Command Prompt window opens ans closes immediately, i think its a virus

Posted on 2006-04-25
Last Modified: 2008-01-09

  Few days back my windows was running smoothly. I then received an email , in which there was a attached zip file.
  The email body contained the message that your password has been changed successfully.I tried opening the zip file attached and there was a password.scr file in it. I think i clicked it as far as i can remember.So as a result now when i try
to open command prompt the windows opens for a second and closes.I have tried running it from start->run->cmd as well but no use. Also i have tried it running from start->accessories as wel but same problem.
 Same is the problem with task manager ,regedit
and msconfig. Also my firewall was automatically disabled. I tried going to macafee website to find a solution and downlaoded the stinger application. Tried running it and it showed me that im infected with Qhost.apd trojan and it repiared the file as well. But i have ran the scan like 10 times every time it shows me and repairs it but the problem still persist. I have downlaoded Avg, Microsoft windows Beta Defender and other Anitviruses as well but no use.
Please help with this as anyone can take advantage of it as im not firewall protected at the moment and cant even open the anitvirus that was installed originally in my machine due to some reason that i dont know. The antivirus is Sygate that i was running but it appears to be disabled now.

Please help with this asap and get the 500 points you deserve if you can find a soultion for it.

Question by:ammartahir1978
    LVL 32

    Accepted Solution

    I suggest two things:

    Download and run Ewido from:
    and see if it will remove the problem.

    If it does not (or even if it does), download and run HijackThis from
    Post the resulting log back to that same web site.
    Click on the "Analyze" button, and on the next page click on "Save Analysis"
    Post the address of the final saved page here
    (don't post the entire log here)

    That will help us narrow it down and see what might still be ailing your system.
    LVL 23

    Expert Comment

    You have infected yourself with a virus.
    First, disable system restore to delete protected files.
    Run some scans. Bitdefender is good:

    Run ewido in safe mode;
    Delete all temp. files and cookies.
    Install a new firewall. Zonealarm is good and it is free:

    Google the name of your virus and see if anyone has worked out a removal strategy. There is a removal proceedure here:

    It doesn't look too complicated.

    Good luck!
    LVL 4

    Expert Comment

    check the \shell\open\ registry keys...

    HKLM, Software\CLASSES\comfile\shell\open\command

    right click default go to modify
    make sure the default key is set to...

     "%1" %*

    copy it exactly!
    make sure also that the type is a REG_SZ

    you may also want to check the following keys:

    HKLM, Software\CLASSES\batfile\shell\open\command
    HKLM, Software\CLASSES\comfile\shell\open\command
    HKLM, Software\CLASSES\exefile\shell\open\command
    HKLM, Software\CLASSES\piffile\shell\open\command
    HKLM, Software\CLASSES\scrfile\shell\open\command

    if you can't open the again and I will show you what to do

    you can remote the registry from another machine if its 2000 or better

    hope this helps!

    Author Comment

    cheers guys

    r k solution was the one that helped me to remove the virus using "hijack this".
    Pc was infected with  W32/Mytob virus .

    thans again for all your help it took me 3 days of nonstop pain to get rid of this issue
    LVL 32

    Expert Comment

    Thanks, and glad things are working better.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Suggested Solutions

    Change your it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
    PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now