?
Solved

Command Prompt window opens ans closes immediately, i think its a virus

Posted on 2006-04-25
5
Medium Priority
?
2,698 Views
Last Modified: 2008-01-09
Hi,

  Few days back my windows was running smoothly. I then received an email , in which there was a attached zip file.
 
  The email body contained the message that your password has been changed successfully.I tried opening the zip file attached and there was a password.scr file in it. I think i clicked it as far as i can remember.So as a result now when i try
to open command prompt the windows opens for a second and closes.I have tried running it from start->run->cmd as well but no use. Also i have tried it running from start->accessories as wel but same problem.
 Same is the problem with task manager ,regedit
and msconfig. Also my firewall was automatically disabled. I tried going to macafee website to find a solution and downlaoded the stinger application. Tried running it and it showed me that im infected with Qhost.apd trojan and it repiared the file as well. But i have ran the scan like 10 times every time it shows me and repairs it but the problem still persist. I have downlaoded Avg, Microsoft windows Beta Defender and other Anitviruses as well but no use.
Please help with this as anyone can take advantage of it as im not firewall protected at the moment and cant even open the anitvirus that was installed originally in my machine due to some reason that i dont know. The antivirus is Sygate that i was running but it appears to be disabled now.


Please help with this asap and get the 500 points you deserve if you can find a soultion for it.

0
Comment
Question by:ammartahir1978
5 Comments
 
LVL 32

Accepted Solution

by:
r-k earned 2000 total points
ID: 16534331
I suggest two things:

Download and run Ewido from: http://www.ewido.net/en/
and see if it will remove the problem.

If it does not (or even if it does), download and run HijackThis from http://www.hijackthis.de/
Post the resulting log back to that same web site.
Click on the "Analyze" button, and on the next page click on "Save Analysis"
Post the address of the final saved page here
(don't post the entire log here)

That will help us narrow it down and see what might still be ailing your system.
0
 
LVL 23

Expert Comment

by:phototropic
ID: 16537100
You have infected yourself with a virus.
First, disable system restore to delete protected files.
Run some scans. Bitdefender is good:

www.bitdefender.com/scan8/ie.html 

Run ewido in safe mode;
Delete all temp. files and cookies.
Install a new firewall. Zonealarm is good and it is free:

www.zonelabs.com/

Google the name of your virus and see if anyone has worked out a removal strategy. There is a removal proceedure here:

http://forums.techguy.org/t377664.html

It doesn't look too complicated.

Good luck!
0
 
LVL 4

Expert Comment

by:SymShady
ID: 16540287
check the \shell\open\ registry keys...

HKLM, Software\CLASSES\comfile\shell\open\command

right click default go to modify
make sure the default key is set to...

 "%1" %*

copy it exactly!
make sure also that the type is a REG_SZ

you may also want to check the following keys:

HKLM, Software\CLASSES\batfile\shell\open\command
HKLM, Software\CLASSES\comfile\shell\open\command
HKLM, Software\CLASSES\exefile\shell\open\command
HKLM, Software\CLASSES\piffile\shell\open\command
HKLM, Software\CLASSES\scrfile\shell\open\command

if you can't open the registry...lol...post again and I will show you what to do

you can remote the registry from another machine if its 2000 or better

hope this helps!
0
 

Author Comment

by:ammartahir1978
ID: 16548039
cheers guys

r k solution was the one that helped me to remove the virus using "hijack this".
Pc was infected with  W32/Mytob virus .

thans again for all your help it took me 3 days of nonstop pain to get rid of this issue
0
 
LVL 32

Expert Comment

by:r-k
ID: 16548573
Thanks, and glad things are working better.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to provide information to successfully add specific IIS 7.0 role services for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technol…
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question