Re: Another complaint of system 32 when starting computer but differen
- From: "Wesley Vogel" <123WVogel955@xxxxxxxxxxx>
- Date: Thu, 10 Aug 2006 17:44:10 -0600
soundman.exe may or may not be a legit program.
soundman.exe is a installed with Sound cards made by Realtek. This process
merely places an icon on the system tray for easy access to diagnostic
features.
http://www.liutilities.com/products/wintaskspro/processlibrary/soundman/
W32/Agobot-JS is a worm that spreads to remote shares with weak passwords.
The worm copies itself as soundman.exe to the Windows system folder
To run on startup the worm installs itself as a service called soundman and
sets the following registry entries:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\soundman
= soundman.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\soundman
= soundman.exe
http://www.sophos.com/security/analyses/w32agobotjs.html
(Default ) REG SZ (value not set) is fine.
Value Name= CU1
Data Type= REG_SZ
Value Data=
is a startup orphan. It was left behind when something got uninstalled. It
will appear blank in msconfig.
Delete Value Name= CU1
That may be what's causing system32 to open at boot.
Also delete Value Name= CU2 Same applies to CU2 as CU1.
--
Hope this helps. Let us know.
Wes
MS-MVP Windows Shell/User
In news:ACEF71C7-D32C-4308-9C05-7564D2427251@xxxxxxxxxxxxx,
bazzab44 <bazzab44@xxxxxxxxxxxxxxxxxxxxxxxxx> hunted and pecked:
Actually there is two others in the other key. Have a look:
Name= CU1
Type= REG_SZ
Data=
The other is identical but nale is CU2.
BOTH HAVE NO DATA. I should delete these I am thinking. Woulde someone who
has more than two brain cells, which obvious I only have, please help!
Cheers
.
- Prev by Date: Re: Error loading D0CE0C16B1 & image.dll
- Next by Date: xp shuts down
- Previous by thread: HELP please..task manager lag issues
- Next by thread: Re: Another complaint of system 32 when starting computer but diff
- Index(es):
Relevant Pages
|
