Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×

Trojan Or Virus

webfact

By webfact
in IT and Computers

 Share

Recommended Posts

webfact Grand Master Member

webfact

Posted
Posted

On a routine system scan my anti virus (Comodo) came up with several files i.e.

xa3610126.exe

xa3638484.exe

altogether 4 of these files + msnsc.exe.

They all reside in Windows\system32\ folder.

My alarm bell is ringing. The scanner gives the reason "Heur.Packed.Unknown" & dangerous application for cmdow.exe

A quick search on Google returned no results except msnsc.exe might be 30% dangerous, but it is not actually known what this file is doing!

In case of cmdow.exe there are many opinions but I am unsure what to do.

I have now quarantined all those files

Advise is very much appreciated.

slackula Silver Member

slackula

Posted
Posted
.... where is Reimar....? :o

Probably cyber-gobbling Ballmer and Gates as he downloads the latest version of their trojan and virus development laboratory, otherwise known as Windows 7 in order to post glowing reviews of it whilst all the time making pitiful attempts to defend the OS abortion commonly known as Vista.

Sad really, that people turn to a paid shill for advice on fixing a supremely defective product that they have paid lots of money for. With many other products in the world expected to work as advertised, Microsoft seem to get a free pass on that every time.

wxpwzrd Advanced Member

wxpwzrd

Posted
Posted
.... where is Reimar....? :o

Probably cyber-gobbling Ballmer and Gates as he downloads the latest version of their trojan and virus development laboratory, otherwise known as Windows 7 in order to post glowing reviews of it whilst all the time making pitiful attempts to defend the OS abortion commonly known as Vista.

Sad really, that people turn to a paid shill for advice on fixing a supremely defective product that they have paid lots of money for. With many other products in the world expected to work as advertised, Microsoft seem to get a free pass on that every time.

Well that was a lot of pointless blather to further your hatred of Microsoft.

slackula Silver Member

slackula

Posted
Posted
Well that was a lot of pointless blather to further your hatred of Microsoft.

I don't hate Microsoft or the users of their software because I don't have the energy; I pity and mock them in equal proportions.

But thanks for taking the bait :o

H2oDunc Platinum Member

H2oDunc

Posted
Posted
Well that was a lot of pointless blather to further your hatred of Microsoft.

I don't hate Microsoft or the users of their software because I don't have the energy; I pity and mock them in equal proportions.

But thanks for taking the bait :o

So the fact I have been running Vista for 15 months with NO problems, stalls or blue screens and am very happy with how it works and does everything I want from an OS must be a lie then ? I have never had a problem with a virus or trojan, it updates whenever It is needed and if I do need any help I have a VAST resource at my finger tips. Can you remind me again just where I'm going wrong here ? Oh I remember IM the sad one!!!!!!

kayo Star Member

kayo

Posted
Posted
Well that was a lot of pointless blather to further your hatred of Microsoft.

But thanks for taking the bait :D

:o

Kayo! :D

xp pro SP2 :D

slackula Silver Member

slackula

Posted
Posted
So the fact I have been running Vista for 15 months with NO problems, stalls or blue screens and am very happy with how it works and does everything I want from an OS must be a lie then ? I have never had a problem with a virus or trojan, it updates whenever It is needed and if I do need any help I have a VAST resource at my finger tips. Can you remind me again just where I'm going wrong here ? Oh I remember IM the sad one!!!!!!

A) How much did you pay for this magical operating system and,

3) Have you ever heard of this?

wxpwzrd Advanced Member

wxpwzrd

Posted
Posted
A) How much did you pay for this magical operating system and,

3) Have you ever heard of this?

:o I'm sorry... Did you actually have anything to contribute to the OP's questions? Otherwise you are continuing to blather in a post where you obviously do not have the experience or knowledge to answer.

slackula Silver Member

slackula

Posted
Posted
:o I'm sorry... Did you actually have anything to contribute to the OP's questions? Otherwise you are continuing to blather in a post where you obviously do not have the experience or knowledge to answer.

