Logfile of HijackThis v1.99.1
Scan saved at 23:01:26, on 19/04/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C
rogram FilesCommon FilesSymantec SharedccSetMgr.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C
rogram FilesCommon FilesSymantec SharedccEvtMgr.exe
C
rogram FilesCommon FilesSymantec SharedccApp.exe
C
rogram FilesMessengermsmsgs.exe
C:WINDOWSwupdmgr.exe
C:WINDOWSosaupd.exe
C:WINDOWSsystem32spoolsv.exe
C
rogram FilesCommon FilesSymantec SharedccProxy.exe
C:WINDOWSS2F0aWUcommand.exe
C
rogram FilesNorton Internet SecurityNorton AntiVirusnavapsvc.exe
C
rogram FilesNorton Internet SecurityNorton AntiVirusSAVScan.exe
C
rogram FilesCommon FilesSymantec SharedSNDSrvc.exe
C
rogram FilesInventelGatewaywlancfg.exe
C:WINDOWSSystem32wuauclt.exe
C:WINDOWSsystem32ezSP_Px.exe
C
rogram FilesWindows Media Playerwmplayer.exe
C
rogram FilesInternet Exploreriexplore.exe
C
rogram FilesInternet Exploreriexplore.exe
C
rogram FilesInternet Exploreriexplore.exe
c
rogra~1intern~1iexplore.exe
C
ocuments and SettingsKatieDesktopHiJackHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://www.wanadoo.co.uk/iesearch/default.htm
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.wanadoo.co.uk/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = about:blank
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://www.wanadoo.co.uk/cd_redirects/wanadoohome
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Microsoft Internet Explorer provided by Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C
ROGRA~1WanadooWSBarWSBar.dll
O4 - HKLM..Run: [ccApp] "C
rogram FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [URLLSTCK.exe] C
rogram FilesNorton Internet SecurityUrlLstCk.exe
O8 - Extra context menu item: &Google Search - res://c
rogram filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c
rogram filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c
rogram filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c
rogram filesgoogleGoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download with NetPumper - C
rogram FilesNetPumperAddUrl.htm
O8 - Extra context menu item: Search with Wanadoo - res://C
ROGRA~1WanadooWSBarWSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://c
rogram filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c
rogram filesgoogleGoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavaj2re1.4.2_03binnpjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavaj2re1.4.2_03binnpjpi142_03.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) -
http://67.15.101.3/g_bin/pl/poker_2_0_0_39.cab
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) -
http://67.15.101.3/g_bin/pl/slots70_2_0_0_26.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} -
http://www.azebar.com/install/1.cab
O20 - Winlogon Notify: ThemeManager - C:WINDOWSsystem32lv0609dse.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:WINDOWSS2F0aWUcommand.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C
rogram FilesNorton Internet SecurityNorton AntiVirusnavapsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C
rogram FilesCommon FilesSony SharedAVLibPacsptisvr.exe
O23 - Service: SAVScan - Symantec Corporation - C
rogram FilesNorton Internet SecurityNorton AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C
ROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C
rogram FilesCommon FilesSony SharedAVLibSptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C
rogram Filessonyvaio media music serverSSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C
rogram FilesCommon FilesSony Sharedvaio media platformsv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="SoftwareSony CorporationVAIO Media Platform2.0" /RegExt="ApplicationsMusicServerHTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C
rogram FilesCommon FilesSony Sharedvaio media platformUPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C
rogram Filessonyphoto serverappsrvPhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C
rogram FilesCommon Filessony sharedvaio media platformSV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="SoftwareSony CorporationVAIO Media Platform2.0" /RegExt="ApplicationsPhotoServerHTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C
rogram FilesCommon Filessony sharedvaio media platformUPnPFramework.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C
rogram FilesInventelGatewaywlancfg.exe
Moze ktos pomoc mam cos w rejestrze co sie nazywa cmdservice i nei mozna usunac . po za tym wiele innych procesow uruchamia sie podczas otwierania komputera. Nie mozan polowy usunac probowalem spybootem regdoctorem winoptimizerem niszczarkoplikow recznie wszystko i nic nie poskutkowalo nadal jest a uzywalem tez l2mfix.
Nic nie pomaga jakies dziadostwa sie uruchamia przy kazdorazowym uruchomieniu komputera i nie wiemjak to wywalic. Bo nic nie dziala. Mam nortona chociaz wiem ze to beznadziejny antywirus jak naprawie wgram lepszy ale co jest z tym ze nie mozna usunac tego cmdservice?? A razem z tym wszystkim uruchamia sie wiele innych programow min Adware Reviews ktory otwiera co sekunde strony np
http://www.topadwarereviews.com/?adv=196&ads=d
Pomozcie mam na dysku dane ktore ie chce utracic podczas formatowania.
Jesli mozna prosic o pomoc bede wdzieczny