcID:4294800289
    BasePriority:Normal

    #:11 Name: C:\PROGRAM FILES\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
    ----------------------------
    Threads:1
    ProcID:4294711373
    ParentProcID:4294800289
    BasePriority:Normal

    #:12 Name: C:\WINDOWS\PCTVOICE.EXE
    ----------------------------
    Threads:2
    ProcID:4294710077
    ParentProcID:4294800289
    BasePriority:Normal

    #:13 Name: C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
    ----------------------------
    Threads:1
    ProcID:4294724421
    ParentProcID:4294800289
    BasePriority:Normal

    #:14 Name: C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    ----------------------------
    Threads:2
    ProcID:4294751661
    ParentProcID:4294800289
    BasePriority:Normal

    #:15 Name: C:\WINDOWS\WT\UPDATER\WCMDMGR.EXE
    ----------------------------
    Threads:3
    ProcID:4294756445
    ParentProcID:4294707837
    BasePriority:Idle

    #:16 Name: C:\WINDOWS\TASKMON.EXE
    ----------------------------
    Threads:1
    ProcID:4294643069
    ParentProcID:4294800289
    BasePriority:Normal

    #:17 Name: C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
    ----------------------------
    Threads:6
    ProcID:4294682709
    ParentProcID:4294800289
    BasePriority:Normal

    #:18 Name: C:\WINDOWS\SYSTEM\WMIEXE.EXE
    ----------------------------
    Threads:3
    ProcID:4294685049
    ParentProcID:4294751661
    BasePriority:Normal

    #:19 Name: C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
    ----------------------------
    Threads:1
    ProcID:4294682297
    ParentProcID:4294800289
    BasePriority:Normal

    #:20 Name: C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    ----------------------------
    Threads:4
    ProcID:4294697653
    ParentProcID:4294870349
    BasePriority:Normal

    #:21 Name: C:\PROGRAM FILES\AVPERSONAL\AVGCTRL.EXE
    ----------------------------
    Threads:2
    ProcID:4294617929
    ParentProcID:4294800289
    BasePriority:Normal

    #:22 Name: C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 4\CREATECD\CREATECD.EXE
    ----------------------------
    Threads:4
    ProcID:4294634585
    ParentProcID:4294800289
    BasePriority:Normal

    #:23 Name: C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE
    ----------------------------
    Threads:1
    ProcID:4294613825
    ParentProcID:4294800289
    BasePriority:Normal

    #:24 Name: C:\PROGRAM FILES\MSNIA\TRAYCLNT.EXE
    ----------------------------
    Threads:6
    ProcID:4294509961
    ParentProcID:4294800289
    BasePriority:Normal

    #:25 Name: C:\WINDOWS\SYSTEM\PSTORES.EXE
    ----------------------------
    Threads:3
    ProcID:4294529817
    ParentProcID:4294613825
    BasePriority:Normal

    #:26 Name: C:\PROGRAM FILES\CREATIVE\SBLIVE\LAUNCHER\TASKGUIDE\UPDTRAY.EXE
    ----------------------------
    Threads:1
    ProcID:4294534821
    ParentProcID:4294781817
    BasePriority:Normal

    #:27 Name: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    ----------------------------
    Threads:10
    ProcID:4294524237
    ParentProcID:4294800289
    BasePriority:Normal

    #:28 Name: C:\WINDOWS\SYSTEM\RNAAPP.EXE
    ----------------------------
    Threads:3
    ProcID:4294497485
    ParentProcID:4294524237
    BasePriority:Normal

    #:29 Name: C:\WINDOWS\SYSTEM\TAPISRV.EXE
    ----------------------------
    Threads:5
    ProcID:4294386101
    ParentProcID:4294497485
    BasePriority:Normal

    #:30 Name: C:\WINDOWS\SYSTEM\DDHELP.EXE
    ----------------------------
    Threads:6
    ProcID:4294372581
    ParentProcID:4294524237
    BasePriority:Realtime

    #:31 Name: C:\PROGRAM FILES\LAVASOFT AD-AWARE\AD-AWARE.EXE
    ----------------------------
    Threads:1
    ProcID:4294356529
    ParentProcID:4294800289
    BasePriority:Normal

    Memory scan result:
    Total modules found:31
    Suspicious modules found:0


    Started registry scan
    ======================
    Transponder key:HKEY_CLASSES_ROOT\clsid\{00000000-5eb9-11d5-9d45-009027c14662}\
    CometCursor key:HKEY_CLASSES_ROOT\clsid\{6f2d6a5e-e3e7-4f18-887c-c777650def57}\
    CometCursor key:HKEY_CLASSES_ROOT\clsid\{7f0f5da7-84cb-11d4-8137-00500487b1c5}\
    CometCursor key:HKEY_CLASSES_ROOT\clsid\{827a2ece-d76f-4bcc-82ed-d6a287c11211}\
    CometCursor key:HKEY_CLASSES_ROOT\clsid\{c38fc998-3b1b-4f59-a710-5a6c9cf8bd92}\
    Transponder key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-5eb9-11d5-9d45-009027c14662}\


    Started extended registry scan
    ===============================


    Registry scan result:
    Suspicious keys found :6


    Started folder scan
    ====================
    Warning, no disk in drive (A)

    Now processing drive (C), 0 remaining.
    Finished processing Drive(C), 1111 folders total.