And what exactly did you bring to the thread? An appeal to authority? Lame.

I will eagerly await your suggestions fix to the OPs problems.

/I will guess that it involves re-installing and re-booting half a dozen times

wxpwzrd Advanced Member

wxpwzrd

Posted
Posted

At the risk of one final off topic post to this thread (I apologize to the poster for this) - you are the one that began your scathing off topic blather here.

As far as my own contributions, I choose not to contribute to repairing systems or OS issues in a country where the users are famous for buying their software from Pantip off the copy shelf. Certainly not implying the poster did this, but I choose who I wish to assist. Likely I would not have to reinstall, but that is because I actually have a clue how OS's function... do you?

slackula Silver Member

slackula

Posted
Posted
but that is because I actually have a clue how OS's function... do you?

Yeah, pretty much. The reasons that I prefer Slackware on my laptop, but I am happy enough with OS X on my desktop are because they both stay out of my way until I need them to do something.

I haven't ever bought software from Pantip, but nice try at another straw-man argument.

webfact Grand Master Member

webfact

Posted
  • Author
Posted

Working in Thailand and asking a software related issue seems to be enough evidence to identify someone as user of pirated software!

Now I have learnt a lot and I will ask the Microsoft store in Vancouver why they have sold me a fake Windows...

Thought to get some advise to my question but I was wrong. Thanks to the poster who pushed the break and pointed to my actual question

Guest Reimar

Guest Reimar

Posted
Posted
.... where is Reimar....? :o

Unfortunate I didn't get paid from Microsoft and so I've to run my own company for to earn my living! In clear: I've a havy job in the moment and my customer keeps me busy. But that's ok because it keeps me alive!!

Cheers.

webfact Grand Master Member

webfact

Posted
  • Author
Posted
.... where is Reimar....? :o

Unfortunate I didn't get paid from Microsoft and so I've to run my own company for to earn my living! In clear: I've a havy job in the moment and my customer keeps me busy. But that's ok because it keeps me alive!!

Cheers.

A lot of business thats indeed good for you. I thought you might come up with an idea regarding my question as it is a windows related issue.

Thats why I asked "where is R."

Guest Reimar

Guest Reimar

Posted
Posted
.... where is Reimar....? :o

Unfortunate I didn't get paid from Microsoft and so I've to run my own company for to earn my living! In clear: I've a havy job in the moment and my customer keeps me busy. But that's ok because it keeps me alive!!

Cheers.

A lot of business thats indeed good for you. I thought you might come up with an idea regarding my question as it is a windows related issue.

Thats why I asked "where is R."

Ok, I haven't check that infections yet because no time!

Bu you can go several ways and if you unsure what to do and the infos you can get via Google are just a little, I would suggest to download the latest version of Hijack this and post the result after scanning in one of the special technical forums.

An other thing you can do is to download the latest version of CireIt from http://www.freedrweb.com and run that prog in Safe Mode twice: once in quick scan and once for all drives.

The result I had in the past with that prog were outstanding and the best compare to any other scans.

One other pro I run on all of my computer is: Whatsrunning, a Freeware you can download from: http://whatsrunning.net. That is an very advanced Taskmanager and even more, because while use a right click on an program file you can get the infos online about what the <deleted> is that! And the program NA Detector shows you the in- and outgoing connection of you network/ADSL connection.

That programs I mention above are quite small and didn't need much resources but they're very usefull in the todays havy infected enviroment.

Cheers.

webfact Grand Master Member

webfact

Posted
  • Author
Posted
.... where is Reimar....? :o

Unfortunate I didn't get paid from Microsoft and so I've to run my own company for to earn my living! In clear: I've a havy job in the moment and my customer keeps me busy. But that's ok because it keeps me alive!!

Cheers.

