Problem regarding cmd and a virus/trojan i can find info in the ne

[Guest]

hi everyone, im in deep trouble right now since i'll soon have my defense
this wednesday on my java program. Well heres my problem.

My computer restarts everytime i run cmd.exe. Well it doesnt instantly
restart but it restarts when i start to type a letter or when i insert my
infected USB but it restart safely thank GOD! i tried deleting the cmd.exe
but when i erase it, it generates another cmd.exe and then i also tried
renaming the old COMMAND.EXE to cmd.exe but it still doesnt work and will
still create cmd.exe regardless of the fact that another cmd.exe exsisted but
differs in version.

I also noticed that it generates a FOLDER LOOKING FILE called
"KEITH's_Setting" assuming that KEITH is your profile name i noticed that its
type is not a folder but a screen saver file but it looks like a folder. At
first i tried clicking it but instead it opens the windows explorer.

This began when my friend returned my flash drive which she borrowed the
other day. When i opened it it had a folder called Data's_setting then i
clicked it and instead it opened the windows explorer. Then afterwards, the
whole mess started. My computer is fine but when i open cmd and type
something, my computer restarts. Also i noticed in the taskmgr that there are
three(3) SERVICES.EXE, three(3) WINLOGON.EXE and three(3) lsass.exe Running..

What should i do? i tried researching bout this in the net but i cant find a
single clue of what this is. I search all its possible effects but all i
found is disappointment. Please help me. Thank You Very Much

 

[Wesley Vogel]

Update your antivirus software and run a full system scan.

Do the same for whatever anti-spyware applications that you have.

COMMAND.EXE is not an XP file, command.com and cmd.exe are XP files.

COMMAND.EXE is either...
[[a process belonging to the Adtomi advertising program by Adtomi.com. This
process monitors your browsing habits and distributes the data back to the
author's servers for analysis. This also prompts advertising popups. This
program is a registered security risk and should be removed immediately. ]]
or
[[a process which is registered as the Trojan.W32.Feebs worm. This virus is
distributed via the Internet through e-mail and comes in the form of an
e-mail message, in the hopes that you open it’s hostile attachment. The worm
has it’s own SMTP engine which means it gathers E-mails from your local
computer and re-distributes itself. In worst cases this worm can allow
attackers to access your computer, stealing passwords and personal data. It
is a registered security risk and should be removed immediately. ]]

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In

 

[Guest]

yup just got the solution after i fixed my modem and updated my virus
scanner. It was the w32.rontokbro@mm and its all fixed now. Thanks for the
hint.

Update your antivirus software and run a full system scan.

Do the same for whatever anti-spyware applications that you have.

COMMAND.EXE is not an XP file, command.com and cmd.exe are XP files.

COMMAND.EXE is either...
[[a process belonging to the Adtomi advertising program by Adtomi.com. This
process monitors your browsing habits and distributes the data back to the
author's servers for analysis. This also prompts advertising popups. This
program is a registered security risk and should be removed immediately. ]]
or
[[a process which is registered as the Trojan.W32.Feebs worm. This virus is
distributed via the Internet through e-mail and comes in the form of an
e-mail message, in the hopes that you open it’s hostile attachment. The worm
has it’s own SMTP engine which means it gathers E-mails from your local
computer and re-distributes itself. In worst cases this worm can allow
attackers to access your computer, stealing passwords and personal data. It
is a registered security risk and should be removed immediately. ]]

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In

hi everyone, im in deep trouble right now since i'll soon have my defense
this wednesday on my java program. Well heres my problem.

My computer restarts everytime i run cmd.exe. Well it doesnt instantly
restart but it restarts when i start to type a letter or when i insert my
infected USB but it restart safely thank GOD! i tried deleting the cmd.exe
but when i erase it, it generates another cmd.exe and then i also tried
renaming the old COMMAND.EXE to cmd.exe but it still doesnt work and will
still create cmd.exe regardless of the fact that another cmd.exe exsisted
but differs in version.

I also noticed that it generates a FOLDER LOOKING FILE called
"KEITH's_Setting" assuming that KEITH is your profile name i noticed that
its type is not a folder but a screen saver file but it looks like a
folder. At first i tried clicking it but instead it opens the windows
explorer.

This began when my friend returned my flash drive which she borrowed the
other day. When i opened it it had a folder called Data's_setting then i
clicked it and instead it opened the windows explorer. Then afterwards,
the whole mess started. My computer is fine but when i open cmd and type
something, my computer restarts. Also i noticed in the taskmgr that there
are three(3) SERVICES.EXE, three(3) WINLOGON.EXE and three(3) lsass.exe
Running..

What should i do? i tried researching bout this in the net but i cant
find a single clue of what this is. I search all its possible effects but
all i found is disappointment. Please help me. Thank You Very Much

 

[Wesley Vogel]

Glad to hear it, Keith. Keep having fun.

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In

yup just got the solution after i fixed my modem and updated my virus
scanner. It was the w32.rontokbro@mm and its all fixed now. Thanks for the
hint.

Update your antivirus software and run a full system scan.

Do the same for whatever anti-spyware applications that you have.

COMMAND.EXE is not an XP file, command.com and cmd.exe are XP files.

COMMAND.EXE is either...
[[a process belonging to the Adtomi advertising program by Adtomi.com.
This process monitors your browsing habits and distributes the data back
to the author's servers for analysis. This also prompts advertising
popups. This program is a registered security risk and should be removed
immediately. ]] or
[[a process which is registered as the Trojan.W32.Feebs worm. This virus
is distributed via the Internet through e-mail and comes in the form of
an e-mail message, in the hopes that you open it’s hostile attachment.
The worm has it’s own SMTP engine which means it gathers E-mails from
your local computer and re-distributes itself. In worst cases this worm
can allow attackers to access your computer, stealing passwords and
personal data. It is a registered security risk and should be removed
immediately. ]]

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In

hi everyone, im in deep trouble right now since i'll soon have my
defense this wednesday on my java program. Well heres my problem.

My computer restarts everytime i run cmd.exe. Well it doesnt instantly
restart but it restarts when i start to type a letter or when i insert
my infected USB but it restart safely thank GOD! i tried deleting the
cmd.exe but when i erase it, it generates another cmd.exe and then i
also tried renaming the old COMMAND.EXE to cmd.exe but it still doesnt
work and will still create cmd.exe regardless of the fact that another
cmd.exe exsisted but differs in version.

I also noticed that it generates a FOLDER LOOKING FILE called
"KEITH's_Setting" assuming that KEITH is your profile name i noticed
that its type is not a folder but a screen saver file but it looks like
a folder. At first i tried clicking it but instead it opens the windows
explorer.

This began when my friend returned my flash drive which she borrowed the
other day. When i opened it it had a folder called Data's_setting then i
clicked it and instead it opened the windows explorer. Then afterwards,
the whole mess started. My computer is fine but when i open cmd and type
something, my computer restarts. Also i noticed in the taskmgr that
there are three(3) SERVICES.EXE, three(3) WINLOGON.EXE and three(3)
lsass.exe Running..

What should i do? i tried researching bout this in the net but i cant
find a single clue of what this is. I search all its possible effects
but all i found is disappointment. Please help me. Thank You Very Much