Sign in with
Sign up | Sign in
Your question

Need Help reading, Hijackthis results

Last response: in Windows XP
Share
Anonymous
a b α HP
August 1, 2005 8:41:02 PM

Archived from groups: microsoft.public.windowsxp.basics (More info?)

Would someone please tell me what the following scan results are and what one
of these is not suppose to be on my computer. I've done all sorts of scans
and I still am having trouble with my computer. I have an index.dat file in
my cookies folder that I've tried three removal tools to get rid of it and
it's still there. Computer is still running slow and I know that it's
infected I just can't find out where the infection is hiding at. So far it
has managed to hid from Microsoft Antispyware, Spyware Doctor,Spybot, search
and destroy, CleanCache 3 and two other programs that said they remove
index.dat files. Any help you can offer, I'll gladly accept. Thank you.

Logfile of HijackThis v1.99.1
Scan saved at 4:32:20 PM, on 8/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\MSN\MSNCoreFiles\msn.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
C:\WINDOWS\about.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
C:\WINDOWS\about.htm
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -
C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} -
C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program
Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital
Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe"
/checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: Yahoo! Chat -
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj
Class) -
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
System Class) -
http://download.mcafee.com/molbin/shared/mcinsctl/en-us...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield
International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/...
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner -
C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file
missing)
O23 - Service: Flexlm (lmgrd) - Unknown owner - C:\Program
Files\Cadopia\IntelliCAD 4\LicenseManager\lmgrd.exe (file missing)
O23 - Service: McAfee.com McShield (McShield) - Unknown owner -
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) -
McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
Anonymous
a b α HP
August 1, 2005 11:39:27 PM

Archived from groups: microsoft.public.windowsxp.basics (More info?)

rislab wrote:
> Would someone please tell me what the following scan results are and
> what one of these is not suppose to be on my computer. I've done all
> sorts of scans and I still am having trouble with my computer. I
> have an index.dat file in my cookies folder that I've tried three
> removal tools to get rid of it and it's still there. Computer is
> still running slow and I know that it's infected I just can't find
> out where the infection is hiding at. So far it has managed to hid
> from Microsoft Antispyware, Spyware Doctor,Spybot, search and
> destroy, CleanCache 3 and two other programs that said they remove
> index.dat files. Any help you can offer, I'll gladly accept. Thank
> you.
><snipped logfile>

Log Analyzer: http://hjt.iamnotageek.com/

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html
Anonymous
a b α HP
August 2, 2005 3:53:17 AM

Archived from groups: microsoft.public.windowsxp.basics (More info?)

Have Hijackthis fix the following lines.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
C:\WINDOWS\about.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
C:\WINDOWS\about.htm
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)

Your log is not that bad, what kind of problems are you having?

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"rislab@hotmail.com" <rislabhotmailcom@discussions.microsoft.com> wrote in
message news:9908D247-68C2-4C5C-8460-CD57EBC89637@microsoft.com...
> Would someone please tell me what the following scan results are and what
> one
> of these is not suppose to be on my computer. I've done all sorts of
> scans
> and I still am having trouble with my computer. I have an index.dat file
> in
> my cookies folder that I've tried three removal tools to get rid of it and
> it's still there. Computer is still running slow and I know that it's
> infected I just can't find out where the infection is hiding at. So far
> it
> has managed to hid from Microsoft Antispyware, Spyware Doctor,Spybot,
> search
> and destroy, CleanCache 3 and two other programs that said they remove
> index.dat files. Any help you can offer, I'll gladly accept. Thank you.
>
> Logfile of HijackThis v1.99.1
> Scan saved at 4:32:20 PM, on 8/1/2005
> Platform: Windows XP SP2 (WinNT 5.01.2600)
> MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
>
> Running processes:
> C:\WINDOWS\System32\smss.exe
> C:\WINDOWS\system32\csrss.exe
> C:\WINDOWS\system32\winlogon.exe
> C:\WINDOWS\system32\services.exe
> C:\WINDOWS\system32\lsass.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\system32\spoolsv.exe
> C:\WINDOWS\system32\cisvc.exe
> c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
> C:\WINDOWS\System32\snmp.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\System32\alg.exe
> C:\WINDOWS\Explorer.EXE
> C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
> C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
> C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
> C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
> C:\PROGRA~1\mcafee.com\agent\mcagent.exe
> c:\progra~1\mcafee.com\vso\mcvsescn.exe
> C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
> C:\Program Files\MSN Messenger\msnmsgr.exe
> c:\progra~1\mcafee.com\vso\mcvsftsn.exe
> C:\Program Files\Messenger\msmsgs.exe
> c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
> C:\WINDOWS\system32\cidaemon.exe
> C:\Program Files\MSN\MSNCoreFiles\msn.exe
> C:\Documents and Settings\Owner\Desktop\HijackThis.exe
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
> http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
> http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://www.yahoo.com/
> R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
> http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
> R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
> http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
> C:\WINDOWS\about.htm
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
> C:\WINDOWS\about.htm
> F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
> O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
> C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
> O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
> C:\PROGRA~1\SPYBOT~1\SDHelper.dll
> O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -
> C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
> O2 - BHO: PCTools Browser Monitor -
> {B56A7D7D-6927-48C8-A975-17DF180C71AC} -
> C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
> O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
> c:\progra~1\mcafee.com\vso\mcvsshl.dll
> O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no
> file)
> O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no
> file)
> O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program
> Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
> O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
> O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
> AntiSpyware\gcasServ.exe"
> O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital
> Imaging\\Unload\hpqcmon.exe
> O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe"
> /checktask
> O4 - HKLM\..\Run: [VirusScan Online]
> "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
> O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
> O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
> O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
> O9 - Extra button: Spyware Doctor -
> {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
> C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
> C:\Program Files\Messenger\msmsgs.exe
> O9 - Extra 'Tools' menuitem: Windows Messenger -
> {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
> Files\Messenger\msmsgs.exe
> O12 - Plugin for .spop: C:\Program Files\Internet
> Explorer\Plugins\NPDocBox.dll
> O12 - Plugin for .UVR: C:\Program Files\Internet
> Explorer\Plugins\NPUPano.dll
> O16 - DPF: Yahoo! Chat -
> O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj
> Class) -
> O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
> System Class) -
> http://download.mcafee.com/molbin/shared/mcinsctl/en-us...
> O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
> Class) -
> http://security.symantec.com/sscv6/SharedContent/common...
> O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield
> International Setup Player) -
> http://www.installengine.com/engine/isetup.cab
> O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) -
> http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
> O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
> http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/...
> O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
> Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
> O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
> O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown
> owner -
> C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
> (file
> missing)
> O23 - Service: Flexlm (lmgrd) - Unknown owner - C:\Program
> Files\Cadopia\IntelliCAD 4\LicenseManager\lmgrd.exe (file missing)
> O23 - Service: McAfee.com McShield (McShield) - Unknown owner -
> c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) -
> McAfee,
> Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
> O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) -
> McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
> O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
> C:\WINDOWS\System32\nvsvc32.exe
>
>
Related resources
Anonymous
a b α HP
August 2, 2005 3:53:18 AM

Archived from groups: microsoft.public.windowsxp.basics (More info?)

My settings get changed, I do searches on the internet like I started looking
for washer/dryer combos and the next thing I know I have e-mails stating that
these people have the best deals on washer/dryer combos. My computer just is
acting funny. I've tried three different spyware programs to get rid of a
dat file in my cookie folder that just will not go. I've opened this file
with notepad and it says something along the lines of client cache. The
three programs that I did try and use, after running them the computer would
run fine, but only for a few minutes. Then the spyware program itself would
start to act funny and I'd end up having to remove it from the computer.
It's like whatever is hiding on my computer will attack the spyware program
and mess up it's functions. I've had that happen with every spyware program
I've ever downloaded. My Spyware Doctor program as well as my Microsoft
antispyware program just scan right over the index.dat file in the cookies
folder. I've rebooted in safemode ran the scans and it's the same. I try
logging on in safemode via the admin. account and it's just the same results.
The last time I tried running Cache Cleaner 3 in safemode via the admin,
account I couldn't even get the program to load, it would just pop up for a
second and just disappear. I did delete the ones you pointed out and thank
you for your help. Look forward to any further help you can offer. Let me
know if you need more info. Thank you.

"pcbutts1" wrote:

> Have Hijackthis fix the following lines.
>
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
> C:\WINDOWS\about.htm
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
> C:\WINDOWS\about.htm
> O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
> O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
>
> Your log is not that bad, what kind of problems are you having?
>
> --
>
>
> The best live web video on the internet http://www.seedsv.com/webdemo.htm
> NEW Embedded system W/Linux. We now sell DVR cards.
> See it all at http://www.seedsv.com/products.htm
> Sharpvision simply the best http://www.seedsv.com
>
>
>
> "rislab@hotmail.com" <rislabhotmailcom@discussions.microsoft.com> wrote in
> message news:9908D247-68C2-4C5C-8460-CD57EBC89637@microsoft.com...
> > Would someone please tell me what the following scan results are and what
> > one
> > of these is not suppose to be on my computer. I've done all sorts of
> > scans
> > and I still am having trouble with my computer. I have an index.dat file
> > in
> > my cookies folder that I've tried three removal tools to get rid of it and
> > it's still there. Computer is still running slow and I know that it's
> > infected I just can't find out where the infection is hiding at. So far
> > it
> > has managed to hid from Microsoft Antispyware, Spyware Doctor,Spybot,
> > search
> > and destroy, CleanCache 3 and two other programs that said they remove
> > index.dat files. Any help you can offer, I'll gladly accept. Thank you.
> >
> > Logfile of HijackThis v1.99.1
> > Scan saved at 4:32:20 PM, on 8/1/2005
> > Platform: Windows XP SP2 (WinNT 5.01.2600)
> > MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
> >
> > Running processes:
> > C:\WINDOWS\System32\smss.exe
> > C:\WINDOWS\system32\csrss.exe
> > C:\WINDOWS\system32\winlogon.exe
> > C:\WINDOWS\system32\services.exe
> > C:\WINDOWS\system32\lsass.exe
> > C:\WINDOWS\system32\svchost.exe
> > C:\WINDOWS\system32\svchost.exe
> > C:\WINDOWS\System32\svchost.exe
> > C:\WINDOWS\System32\svchost.exe
> > C:\WINDOWS\System32\svchost.exe
> > C:\WINDOWS\system32\spoolsv.exe
> > C:\WINDOWS\system32\cisvc.exe
> > c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
> > C:\WINDOWS\System32\snmp.exe
> > C:\WINDOWS\System32\svchost.exe
> > C:\WINDOWS\System32\alg.exe
> > C:\WINDOWS\Explorer.EXE
> > C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
> > C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
> > C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
> > C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
> > C:\PROGRA~1\mcafee.com\agent\mcagent.exe
> > c:\progra~1\mcafee.com\vso\mcvsescn.exe
> > C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
> > C:\Program Files\MSN Messenger\msnmsgr.exe
> > c:\progra~1\mcafee.com\vso\mcvsftsn.exe
> > C:\Program Files\Messenger\msmsgs.exe
> > c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> > C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
> > C:\WINDOWS\system32\cidaemon.exe
> > C:\Program Files\MSN\MSNCoreFiles\msn.exe
