Oh my Peter, I go to probably a hundred websites a day 12 hrs. a day, and I can't even remember where I went yesterday! I'd have to check my history for that, and it's not stored for more than 5 days. The file was created on 6-26. The same with email, about a hundred+ each day of which most are deleted.
Where it is listed under "Services", it's was not running, it was set to disabled. DCOM is not running, that's one of the first things I disable via the program at the GRC.com website. I mentioned that it was the ONLY file that was created on that day, which I found rather odd. I also checked for files modified on that day on the C: partition and also found none which I REALLY found quite odd, that should be impossible since AV software alone is going to have files modified every day. I just checked again, and evidently the native search was not working yesterday! Now it's turning up 37 files created on that day. Among them, (as I expected that should have been found yesterday), PCcillin files, GoBack, and Adobe Reader cache files, etc. But among them are some questionable entries, such as "Administrative tools" which shows as "Created on..." that day. There is a new entry there that I don't recall ever seeing; "Component Services". In the search results it says that folder is empty! But when I go to it from the Start Menu route, that's when I see "Component Services", which again I don't recall ever being there. "Event viewer" and "Services" is below the tree for it on separate trees. If "Component Services" is expanded, below it is a *folder* called "Computers" and an *icon* below that for "My Computer". In "My Computer" is a COM+ folder and DCOM folder. I guess these could have been there, but I just don't recall ever seeing it. Checking out the other files, I think I see what caused the appearance of caili.exe since I noticed several files and icons created on that day, and they are the icons for a Mitsumi FA404M media reader: http://www.mitsumi.com/products/FA404.htm . Apparently the file caili.exe is part of those drivers since they all show 8:46AM as a creation time for that day. So, evidently the mystery as to what caili.exe belongs is solved........however this brings up another issue. I clicked the "setup.exe" file for the drivers (also created 8:46AM), and I got a popup warning from SpyBot's TeaTimer resident shield stating: "SpyBot encountered and terminated a process that is listed as part of a malicious software". !!! Then below that it stated: "Identified as: FunWebProducts". So, it would seem my suspicions regarding the appearance and behavior of caili.exe, and it's unwillingness to disclose what it was for and what it was doing, may not be unfounded after all. I of course will have to contact Mitsumi on this and see what they have to say. -Clint God Bless Clint Hamilton, Owner http://OrpheusComputing.com ) ----- Original Message ----- From: "Peter Kaulback" <[EMAIL PROTECTED]> Where did you browse on that day, or the particular time the file was created on your system? What email did you get? Did any app's update or reload at this time? Have you tried stopping the service and then renaming the file? Sometimes baddies create bogus files and/or services. Is DCOM running on your system by chance? Peter Kaulback In the hour of 10:49 AM 7/2/2004, Support-OrpheusComputing.com spoke this: >Seems another suspicious file has found its way on my PC that >according to search engines, doesn't exist! > >Does anyone know what the heck this file "caili.exe" is or what >it's for? It was only created a few days ago. I have searched >ALL major engines and get no hits from any of them on it! I >only noticed it when I opened "Services", and there is >absolutely no info there about it, no "dependencies" either, >nor any info when I right click the file and check Properties! >It's in the System32 folder on XP Pro. I ran ALL online >scanners and they all say it's clean, and all of my anti- >malware programs also say it's clean. However I'm >VERY suspect of this and don't trust them. I searched my HD >for ALL files created on the day that file was created, and >found NONE, "caili.exe" was the only one. >Thanks, >-Clint ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