    Folder scan result:
    Folders processed:1111
    Suspicious folders found:0


    Started file scan
    ==================

    File scan result:
    Suspicious files found:0



    Scanning finished
    ==================
    Suspicious modules found:0
    Suspicious keys found :6
    Suspicious folders found:0
    Suspicious files found:0
    =========================
    Spyware components ignored:0
    Total spyware components found:

    WOW THE SITE IS BACK !!! COOL!!!
    ANYWAY I DOWNLOADED ADAWARE TODAY AND POSTED THE RESULTS ABOVE.

    I COULD NOT COPY/PASTE SYSTEM.INI BUT
    DRIVERS=MMSYSTEM.DLL POWER DRV
    ITS NOT EXACTLY WHAT YOU TYPED IS IT OK?
    AVG IS AN ANTIVIRUS PROGRAM I INSTALLED DEC 25, 01
    I'VE UNINSTALLED WILD TANGENT ABOUT 2X.
    AND I DOWNLOADED A FREE PROGRAM FROM ZONELABS
    BOY THAT WAS A MISTAKE. TALK ABOUT TAKING OVER MY COMPUTER. THEY ARE VERY DIFFICULT TO GET RID OF!\

    MY CODEC IS STILL DAMAGED.
     
  13. eekamaus

    eekamaus Thread Starter

    Joined:
    Dec 23, 2001
    Messages:
    15
    I COULD NOT POST THE SUSPICIOUS LIST OF SIX ITEMS FOUND.
    I WILL MENTION THEM.

    THERE ARE 5 FROM COMET CURSOR AND
    1 FROM TRANSPONDER.

    WHAT SHOULD I DO? DELETE?
    ALSO I FOUND THIS :SNIFFPOL.DLL WHILE SEARCHING STARTUP
    IS THIS A SNOOPING PROGRAM INSTALLED ON MY COMPUERA?


    I DONT KNOW WHAT YOU MEAN BY PUTTING ME IN OS.
    WINDOWS MEDIA PLAYER PRODUCTS BY DATE.
     
  14. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    36,151
    Okay

    the files that AddAware found are fine in removing with the program. Did you uninstall cometcursor via AddRemove first? If so, just remove the files by ticking them when you click Proceed. If not, uninstall it then remove the files as above.

    You said that you have this in the system.ini

    DRIVERS=MMSYSTEM.DLL POWER DRV

    not sure if the power drv should be there. Was there a . in there? So it would be power.drv

    I thought that they had to be on their own, like this:

    [boot]
    system.drv=system.drv
    drivers=mmsystem.dll
    user.exe=user.exe
    gdi.exe=gdi.exe
    sound.drv=mmsound.drv
    dibeng.drv=dibeng.dll
    comm.drv=comm.drv
    shell=Explorer.exe
    keyboard.drv=keyboard.drv
    fonts.fon=vgasys.fon
    fixedfon.fon=vgafix.fon
    oemfonts.fon=vgaoem.fon
    386Grabber=vgafull.3gr
    display.drv=pnpdrvr.drv
    mouse.drv=mouse.drv
    *DisplayFallback=0

    [power.drv]

    maybe someone who is more in tune with these may offer some light.

    As to the codec, did you empty the TIF's?

    SNIFFPOL.DLL

    Interesting, never heard of it. Do you have a firewall?

    Also, what did you mean by

    Regards

    eddie
     
  15. eekamaus

    eekamaus Thread Starter

    Joined:
    Dec 23, 2001
    Messages:
    15
    IN SYSTEM.INI :
    [BOOT]
    oemfonts.fon=vgaoem.fon
    shell=Explorer.exe
    system.drv=system.drv
    drivers=mmsystem.dll power.drv
    user.exe=user.exe
    gdi.exe=gdi.exe
    sound.drv=mmsound.drv
    dibeng.drv=dibeng.dll
    comm.drv=comm.drv
    mouse.drv=mouse.drv
    keyboard.drv=keyboard.drv
    *DisplayFallback=0
    font.fon=vgasys.fon
    386Grabber=vgafull.3gr
    display.drv=pnpdrvr.drv
    display.drv=pnpdrvr.drv
    SCRNSAVE.EXE=C:\WINDOWS\SYSTEM\BLANKS~1.SCR
    *DisplayFallback=0
    *DisplayFallback=0
    [keyboard]
    boot.description]
    [386Enh]
    [NonWindowsApp]
    [power.drv]
    [drivers]
    [iccvid.drv]
    [mciseq.drv]
    [mci]
    [vcache]
    [MSNP32]
    [Password List]
    [drivers32]
    [TTFontDimenCache]


    SO YES THERE WAS A "." IN
    DRIVERS=MMSYSTEM.DLL POWER.DRV
    REFERRING TO THE CODECS:
    YES I DID EMPTY MY TEMP INTERNET FILES. I WILL SEARCH THE MICROSOFT SITE ON THIS.

    NO FIREWALL YET.
    AS TO THE QUOTE I WAS REFERRING TO THE END OF YOUR POST
    ON 1-4-02
    COMMET CURSOR~~~~~~~~


    I BELIEVE I DID REMOVE IT BY ADD/REMOVE . IT'S NOT LISTED ANYMORE. SO I JUST CHECKED THEM OFF IN AAW TO DELETE.



    I REALLY APPRECIATE YOUR HELP. THANK YOU.

    EEKAMAUS.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/62746

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice