Forum Home
Press F1
Thread ID: 71512	2006-08-08 02:18:00	Windows Crashes on Startup	drifterjoe (10935)	Press F1

Post ID	Timestamp	Content	User
476984	2006-08-08 02:18:00	Please help, I just finished killing spy sheriff with www.bleepingcomputer.com How To Remove Spysheriff / Winstall.exe / Spysheriff.exe and after I did this, my computor wont run in normal operating modes, I'm stuck in safe mode until i could fix this, the problem is, once I get past the windows loading screen it gets black, then blacker, like the screen turns off, and then it crashes, and then it automaticly restarts any ideas someone please help me.	drifterjoe (10935)
476985	2006-08-08 03:57:00	You probably still have a few nasties on the system. Read and follow the instructions in this post (www.pressf1.co.nz) then we will take things from there.	FoxyMX (5)
476986	2006-08-08 04:25:00	Apart from carrying out the instruction in the last post lets see if this will help. Do a Restore. click on the Start button select Programs select Accessories select System Tools select System Restore Start the System restore program. Click the button next to "Restore my computer to an earlier time" and click the "Next" button. A calendar will appear. Click on the date that you wish to restore Windows to. The box next to the calendar will show you the available restore points from that day. The ones marked "System Checkpoint" are the automatic ones that Windows XP created. Choose the one you want, then click "Next". Don't pick a point too far back in the past,maybe one just before you started having problems -- remember, any programs you installed since your restoration point may not work anymore,so you may have to reinstall them. Reboot your PC.	Pancake (6359)
476987	2006-08-08 05:41:00	heres the highjack this, i think i turned system restore off thats why im tryin to avoid it at all costs Logfile of HijackThis v1.99.1 Scan saved at 12:42:03 AM, on 8/8/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis 1.99.1\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = findloss.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = findloss.com R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = findloss.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 169.254.181.44 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: 209.66.123.174 sexyrabbit O1 - Hosts: 209.66.123.174 sexocean O1 - Hosts: 209.66.123.174 xnxx O1 - Hosts: 209.66.123.174 easypic O1 - Hosts: 64.200.25.145 tripod.com #cooklop O1 - Hosts: 64.200.25.145 tripod #cooklop O1 - Hosts: 64.200.25.145 adultfriendfinder #cooklop O1 - Hosts: 64.200.25.145 adultfriendfinder #cooklop O1 - Hosts: 64.200.25.145 cj. #cooklop O1 - Hosts: 64.200.25.145 cj #cooklop O1 - Hosts: 64.200.25.145 worldsex #cooklop O1 - Hosts: 64.200.25.145 worldsex #cooklop O1 - Hosts: 64.200.25.145 free6 #cooklop O1 - Hosts: 64.200.25.145 free6 #cooklop O1 - Hosts: 64.200.25.145 trafficmp #cooklop O1 - Hosts: 64.200.25.145 trafficmp #cooklop O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\Wkfud.exe O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printra y.exe O4 - HKLM\..\Run: [Optimum Online] C:\Program Files\Optimum Online\Netsurf.exe -tray O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Á³# K"h'þ9Óœ÷3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\ssfhvdlo.exe O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot O4 - HKLM\..\Run: [8c3a10e701d8] C:\WINDOWS\system32\AAAAMON5.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1134601016\ee\AOLSoftware.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe O4 - HKLM\..\Run: [updwebmin] c:\windows\system32\updwebmin.exe O4 - HKLM\..\Run: [STOPzilla] C:\Program Files\STOPzilla!\Stopzilla.exe /autostart O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\RunServices: [updwebmin] c:\windows\system32\updwebmin.exe O4 - HKCU\..\Run: [MoneyStartUp] C:\Program Files\Microsoft Money\System\Money Startup.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [updwebmin] c:\windows\system32\updwebmin.exe O4 - HKCU\..\Run: [ttool] C:\WINDOWS\svcs.exe O4 - HKCU\..\Run: [od-teen88] c:\program files\Webdialer\od-teen88.exe -m O4 - HKCU\..\Run: [od-teen54] c:\program files\Webdialer\od-teen54.exe -m O4 - HKCU\..\Run: [od-teen22] c:\program files\Webdialer\od-teen22.exe -m O4 - HKCU\..\Run: [li-domid00062] c:\program files\Webdialer\li-domid00062.exe -m O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Billminder.lnk = C:\Program Files\QUICKENW\BILLMIND.EXE O4 - Global Startup: Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ? O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\QUICKENW\QWDLLS.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - housecall60.trendmicro.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - us-housecall.trendmicro-europe.com O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) - autos.msn.com O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) - O20 - Winlogon Notify: wineij32 - C:\WINDOWS\SYSTEM32\wineij32.dll O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Task Manager Message Service (TSKMS) - Unknown owner - C:\WINDOWS\taskms.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe [edit: I have had to edit part of your Hijackthis log as it had clickable links to pornographic websites. This is also a good reminder for people [b]NOT to click on any links in a posted HJT log as you stand a good chance of acquiring nasties on your computer as well from it - Jen]	drifterjoe (10935)