A lot of business thats indeed good for you. I thought you might come up with an idea regarding my question as it is a windows related issue.

Thats why I asked "where is R."

Ok, I haven't check that infections yet because no time!

Bu you can go several ways and if you unsure what to do and the infos you can get via Google are just a little, I would suggest to download the latest version of Hijack this and post the result after scanning in one of the special technical forums.

An other thing you can do is to download the latest version of CireIt from http://www.freedrweb.com and run that prog in Safe Mode twice: once in quick scan and once for all drives.

The result I had in the past with that prog were outstanding and the best compare to any other scans.

One other pro I run on all of my computer is: Whatsrunning, a Freeware you can download from: http://whatsrunning.net. That is an very advanced Taskmanager and even more, because while use a right click on an program file you can get the infos online about what the <deleted> is that! And the program NA Detector shows you the in- and outgoing connection of you network/ADSL connection.

That programs I mention above are quite small and didn't need much resources but they're very usefull in the todays havy infected enviroment.

Cheers.

Thanks!

katana Platinum Member

katana

Posted
Posted
On a routine system scan my anti virus (Comodo) came up with several files i.e.

xa3610126.exe

xa3638484.exe

altogether 4 of these files + msnsc.exe.

They all reside in Windows\system32\ folder.

My alarm bell is ringing. The scanner gives the reason "Heur.Packed.Unknown" & dangerous application for cmdow.exe

A quick search on Google returned no results except msnsc.exe might be 30% dangerous, but it is not actually known what this file is doing!

In case of cmdow.exe there are many opinions but I am unsure what to do.

I have now quarantined all those files

Advise is very much appreciated.

Try right-clicking any of the files>Properties and checking the Version tab. Is any company listed?

JetsetBkk Star Member

JetsetBkk

Posted
Posted
...In case of cmdow.exe there are many opinions but I am unsure what to do....

I use cmdow.exe - it's a very useful utility. But if you didn't put it on your computer, I wonder who did?

My file is version 1.4.3.0, Copyright Ritchie Lawrence, from "http://www.commandline.co.uk", size 31,232 bytes, date 19 December 2004.

raro Star Member

raro

Posted
Posted
.... where is Reimar....? :o

Unfortunate I didn't get paid from Microsoft and so I've to run my own company for to earn my living! In clear: I've a havy job in the moment and my customer keeps me busy. But that's ok because it keeps me alive!!

Cheers.

A lot of business thats indeed good for you. I thought you might come up with an idea regarding my question as it is a windows related issue.

Thats why I asked "where is R."

By personal experience, it helps sending Reimar a PM. You will get most comprehensive answers and great support!

Gary A Star Member

Gary A

Posted
Posted

For what it's worth, I tried the free Comodo and it drove me crazy. I am now subscribed to Norton Internet Security 2009. It's great. No hassles and no configuration. Don't confuse the new Norton with the older hog versions.

shriah Senior Member

shriah

Posted
Posted
...In case of cmdow.exe there are many opinions but I am unsure what to do....

This link clearly explains the role of cmdow.exe cmdow.exe(www.msfn.org) . It claims its harmless and its purpose as

this command is popular among users making unattended installations of Windows-- that DON'T want to show the end user some ugly DOS box that could be closed with the click of "X".
. If you think you are affected by Virus , i would suggest running ComboFix (a freeware) . Update your antivirus daily .
webfact Grand Master Member

webfact

Posted
  • Author
Posted
For what it's worth, I tried the free Comodo and it drove me crazy. I am now subscribed to Norton Internet Security 2009. It's great. No hassles and no configuration. Don't confuse the new Norton with the older hog versions.

I trust Comodo has an almost perfect and bullet-proof firewall but lacks anti virus protection.

Now I have downloaded a 30d trial of Dr. Web and (not) to my surprise this program found some more

nasty bastards and cured it! I'll test for 30 days. I am still running Comodo Firewall because it plays in

the same league with Online Armor and Outpost. And it does the job! But this is MHO only...

