|
|
Joined: Mar 2001
Posts: 464
CEG\'er
|
OP
CEG\'er
Joined: Mar 2001
Posts: 464 |
Norton AV suddenly found my cmd32.exe file (whatever that is, sounds important) was infected with a Klez/Trojan/Worm virus and automatically deleted the file. Great. Now I get a stupid error message at startup telling me Windows can't find this important cmd32.exe file. System Restore has not worked (always fails) so I can't go back. Any suggestions?
Dan
Acura Integra GS-R w/mods
Former owner of a 95 SE
|
|
|
|
|
Joined: Mar 2001
Posts: 464
CEG\'er
|
|
OP
CEG\'er
Joined: Mar 2001
Posts: 464 |
Also, it says ZoneAlarm had blocked access to the Internet to cmd32.exe. It tried accessing some IP address.
I used Norton to restore the cmd32.exe but now it keeps saying it cannot repair this file and recommends deletion. WTF!?
"66.147.132.11:DNS" is the destination IP.
Last edited by TheGSRGuy; 08/11/03 07:32 AM.
Dan
Acura Integra GS-R w/mods
Former owner of a 95 SE
|
|
|
|
|
Joined: Apr 2002
Posts: 974
Veteran CEG\'er
|
|
Veteran CEG\'er
Joined: Apr 2002
Posts: 974 |
Do a google search and input the name of the virus, and the error. Sometimes this brings up a list of info to help...
That Norton link that you provided tells you what the next steps are to remove it. Print those out and follow step by step! TAKE YOUR TIME!!! The last thing you want is a fanct doorstop. Remember to keep your virus definitions up to date always and it helps to run free online scans as well!
L8R
Rich
Last edited by sosaudio1; 08/11/03 07:48 AM.
'04 Ecotec Cavi 140hp/150tq Fabbed intake. Header Coming, DRL's disabled, X-Drilled/slotted rotors coming....Man you really are fast. You were hauling a$$ when I passed you
RB&LB
causing problems in Huntsville
|
|
|
|
|
Joined: Mar 2001
Posts: 464
CEG\'er
|
|
OP
CEG\'er
Joined: Mar 2001
Posts: 464 |
Note that the link in my first post is to Norton's website....
Dan
Acura Integra GS-R w/mods
Former owner of a 95 SE
|
|
|
|
|
Joined: Jun 2002
Posts: 1,881
Hard-core CEG'er
|
|
Hard-core CEG'er
Joined: Jun 2002
Posts: 1,881 |
cmd32.exe is not a valid Windows Xp file (I just searched for it on my XP box here at work). So follow the Norton directions fully to fix your problem.
It sounds like there's something in MSCONFIG that is looking to start up the virus. So you basically need to do those registry changes to fix the problem and make the message go away.
1998 T-Red SVT #957
Born 5/14/1997
|
|
|
|
|
Joined: Jan 2001
Posts: 1,889
Hard-core CEG\'er
|
|
Hard-core CEG\'er
Joined: Jan 2001
Posts: 1,889 |
Go in and do what Norton tells you to do from the page link you posted. After that if you restart and still get error messages, put you XP CD in and reboot. When it asks you to boot from CD hit enter and you'll get a sreen that says something like this:
To setup Windows XP now, press ENTER.
To repair a Windows XP installation using Recovery Console, press R.
To quit Setup without installing Windows XP,
press Press ENTER to set up Windows XP.
On the Windows XP Licensing Agreement screen, press F8 to
agree to the license agreement.
Make sure that your current installation of Windows XP is
selected in the box, and then press R to repair Windows XP.
Follow the instructions on the remaining screens to
reinstall Windows XP. After you repair Windows XP, you may
be required to reactivate your copy of Windows XP.
This should repair or replace the files that are damaged or missing without lossing your other files.
I hope this helps and you should crankup your Zonealarm settings if your on the net because this is not just a pesky bug that deletes files, engage the internet lock in Zonealarm if your away from your computer so nothing gets on line.
Good luck!
99 Contour Sport SE MTX
KKM filter, B&M shifter
No res, BAT kit
Green car silver hood (because silver is faster)
|
|
|
|
|
Joined: Jun 2002
Posts: 1,881
Hard-core CEG'er
|
|
Hard-core CEG'er
Joined: Jun 2002
Posts: 1,881 |
Why would he even need to do this! cmd32.exe is not a Windows file. It's a virus file and not an XP system file (even though it looks like it should be one). All he needs to do is delete it and then do the registry instructions Norton posted. Look here to make your registry removal much easier: http://www.dougknox.com/xp/scripts_desc/xp_clean_kwbot.htmOriginally posted by RT and his SE:
Go in and do what Norton tells you to do from the page link you posted. After that if you restart and still get error messages, put you XP CD in and reboot. When it asks you to boot from CD hit enter and you'll get a sreen that says something like this:
To setup Windows XP now, press ENTER.
