-
cmdService
Hello!
I've been looking around the net for a fix to remove the cmdService spy/mal ware. Its found by Spybot S&D, but can't be removed and returns everytime I restart my computer.
I've tried every single given solution I've found on the net, but I still can't remove it, so this is my last chance.
My Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 18:06:13, on 2006-04-11
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
C:\Program\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe
C:\Program\F-Secure Anti-Virus\Anti-Virus\FSGK32.EXE
C:\Program\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe
C:\Program\F-Secure Anti-Virus\Common\FSMA32.EXE
C:\Program\Norman\NPF\NPFSVICE.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program\F-Secure Anti-Virus\Common\FSMB32.EXE
C:\Program\F-Secure Anti-Virus\Anti-Virus\fssm32.exe
C:\Program\F-Secure Anti-Virus\Common\FCH32.EXE
C:\Program\F-Secure Anti-Virus\Common\FAMEH32.EXE
C:\Program\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
C:\Program\F-Secure Anti-Virus\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program\F-Secure Anti-Virus\Common\FSM32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program\Messenger\msmsgs.exe
C:\WINDOWS\system32\?icrosoft\r?gsvr32.exe
C:\Program\Norman\NPF\NPFMSG.EXE
C:\Program\F-Secure Anti-Virus\FSGUI\fsguiexe.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\MSN Messenger\msnmsgr.exe
C:\Program\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Win32 Kernel Update] C:\WINDOWS\System32\win32update.exe
O4 - HKLM\..\Run: [AdobeReaderPro] lssas.exe
O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard9.exe
O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad9.exe
O4 - HKLM\..\Run: [Microsoft Update] msconfg.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\F-Secure Anti-Virus\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\F-Secure Anti-Virus\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program\F-Secure Anti-Virus\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\RunServices: [AdobeReaderPro] lssas.exe
O4 - HKLM\..\RunServices: [Microsoft Update] msconfg.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Update] msconfg.exe
O4 - HKCU\..\Run: [Sepe] "C:\WINDOWS\System32\FNTS~1\msiexec.exe" -vt yax
O4 - HKCU\..\Run: [Iittjcls] C:\WINDOWS\system32\?icrosoft\r?gsvr32.exe
O4 - Global Startup: NPF Messenger.lnk = ?
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1144581822250
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/Yazzl...cab?refid=1148
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: Run - C:\WINDOWS\system32\j26m0cj1efo.dll (file missing)
O20 - Winlogon Notify: WindowsUpdate - C:\WINDOWS\system32\gp0ol3d31.dll
O23 - Service: F-Secure Anti-Virus 2005 (BackWeb Plug-in - 4476822) - Unknown owner - C:\Program\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\F-Secure Anti-Virus\Common\FSMA32.EXE
O23 - Service: Norman Type-R - Unknown owner - C:\Program\Norman\NPF\NPFSVICE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WinVideoDriver (WinVideo16) - Unknown owner - C:\WINDOWS\Win32Update.exe (file missing)
O23 - Service: wxpdll32 - Unknown owner - C:\WINDOWS\wxpdll32.exe (file missing)
Please help me, Im getting annoyed with all those new browser windows opening all the time and even in Firefox with new folds opening all the time.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
