Hi all. I'm new here, so please be patient. I have an AMD 1.4 with 256Mb ram running windows XP. I have DSL and have been doing alot of d/l'ing. Just yesterday, I downloaded some demo games and an app or two, installed the apps and now I get a dos window that pops up every time I start my computer. In the Frame it says C:\windows\system32\cmd.exe...It pops up for about 2 seconds then disappears, waits a few seconds and does it again. This will last for about 5 mins., then it just stops. I also have McAfee 6.01 running, it did not detect anything...Do I have a virus, and if so which one? Thanks...Aardy
Am I infected?
- Thread starter AardVark21
- Start date
earthman
Golden Member
- Oct 16, 1999
- 1,653
- 0
- 71
Cmd.exe is just the "DOS box" program for Windows XP, its not a virus, though it may be trying to run one, or some other kind of script. You need to look at your startup files and you run keys in the registry and see what's running from a command line at boot up.
Thanks for the info, but could you point me in the right direction for looking for run scripts in the registry? Do I do a search for "CMD.EXE"?
Start up files? Where can I find those? Thanks for your help...Aardy
Start up files? Where can I find those? Thanks for your help...Aardy
earthman
Golden Member
- Oct 16, 1999
- 1,653
- 0
- 71
There are lots of places.
Cmd.exe is not the problem, its part of Windows.
You can go start/run msconfig and look under the startup tab to see whats starting.
Or in regedit HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Run or Runonce to see whats set to run at startup.
I don't know if XP uses them anymore, but you can get programs starting from config.sys, autoexec.bat, win.ini, and system.ini as well.
Cmd.exe is not the problem, its part of Windows.
You can go start/run msconfig and look under the startup tab to see whats starting.
Or in regedit HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Run or Runonce to see whats set to run at startup.
I don't know if XP uses them anymore, but you can get programs starting from config.sys, autoexec.bat, win.ini, and system.ini as well.
Well, I've come to the conclusion that I haven't been infected. Well, not in the true sense. I believe it to be one of those pesky
porn dialers.
I went and did a minimal boot, and it didn't come up. Now all I have to do is figure out what is calling it and where its located...
If anyone has ideas, I'm all ears....Aardy
porn dialers.
I went and did a minimal boot, and it didn't come up. Now all I have to do is figure out what is calling it and where its located...
If anyone has ideas, I'm all ears....Aardy
try running msconfig and check the start up programs section
just go start-run-msconfig
see if there's something that you don't recognize in there and uncheck it
or disable all strtup programs and reenable them one by one until you find it
just go start-run-msconfig
see if there's something that you don't recognize in there and uncheck it
or disable all strtup programs and reenable them one by one until you find it
Try to instal and run AD-ADWARE, is a spy removal program, that it will detect and remove any spyware. I hope ths will hekp you.
Eltano
Eltano
Thanks all.
I have done the Ad-Aware thing several times. Still having the same problem...Something is trying to dial out,
luckily I don't have a dial-up...I'll go and look in msconfig...Try enabeling 1 at a time and see which 1 is doing it.
I'll post back if I find some thing...Later...Aardy
Okay ppl, here's what i done/found.
I used msconfig, and enabled startup items 1 at a time, and found that explorer32.exe was causing
my problems...I disabled it, then downloaded swat it and ran a complete scan. It showed nothing.
I then used windows explorer and searched for explorer32.exe on my system and found 2 files, 1 was
a prefetch file. I then right clicked on the exe file and told McAfee to scan that file...........Guess what?
It found a TROJAN ....Backdoor-AGT....:disgust:
I tried to get more info on it but was unable to find any. Any one
know about this trojan? Please fill me in if you do.....Aardy
I used msconfig, and enabled startup items 1 at a time, and found that explorer32.exe was causing
my problems...I disabled it, then downloaded swat it and ran a complete scan. It showed nothing.
I then used windows explorer and searched for explorer32.exe on my system and found 2 files, 1 was
a prefetch file. I then right clicked on the exe file and told McAfee to scan that file...........Guess what?
It found a TROJAN ....Backdoor-AGT....:disgust:
I tried to get more info on it but was unable to find any. Any one
know about this trojan? Please fill me in if you do.....Aardy
Yeah, I'm beggining to see that.
One thing that bothers me though, my McAfee V/S detected it after I told it to scan that file. It listed it as "Backdoor - AGT", but
when I go to McAfee to look up details, they don't have it listed. Neither does Norton. What a bummer man...Aardy
Thanks Linewinder. I looked there yesterday and didn't see it, probably me though. Any how, thanks....Aardy
Well, yet more to the never ending story of viruses. I downloaded AVG as suggested by "jmagg", ran it and found (2) "I-worm/Nimda A.H." viruses. All this time I thoght McAfee was protecting me...What a
crock. Now, I try to remove McAfee and I get a message about the Installer isn't installed correctly.
Anyone know how to update/fix/check the windows installer on an XP Pro?
Linewinder, you might want to download AVG, and try it...Aardy
:disgust: :QTRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 24K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 20K
-
-
-
Facebook
Twitter