• 0

command.exe?


Question

Computer is going nuts, its hard to even write this message without having to close 20 popups. I've run Hijackthis and plug the log into their website. But am unable to delete or even find Command.exe, which was noted as nasty. Can someone please help, I would greatly appreciate it.

I just looked at this log and I don't see it?? It was there a day ago.

Here is Hjackthis log....

Logfile of HijackThis v1.99.1

Scan saved at 4:26:34 PM, on 9/11/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\system32\drivers\KodakCCS.exe

c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\wanmpsvc.exe

c:\progra~1\pinnacle\shared~1\programs\medias~1\pmshost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\DSentry.exe

C:\Program Files\Common Files\Dell\EUSW\Support.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe

C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\System32\macromed\flash\GetFlash.exe

C:\Program Files\America Online 9.0a\waol.exe

C:\Program Files\America Online 9.0a\shellmon.exe

C:\Program Files\America Online 9.0a\aolwbspd.exe

C:\Program Files\Hyjackthis\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\WINDOWS\Downloaded Program Files\ycomp5_3_12_0.dll

O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe

O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe

O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Office2K\Office\OSA9.EXE

O4 - Global Startup: SoftStuff Wallpaper Changer.lnk = C:\Program Files\SoftStuff\softstrt.exe

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab

O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://www.phgenit.com/plugin/awarewebplay...cab/awswaxf.cab

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1128474198381

O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab

O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://aolsvc.aol.com/onlinegames/bejewele...aploader_v7.cab

O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab

O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - http://us.dl1.yimg.com/download.companion....bio5_3_12_0.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{B0932661-D7C0-4E60-8E96-7DCD6CEB5694}: NameServer = 205.188.146.145

O20 - AppInit_DLLs: wuaclt.dll

O20 - Winlogon Notify: policies - C:\WINDOWS\system32\jr4025hmg.dll (file missing)

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\progra~1\pinnacle\shared~1\programs\medias~1\pmshost.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Link to comment
https://www.neowin.net/forum/topic/495026-commandexe/
Share on other sites

3 answers to this question

Recommended Posts

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Looks less buggy than FC25. I still don't understand how they managed to release that game.
    • Yes, Command Palette, that's what I meant, thank you.
    • PowerToys Run has already been replaced with Command Palette. Run is still functional, but it's just a matter of time before Microsoft disables it. Raycast can do much more though, and with its plugins much, much, much more...
    • Snagit 2025.2.1 by Razvan Serea Snagit is the most complete screen capture utility available. Showing someone exactly what you see on your screen is sometimes the quickest and clearest way to communicate. With Snagit, you can select anything on your screen – an area, image, article, Web page, or error message – and capture it. Then, save the screen capture to a file, send it to Snagit​'s editor to add professional effects, share it by e-mail, or drop it into PowerPoint®, Word®, or another favorite application. Capture and share images, text or video from your PC. Create beautiful presentations, flawless documentation and quickly save online content. The latest version of Snagit offers a totally new interface and workflow - making SnagIt easier for beginners to use, while still providing maximum convenience and flexibility for the screen capture experts. Snagit 2025.2.1 fixes: Fixed an issue where tags applied to images might not save correctly. Fixed a crash that might occur when closing the Editor. Download: Snagit 64-bit | 419.0 MB (Shareware) Links: SnagIt Home Page | Release Notes Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Microsoft 365 Copilot Chat now rolling out to Government Community Cloud (GCC) tenants by Paul Hill Microsoft has announced that Microsoft 365 Copilot Chat is now rolling out to Government Community Cloud (GCC) tenants. This will allow affected users to experience AI-powered chat experience in Microsoft 365 apps, while meeting US government cloud requirements. Admins will also get the tools they need to manage access, security, and compliance at scale. Since June, Microsoft has also been rolling out Web Chat access for Copilot users since early June and that’s expected to be completed by the end of the month. The rollout announced today will also bring Copilot Chat to Microsoft 365 Copilot app (web), Outlook (web and desktop), and Microsoft Teams (web and desktop). The Redmond giant said that these features are included at no additional cost with eligible Microsoft 365 and Office 365 licenses (F1, F3, G3, and G5). It also pointed out that this rollout doesn’t include AI Agent functionality; that rollout will be announced in the future. If you have used artificial intelligence chatbots like ChatGPT or Google Gemini, you’ll have probably noticed that it scours the web for up-to-date information. By default, this “web grounding” is off in GCC with Copilot Chat. If administrators want to allow it, they can explicitly enable the “Allow web search in Copilot” Cloud Policy - the exception is if the policy was already enabled in your environment, in that case your existing configuration will be followed. Microsoft says admins will also have granular controls over the AI in Microsoft 365 Copilot app, Outlook, Teams, and Web. If you’re an administrator of a GCC environment, you can check out the How to prepare section of the announcement to learn about reviewing your admin settings, educating users about how to use the AI, and monitoring the rollout. The usage of AI in government holds significant potential as shown by a recent study by the UK government. It found that AI helped to save civil servants 2 weeks, per person, per year. This time can be spent by them doing other productive activities, making government more efficient overall. With Microsoft's rollout of Copilot Chat to GCC, US government workers can be more efficient too.
  • Recent Achievements

    • Conversation Starter
      Kavin25 earned a badge
      Conversation Starter
    • One Month Later
      Leonard grant earned a badge
      One Month Later
    • Week One Done
      pcdoctorsnet earned a badge
      Week One Done
    • Rising Star
      Phillip0web went up a rank
      Rising Star
    • One Month Later
      Epaminombas earned a badge
      One Month Later
  • Popular Contributors

    1. 1
      +primortal
      529
    2. 2
      ATLien_0
      205
    3. 3
      +FloatingFatMan
      168
    4. 4
      Michael Scrip
      150
    5. 5
      snowy owl
      126
  • Tell a friend

    Love Neowin? Tell a friend!