To repair a Windows XP installation using Recovery Console, press R.
To quit Setup without installing Windows XP,
press Press ENTER to set up Windows XP.
On the Windows XP Licensing Agreement screen, press F8 to
agree to the license agreement.
Make sure that your current installation of Windows XP is
selected in the box, and then press R to repair Windows XP.
Follow the instructions on the remaining screens to
reinstall Windows XP. After you repair Windows XP, you may
be required to reactivate your copy of Windows XP.
This should repair or replace the files that are damaged or missing without lossing your other files.
I hope this helps and you should crankup your Zonealarm settings if your on the net because this is not just a pesky bug that deletes files, engage the internet lock in Zonealarm if your away from your computer so nothing gets on line.
Good luck!
1998 T-Red SVT #957
Born 5/14/1997
|
|
|
|
|
Joined: May 2000
Posts: 2,127
Hard-core CEG'er
|
|
Hard-core CEG'er
Joined: May 2000
Posts: 2,127 |
Last edited by BOFH; 08/11/03 08:22 PM.
"Seems like our society is more interested in turning each successive generation into cookie-cutter wankers than anything else." -- Jato 8/24/2004
|
|
|
|
|
Joined: Jan 2001
Posts: 1,889
Hard-core CEG\'er
|
|
Hard-core CEG\'er
Joined: Jan 2001
Posts: 1,889 |
It is a file rewriter and modifier. If you read how the virus modifies and corrupts Windows files to do it's own dirty work you'll understand. If he's getting error messages after removing the bug than pieces of some files could not be cleaned so they had to be removed. From what I'm reading in the post I'm assuming he's done what Symantec's has instructed. Doing what I wrote previous will simply put back whatever pieces were removed or not repaired properly to eliminate the error messages.
Tommy, did you read my whole post?
Quote:
Go in and do what Norton tells you to do from the page link you posted
Very first line! 
99 Contour Sport SE MTX
KKM filter, B&M shifter
No res, BAT kit
Green car silver hood (because silver is faster)
|
|
|
|
|
Joined: Apr 2001
Posts: 252
CEG\'er
|
|
CEG\'er
Joined: Apr 2001
Posts: 252 |
Originally posted by TommySVT:
Why would he even need to do this! cmd32.exe is not a Windows file. It's a virus file and not an XP system file (even though it looks like it should be one). All he needs to do is delete it and then do the registry instructions Norton posted.
Look here to make your registry removal much easier:
http://www.dougknox.com/xp/scripts_desc/xp_clean_kwbot.htm
Originally posted by RT and his SE:
Go in and do what Norton tells you to do from the page link you posted. After that if you restart and still get error messages, put you XP CD in and reboot. When it asks you to boot from CD hit enter and you'll get a sreen that says something like this:
To setup Windows XP now, press ENTER.
To repair a Windows XP installation using Recovery Console, press R.
To quit Setup without installing Windows XP,
press Press ENTER to set up Windows XP.
On the Windows XP Licensing Agreement screen, press F8 to
agree to the license agreement.
Make sure that your current installation of Windows XP is
selected in the box, and then press R to repair Windows XP.
Follow the instructions on the remaining screens to
reinstall Windows XP. After you repair Windows XP, you may
be required to reactivate your copy of Windows XP.
This should repair or replace the files that are damaged or missing without lossing your other files.
I hope this helps and you should crankup your Zonealarm settings if your on the net because this is not just a pesky bug that deletes files, engage the internet lock in Zonealarm if your away from your computer so nothing gets on line.
Good luck!
Just because you don't have it on your machine does not automatically make it a virus. cmd32.exe is a valid Windows program. There was a patch a year ago I think that made it useless, so it's deleted. But here's a fix I pulled off of a site.
To get rid of the annoying error just as you log on, open up Regedit and go to the following: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon It will probably say: explorer.exe c:\windows\system32\cmd32.exe Change it to: explorer.exe No more errors  You may also wanna try: Run system file checker and this should pull that file off the cd. you will need your xp cd. go to run type sfc /scannow [press enter] from here it will prompt you if you have any missing files!
|
|
|
|
|
