Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Basic Questions And More


  • Please log in to reply
1 reply to this topic

#1 jaeluuc

jaeluuc

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:10:06 PM

Posted 16 June 2006 - 11:30 AM

Dear Grinler, (at least I think it will be you to respond since you seem most on top of this)

First I would like to thank you for all the work that you have done with all of the lessons and resources for us!!!! I could not have survived without you!!!

My latest plunge into learning started with getting WinPatrol per recommendations in the posts for their start-up control and other benefits.

Felt ‘in over my head’ and came back to here for the lessons. Still feel like I’m drowning! A lot of my ‘stuff’ does not match up nicely to the Startup Data Base like it does in the tutorial.

I have autoruns also, so I am working through that so that I can follow the instructions.

First I have some basic questions:
1.) If I do change things, will it be reflected in the WinPatrol lists also?

2.) If I change something that BC gave a score of N to, and then someday it turns out that I am about to use/need it, will whatever I’m working on call it back to life, or will I have to go back in and re-enable it?

3.) There is a very long list under the ‘everything’ tab, and all hve a check mark by it. Does this mean that all of those things start and (stay running) when I turn on the computer? (for example, something about hot keys)

4.) A lot of those on that list end in .dll, do I look up these also?

5.) If the publisher is Microsoft or other knowns, like Kaspersky or ewido, do I need to look them up?

6.) Some things are listed more than once, like Kaspersky, AND when I put in their ‘avp.exe’ I get back '?' or warnings!

Here are a few examples of my ‘not quite a match’ or my ‘scary’ things...

C:\WINNT\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
c:\winnt\system32\userinit.exe

The good one lists: Filename – AuserInit.exe
________________________________________________________________

explorer.exe
Windows Explorer
Microsoft Corporation
c:\winnt\explorer.exe

The good one lists: Filename – explore
___________________________________________________________________

HostManager
AOL
America Online, Inc.
c:\program files\common files\aol\1142561222\ee\aolsoftware.exe

When I tried ‘aolsoftware.exe’ – got the warning
When I tried ‘HostManager’ – got the unknown
____________________________________________________________________

When I put in svchost.exe, which a good many of mine are! The list was frightening!!!!!!
These are a few of mine:

AudioSrv
Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Microsoft Corporation
c:\winnt\system32\svchost.exe

ERSvc
Allows error reporting for services and applictions running in non-standard environments.
Microsoft Corporation
c:\winnt\system32\svchost.exe


TrkWks
Maintains links between NTFS files within a computer or across computers in a network domain.
Microsoft Corporation
c:\winnt\system32\svchost.exe
__________________________________________________________________________

Some could not be found on the data base:

UPHClean
User Profile Hive Cleanup Service
Microsoft Corporation
c:\program files\uphclean\uphclean.exe
___________________________________________________________________________

I have (and update and scan daily)
Kaspersky Internet Security (AV with firewall)
Ad-Aware SE
A-Squared
Ewido
Spyware Blaster
CWShredder
Windows Defender, etc.
WinPatrol

Thank you for your time!

Jennifer

ps. I have to go do the Mom thing now, so there is no rush :thumbsup:
New Beginner
Windows XP

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,542 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:06 PM

Posted 16 June 2006 - 12:40 PM

I will try to answer your questions to the best of my knowledge but I am unfamiliar with winpatrol.

1.) If I do change things, will it be reflected in the WinPatrol lists also?


Any autorun setting you change, will appear in any other program that reads these settings such as winpatrol.

2.) If I change something that BC gave a score of N to, and then someday it turns out that I am about to use/need it, will whatever I’m working on call it back to life, or will I have to go back in and re-enable it?


You will have to enable it manually usually by putting a check in it again.

3.) There is a very long list under the ‘everything’ tab, and all hve a check mark by it. Does this mean that all of those things start and (stay running) when I turn on the computer? (for example, something about hot keys)


4.) A lot of those on that list end in .dll, do I look up these also?


It cant hurt to look them up.

5.) If the publisher is Microsoft or other knowns, like Kaspersky or ewido, do I need to look them up?


Yes..there are known malware that can disguise themselves as other vendors.

6.) Some things are listed more than once, like Kaspersky, AND when I put in their ‘avp.exe’ I get back '?' or warnings!
Here are a few examples of my ‘not quite a match’ or my ‘scary’ things...

C:\WINNT\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
c:\winnt\system32\userinit.exe


legit

HostManager
AOL
America Online, Inc.
c:\program files\common files\aol\1142561222\ee\aolsoftware.exe

When I tried ‘aolsoftware.exe’ – got the warning
When I tried ‘HostManager’ – got the unknown


You need to use all the info available to base your decision. For example the aolsoftware.exe in the database shows that it is located in C:\Windows\SYstem32. Your is located in program files under a AOL folder. Its most likely then legit.

When I put in svchost.exe, which a good many of mine are! The list was frightening!!!!!!
These are a few of mine:


Any svchost.exe in C:\WIndows\system32\ is the real deal.

Some could not be found on the data base:


Yup..we dont have every entry out there.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users