Guest Reimar

Guest Reimar

Posted
Posted

Maybe something to think a bit about and that's the "FREE" Anti Virus Software!!

Questions: Why Free? I mean that programs which are NOT Open Source like ClamAV! Who finance or cover the cost of development and further updates? could some company or even private people cover that costings just "for Fun"?

Could the answer be as the research in the US has shown some years ago the the some virus (maybe many of the virus'es) were developed from some of that companies which was selling the AV software and the virus developer was producing them own "anti" programs! Because it was an fact the some AV programs had the "killing" code already before that virus even was launched!

Fact is that the AV software market is huge and corporates are the main customers while the privates are the main "looser's"!

Interestingly the amount of Open Source software regarding AV is very low, I mean the AV software for corporates. The only one I know for Servers which is Open Source and Free, is ClamAV, while ClamWin is the free version for privates!

About DrWeb, it's not freeware but is an excellent AV program! It has helps me many times for to cure system while it was impossible to do that with other progs!

The free CureIt Version, which everybody can download isn't a full program, it's just a "runtime" an d need to be downloaded everytime again if needed. But it does it's job and that very well too! And it's just one of the few progs which you can run on Windows (any version) in Safe Mode because it isn't installed and don't need any resources or DLL's from Windows. Even the so named ONLINE AV programs, all need windows to run in normal mode and in normal mode many files, if infected, couldn't cleaned because of the Windows protection regarding those files.

My first step at any time I've to clean an system from infection's is the use of CureIt!

Cheers.

webfact Grand Master Member

webfact

Posted
  • Author
Posted
Maybe something to think a bit about and that's the "FREE" Anti Virus Software!!

Questions: Why Free? I mean that programs which are NOT Open Source like ClamAV! Who finance or cover the cost of development and further updates? could some company or even private people cover that costings just "for Fun"?

Could the answer be as the research in the US has shown some years ago the the some virus (maybe many of the virus'es) were developed from some of that companies which was selling the AV software and the virus developer was producing them own "anti" programs! Because it was an fact the some AV programs had the "killing" code already before that virus even was launched!

Fact is that the AV software market is huge and corporates are the main customers while the privates are the main "looser's"!

Interestingly the amount of Open Source software regarding AV is very low, I mean the AV software for corporates. The only one I know for Servers which is Open Source and Free, is ClamAV, while ClamWin is the free version for privates!

About DrWeb, it's not freeware but is an excellent AV program! It has helps me many times for to cure system while it was impossible to do that with other progs!

The free CureIt Version, which everybody can download isn't a full program, it's just a "runtime" an d need to be downloaded everytime again if needed. But it does it's job and that very well too! And it's just one of the few progs which you can run on Windows (any version) in Safe Mode because it isn't installed and don't need any resources or DLL's from Windows. Even the so named ONLINE AV programs, all need windows to run in normal mode and in normal mode many files, if infected, couldn't cleaned because of the Windows protection regarding those files.

My first step at any time I've to clean an system from infection's is the use of CureIt!

Cheers.

Interesting but I am not sure if I can second that in the case of Comodo.

Anyway if you had to chose a paid version of Dr. Web - would you go for the Anti Virus solution or the Dr. Web Space solution? My question is not related to any price tag.

Thanks!

Guest Reimar

Guest Reimar

Posted
Posted
Interesting but I am not sure if I can second that in the case of Comodo.

Anyway if you had to chose a paid version of Dr. Web - would you go for the Anti Virus solution or the Dr. Web Space solution? My question is not related to any price tag.

Thanks!

Comodo is an Firewall! While DrWeb is an AV software!

And I would go for the Web Space solution!

Cheers.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formerly Thai Visa) Thailand's oldest and most popular forum for expats and foreigners.

Sign up today and have your say

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...