1. Forum
  2. Usenet
  3. ALT.COMP.OS.WINDOWS-10

  • =?UTF-8?B?UmU6IHJ1bmRsbDMyLmV4ZSBDOlxXaW5kb3dzXHN5c3RlbTMyXGFkdnBhY2su?

    From JJ@21:1/5 to Jan K. on Mon Jan 22 01:25:46 2024
    XPost: alt.comp.freeware

    On Sat, 20 Jan 2024 23:15:24 +0100, Jan K. wrote:
    The KC Softwares freeware "Startup Sentinel" usually reports new things after I
    install poorly behaved software but this time it reported something different. https://www.kcsoftwares.com/?sus

    This is what Startup Sentinel reported after a Windows update.
    HKLM:RunOnce wextract_cleanup0 rundll32.exe C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Windows\TEMP\IXP000.TMP\"

    The "advpack" sounds fishy so I looked it up a bit. https://www.google.com/search?q=wextract_cleanup0

    The first hit for "wextract_cleanup0" is this https://www.bleepingcomputer.com/startups/21644/advpack.dll/
    "Program used to cleanup after installing updates and software."

    The first hit for adpack.dll is this. https://answers.microsoft.com/en-us/windows/forum/all/advpackdll/57bd54e9-b9cf-426a-a390-f4c517e84518

    Would you let it run or kill it?

    ADVPACK.DLL is a legit Windows own DLL as long as its in the Windows system directory (oterwise it'd be suspicious). It's been around since Windows 95,
    and it was based on Windows 3.x's ADVINS16.DLL.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)