476988	2006-08-08 06:06:00	ya i just tryed like 10 system restores, and its telling me that they arent working any of them so i dont know	drifterjoe (10935)
476989	2006-08-08 06:28:00	Your system is full of spyware Boot into safe mode run HJT again tick these entries and tick fix checked. O4 - HKLM\..\Run: [Á³# K"h'þ9Óœ÷3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\ssfhvdlo.exe O1 - Hosts: 209.66.123.174 sexyrabbit O1 - Hosts: 209.66.123.174 sexocean O1 - Hosts: 209.66.123.174 xnxx O1 - Hosts: 209.66.123.174 easypic O1 - Hosts: 64.200.25.145 tripod #cooklop O1 - Hosts: 64.200.25.145 tripod #cooklop O1 - Hosts: 64.200.25.145 adultfriendfinder #cooklop O1 - Hosts: 64.200.25.145 adultfriendfinder #cooklop O1 - Hosts: 64.200.25.145 cj #cooklop O1 - Hosts: 64.200.25.145 cj. #cooklop O1 - Hosts: 64.200.25.145 worldsex #cooklop O1 - Hosts: 64.200.25.145 worldsex#cooklop O1 - Hosts: 64.200.25.145 free6 #cooklop O1 - Hosts: 64.200.25.145 free6 #cooklop O1 - Hosts: 64.200.25.145 trafficmp #cooklop O1 - Hosts: 64.200.25.145trafficmp #cooklop O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [Optimum Online] C:\Program Files\Optimum Online\Netsurf.exe -tray O4 - HKLM\..\Run: [Á³# K"h'þ9Óœ÷3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\ssfhvdlo.exe O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot O4 - HKLM\..\Run: [8c3a10e701d8] C:\WINDOWS\system32\AAAAMON5.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [updwebmin] c:\windows\system32\updwebmin.exe O4 - HKLM\..\Run: [STOPzilla] C:\Program Files\STOPzilla!\Stopzilla.exe /autostart O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\RunServices: [updwebmin] c:\windows\system32\updwebmin.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [updwebmin] c:\windows\system32\updwebmin.exe O4 - HKCU\..\Run: [ttool] C:\WINDOWS\svcs.exe O4 - HKCU\..\Run: [od-teen88] c:\program files\Webdialer\od-teen88.exe -m O4 - HKCU\..\Run: [od-teen54] c:\program files\Webdialer\od-teen54.exe -m O4 - HKCU\..\Run: [od-teen22] c:\program files\Webdialer\od-teen22.exe -m O4 - HKCU\..\Run: [li-domid00062] c:\program files\Webdialer\li-domid00062.exe -m And get Spybot (www.spybot.info) and the detection updates install them and do a scan. And install a firewall.	Speedy Gonzales (78)
476990	2006-08-08 06:44:00	this may sound dumb but im a noob to this, tick would mean? like check them and hit the fix button or something? and thanks for the help	drifterjoe (10935)
476991	2006-08-08 06:49:00	When u run HJT do a scan the little box by the entries I've posted u tick, then down the bottom where it says fix checked, click on it.	Speedy Gonzales (78)
476992	2006-08-08 06:52:00	this may sound dumb but im a noob to this, tick would mean? like check them and hit the fix button or something? Yes. Tick means the same as check. After you have done this post a new log here then I would suggest that you scan your PC with Ewido as I mentioned in my first post.	FoxyMX (5)
476993	2006-08-08 07:38:00	allright i used spybot, did a trend micro scan (i found it on ewido site idk if that was the scan or not) but i deleted 111 problems w/ spy bot along with the items on the highjack list, still it wont open up in normal mode, but here is the latest list... Logfile of HijackThis v1.99.1 Scan saved at 2:41:31 AM, on 8/8/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis 1.99.1\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 169.254.181.44 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\Wkfud.exe O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printra y.exe O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1134601016\ee\AOLSoftware.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKCU\..\Run: [MoneyStartUp] C:\Program Files\Microsoft Money\System\Money Startup.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Billminder.lnk = C:\Program Files\QUICKENW\BILLMIND.EXE O4 - Global Startup: Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ? O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\QUICKENW\QWDLLS.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - housecall60.trendmicro.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - us-housecall.trendmicro-europe.com O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) - autos.msn.com O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) - O20 - Winlogon Notify: wineij32 - C:\WINDOWS\SYSTEM32\wineij32.dll O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: Task Manager Message Service (TSKMS) - Unknown owner - C:\WINDOWS\taskms.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe	drifterjoe (10935)
1 2