CmdService
CmdService, or Command Service, is an adware program that displays targeted popup advertisements. CmdService may or may not gather data about a user's surfing habits, which may then be sent to third parties including advertisers.
CmdService is installed by a number of drive-by downloaders, including IE-Plugin. CmdService's End User License Agreement (EULA) states that "iDownload and/or the Software may, without any further prior notice to you, remove, disable or render inoperative other adware programs resident on your computer, which, in turn, may disable or render inoperative, other software resident on your computer, including software bundled with such adware, or have other adverse impacts on your computer." (command.adservs.com/terms.html)
File System Modifications
- The following files were created in the system:
# File Name 1 adtech2006.exe 2 asappsrv.dll 3 atmtd.dll 4 cmdinst.exe 5 cmdservice.exe 6 command.exe 7 idl.exe 8 idlemg.exe 9 install.exe 10 installer.exe 11 installer[1].exe 12 mte2odi6odoxng.exe 13 mte2odm6odoxng.exe 14 mte3ndi6odoxng.exe 15 mte3odm6odoxng.exe 16 sfvbhwd.exe 17 syscat.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Policies|{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdServiceHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdServiceHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_cmdserviceHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}{3877C2CD-F137-4144-BDB2-0A811492F920}
remove command service