> > C:\Documents and Settings\Owner\Desktop\HijackThis.exe
> >
> > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
> > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
> > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
> > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
> > R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> > http://www.yahoo.com/
> > R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
> > R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
> > R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
> > C:\WINDOWS\about.htm
> > R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
> > C:\WINDOWS\about.htm
> > F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
> > O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
> > C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
> > O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
> > C:\PROGRA~1\SPYBOT~1\SDHelper.dll
> > O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -
> > C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
> > O2 - BHO: PCTools Browser Monitor -
> > {B56A7D7D-6927-48C8-A975-17DF180C71AC} -
> > C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
> > O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
> > c:\progra~1\mcafee.com\vso\mcvsshl.dll
> > O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no
> > file)
> > O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no
> > file)
> > O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program
> > Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
> > O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
> > O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
> > AntiSpyware\gcasServ.exe"
> > O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital
> > Imaging\\Unload\hpqcmon.exe
> > O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe"
> > /checktask
> > O4 - HKLM\..\Run: [VirusScan Online]
> > "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
> > O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
> > O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
> > O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
> > O9 - Extra button: Spyware Doctor -
> > {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
> > C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
> > O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
> > C:\Program Files\Messenger\msmsgs.exe
> > O9 - Extra 'Tools' menuitem: Windows Messenger -
> > {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
> > Files\Messenger\msmsgs.exe
> > O12 - Plugin for .spop: C:\Program Files\Internet
> > Explorer\Plugins\NPDocBox.dll
> > O12 - Plugin for .UVR: C:\Program Files\Internet
> > Explorer\Plugins\NPUPano.dll
> > O16 - DPF: Yahoo! Chat -
> > O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj
> > Class) -
> > O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
> > System Class) -
> > http://download.mcafee.com/molbin/shared/mcinsctl/en-us...
> > O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
> > Class) -
> > http://security.symantec.com/sscv6/SharedContent/common...
> > O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield
> > International Setup Player) -
> > http://www.installengine.com/engine/isetup.cab
> > O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) -
> > http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
> > O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
> > http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/...
> > O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
> > Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
> > O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
> > O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown
> > owner -
> > C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
> > (file
> > missing)
> > O23 - Service: Flexlm (lmgrd) - Unknown owner - C:\Program
> > Files\Cadopia\IntelliCAD 4\LicenseManager\lmgrd.exe (file missing)
> > O23 - Service: McAfee.com McShield (McShield) - Unknown owner -
> > c:\PROGRA~1\mcafee.com\vso\mcshield.exe
> > O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) -
> > McAfee,
> > Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
> > O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) -
> > McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
> > O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
> > C:\WINDOWS\System32\nvsvc32.exe
> >
> >
>
>
>
Anonymous
a b α HP
August 2, 2005 7:09:06 AM

