BleepingComputer.com: How To Submit A Startup Entry

If you have information about a new Windows startup entry please create a new topic in this forum and follow this format when submitting them:

Filename:
Registry Value Name:
Command:
File Location:
Description:
Status:

The status should can have five different values:

? - Unsure as to whether it needs to run or not, but not malware.

N - Not necessary to run as it can be started as needed.

U - Its up to the user. Its not necessary to run for the computer to work, but may be important enough to have running for some users.

Y - Yes, this program is necessary to run in order for the computer or a program to operate correctly.

X - This is considered malware or undesirable to have on the machine as it can cause problems.


To find this information I will give an example using Hijackthis

This is an example of submitting info about a startup entry from a line in a HijackThis log. The particular entry corresponds to a program that is part of the AVG antivirus software.

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRAM FILES\Grisoft\AVGFREE\avgcc.exe /STARTUP


You would submit the following:

Filename: avgcc.exe
Registry Value Name: AVG7_CC [This is the name between the brackets ([])]
Command: C:\PROGRAM FILES\Grisoft\AVGFREE\avgcc.exe /STARTUP [Text after the value name]
File Location: c:\program files\grisoft\avg free\
Description: Whatever you know about it or can glean from autoruns.
Status: One of the status flags from above.

When submitting new entries, please make sure the entry does not already exist in the startup database in order to save us all time.

Another excellent tutorial, but my brain is missing a link or two here.
When you say: "When submitting new entries, please make sure the entry does not already exist in the startup database in order to save us all time." am I looking for an actual page that lists the entries that already exist for me to check against? or, are you referring to the posts under Forum Topics, where people have submitted their individual inquiries? The only other list I coul find was the Top Entries on the opening Tutorial Page?
It's quarter of three in the morning, so this may explain my confusion. I'll quit now

Hello pcnutz and welcome to BC.

Quote

At the top of the page click on Startup Programs, and in the page that comes up you will see a search box. Search the entry you want to submit, for instance, avgcc.exe. If you get a hit you can click on either the Name or Filename for more info. Sometimes you will find a link in the Description that will give even more details.

To answer your question even more....

There are many times that when you do a search you will see a filename come up in the database that matches your entry, but does not match exactly how you see it on your computer. Those should be submitted as well as they may be a piece of malware disguised as a valid program.

So even if there is a entry in the startup database that matches what you are looking for, you all the information provided in the database to make sure that it matches what you are seeing on your PC.

Brand new, as you can see...

How/where does one submit an entry for the uninstall database? I haven't been able to locate anything on the site that addresses this. Thanks.

Just add it to this forum as a new topic for now and I will add it in.

cjylylfo in start up is the BackDoor.Iterator and seems to be involved with Drivercleaner somehow. Moderators please move this where you think it belongs so I know where to put these things - thanks

This post has been edited by CuStOmCoMpUtErWoRkS: 03 March 2007 - 11:36 AM

Please create new topics when submitting startups. cjylylfo appears to be a random named file.