Archived from groups: microsoft.public.windowsxp.basics (More info?)

Download Ewdio Suite trial version and run it.
http://www.pcbutts1.com/downloads/ewidosetup.exe

Download Clean up and run it.This programs cleans up everything, all temp
files. Temporary files defined as:
~*.*
*.*~
*.bak
*.chk
*.tmp
index.dat
including prefetch files MRU's, browser history, everything

http://www.pcbutts1.com/downloads/CleanUp40.exe

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"rislab@hotmail.com" <rislabhotmailcom@discussions.microsoft.com> wrote in
message news:40DB0A8A-F234-49E9-A431-93D7E169DF54@microsoft.com...
> My settings get changed, I do searches on the internet like I started
> looking
> for washer/dryer combos and the next thing I know I have e-mails stating
> that
> these people have the best deals on washer/dryer combos. My computer just
> is
> acting funny. I've tried three different spyware programs to get rid of a
> dat file in my cookie folder that just will not go. I've opened this file
> with notepad and it says something along the lines of client cache. The
> three programs that I did try and use, after running them the computer
> would
> run fine, but only for a few minutes. Then the spyware program itself
> would
> start to act funny and I'd end up having to remove it from the computer.
> It's like whatever is hiding on my computer will attack the spyware
> program
> and mess up it's functions. I've had that happen with every spyware
> program
> I've ever downloaded. My Spyware Doctor program as well as my Microsoft
> antispyware program just scan right over the index.dat file in the cookies
> folder. I've rebooted in safemode ran the scans and it's the same. I try
> logging on in safemode via the admin. account and it's just the same
> results.
> The last time I tried running Cache Cleaner 3 in safemode via the admin,
> account I couldn't even get the program to load, it would just pop up for
> a
> second and just disappear. I did delete the ones you pointed out and
> thank
> you for your help. Look forward to any further help you can offer. Let
> me
> know if you need more info. Thank you.
>
> "pcbutts1" wrote:
>
>> Have Hijackthis fix the following lines.
>>
>> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
>> C:\WINDOWS\about.htm
>> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
>> C:\WINDOWS\about.htm
>> O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no
>> file)
>> O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no
>> file)
>>
>> Your log is not that bad, what kind of problems are you having?
>>
>> --
>>
>>
>> The best live web video on the internet http://www.seedsv.com/webdemo.htm
>> NEW Embedded system W/Linux. We now sell DVR cards.
>> See it all at http://www.seedsv.com/products.htm
>> Sharpvision simply the best http://www.seedsv.com
>>
>>
>>
>> "rislab@hotmail.com" <rislabhotmailcom@discussions.microsoft.com> wrote
>> in
>> message news:9908D247-68C2-4C5C-8460-CD57EBC89637@microsoft.com...
>> > Would someone please tell me what the following scan results are and
>> > what
>> > one
>> > of these is not suppose to be on my computer. I've done all sorts of
>> > scans
>> > and I still am having trouble with my computer. I have an index.dat
>> > file
>> > in
>> > my cookies folder that I've tried three removal tools to get rid of it
>> > and
>> > it's still there. Computer is still running slow and I know that it's
>> > infected I just can't find out where the infection is hiding at. So
>> > far
>> > it
>> > has managed to hid from Microsoft Antispyware, Spyware Doctor,Spybot,
>> > search
>> > and destroy, CleanCache 3 and two other programs that said they remove
>> > index.dat files. Any help you can offer, I'll gladly accept. Thank
>> > you.
>> >
>> > Logfile of HijackThis v1.99.1
>> > Scan saved at 4:32:20 PM, on 8/1/2005
>> > Platform: Windows XP SP2 (WinNT 5.01.2600)
>> > MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
>> >
>> > Running processes:
>> > C:\WINDOWS\System32\smss.exe
>> > C:\WINDOWS\system32\csrss.exe
>> > C:\WINDOWS\system32\winlogon.exe
>> > C:\WINDOWS\system32\services.exe
>> > C:\WINDOWS\system32\lsass.exe
>> > C:\WINDOWS\system32\svchost.exe
>> > C:\WINDOWS\system32\svchost.exe
>> > C:\WINDOWS\System32\svchost.exe
>> > C:\WINDOWS\System32\svchost.exe
>> > C:\WINDOWS\System32\svchost.exe
>> > C:\WINDOWS\system32\spoolsv.exe
>> > C:\WINDOWS\system32\cisvc.exe
>> > c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
>> > C:\WINDOWS\System32\snmp.exe
>> > C:\WINDOWS\System32\svchost.exe
>> > C:\WINDOWS\System32\alg.exe
>> > C:\WINDOWS\Explorer.EXE
>> > C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
>> > C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
>> > C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
>> > C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
>> > C:\PROGRA~1\mcafee.com\agent\mcagent.exe
>> > c:\progra~1\mcafee.com\vso\mcvsescn.exe
>> > C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
>> > C:\Program Files\MSN Messenger\msnmsgr.exe
>> > c:\progra~1\mcafee.com\vso\mcvsftsn.exe
>> > C:\Program Files\Messenger\msmsgs.exe
>> > c:\PROGRA~1\mcafee.com\vso\mcshield.exe
>> > C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
>> > C:\WINDOWS\system32\cidaemon.exe
>> > C:\Program Files\MSN\MSNCoreFiles\msn.exe
>> > C:\Documents and Settings\Owner\Desktop\HijackThis.exe
>> >
>> > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
>> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
>> > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
>> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
>> > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
>> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com/ext/search/search.html
>> > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
>> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
>> > R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
>> > http://www.yahoo.com/
>> > R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
>> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
>> > R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
>> > http://red.clientapps.yahoo.com/customize/ie/defaults/s...*http://www.yahoo.com
>> > R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
>> > C:\WINDOWS\about.htm
>> > R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
>> > C:\WINDOWS\about.htm
>> > F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
>> > O2 - BHO: AcroIEHlprObj Class -
>> > {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
>> > C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
>> > O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
>> > C:\PROGRA~1\SPYBOT~1\SDHelper.dll
>> > O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -
>> > C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
>> > O2 - BHO: PCTools Browser Monitor -
>> > {B56A7D7D-6927-48C8-A975-17DF180C71AC} -
>> > C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
>> > O3 - Toolbar: McAfee VirusScan -
>> > {BA52B914-B692-46c4-B683-905236F6F655} -
>> > c:\progra~1\mcafee.com\vso\mcvsshl.dll
>> > O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no
>> > file)
>> > O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no
>> > file)
>> > O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program
>> > Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
>> > O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon
>> > initialize
>> > O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
>> > AntiSpyware\gcasServ.exe"
>> > O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital
>> > Imaging\\Unload\hpqcmon.exe
>> > O4 - HKLM\..\Run: [VSOCheckTask]
>> > "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe"
>> > /checktask
>> > O4 - HKLM\..\Run: [VirusScan Online]
>> > "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
>> > O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
>> > O4 - HKLM\..\Run: [MCUpdateExe]
>> > C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
>> > O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
>> > O9 - Extra button: Spyware Doctor -
>> > {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
>> > C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
>> > O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
>> > C:\Program Files\Messenger\msmsgs.exe
>> > O9 - Extra 'Tools' menuitem: Windows Messenger -
>> > {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
>> > Files\Messenger\msmsgs.exe
>> > O12 - Plugin for .spop: C:\Program Files\Internet
>> > Explorer\Plugins\NPDocBox.dll
>> > O12 - Plugin for .UVR: C:\Program Files\Internet
>> > Explorer\Plugins\NPUPano.dll
>> > O16 - DPF: Yahoo! Chat -
>> > O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj
>> > Class) -
>> > O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
>> > System Class) -
>> > http://download.mcafee.com/molbin/shared/mcinsctl/en-us...
>> > O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI
>> > Utility
>> > Class) -
>> > http://security.symantec.com/sscv6/SharedContent/common...
>> > O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield
>> > International Setup Player) -
>> > http://www.installengine.com/engine/isetup.cab
>> > O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo
>> > Class) -
>> > http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
>> > O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr
>> > Class) -
>> > http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/...
>> > O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
>> > Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
>> > O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
>> > O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown
>> > owner -
>> > C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
>> > (file
>> > missing)
>> > O23 - Service: Flexlm (lmgrd) - Unknown owner - C:\Program
>> > Files\Cadopia\IntelliCAD 4\LicenseManager\lmgrd.exe (file missing)
>> > O23 - Service: McAfee.com McShield (McShield) - Unknown owner -
>> > c:\PROGRA~1\mcafee.com\vso\mcshield.exe
>> > O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) -
>> > McAfee,
>> > Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
>> > O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) -
>> > McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
>> > O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA
>> > Corporation -
>> > C:\WINDOWS\System32\nvsvc32.exe
>> >
>> >
>>
>>
>>
!