How do I get cmd.exe back?

[tammy1670]

hello again - have something else popping up now, (on the pc with the bad slave hard drive); when I boot up, a popup window tells me that windows cannot find 'C:\windows\system32\cmd32.exe. How do I get this back??? (windows XP home)...I've tried looking for it on the windows XP disk, but cannot find it

[stroyal]

That file is probably created during instalation.
When this happened to me with win 98se, I found the missing file on another computer with win 98se installed. Unless that file is differant in every computer that should work

[tammy1670]

i didn't think about that! Will try as soon as I can get to a pc with xp installed. Thanks! )

[PengyDaPenguin]

Unless I'm too much mistaken, cmd32.exe is the command-line shell program *We all remember the Good Ol' DOS days yes?*. But I do agree with the suggestion of Copying the file from someone else's PC and placing it into that path. Unless they are using an Itanium architecture you should have no problems using it.

[Scott Tiger]

Cmd.exe isn't protected by the mighty Windows File Protection Daemon? Hmm... /me scratches head

Unfortunately Tammy1670, that's the only way I could think of to repair that file to outside of running SFC (which can be dangerous) or reinstalling everything.

[vass0922]

cmd32.exe?
Last I knew it was just cmd.exe...
You sure you don't have something bad going on over there?
its not uncommon for viruses to use files that look like system files...

Do you happen to have perl installed?
Most references I found in google refer to Perl executables...

[Scott Tiger]

/ Vass gets 5 pts for paying attention..

Good thinking. I didn't even catch that. It is Cmd.exe - I've never seen Cmd32.exe.

Why would a Perl interpreter throw an error at startup though? Sounds kinda funny to me.

[tammy1670]

i don't know - It pops up every time I start the pc --I've been into a lot lately, there is no telling what I have gotten.

thanks for all your attention!

i did have some virus stuff on here, a whole folder with like 30-something files in it, norton found them and quarantined all of it, which I deleted and didn't open, under a folder USER32....maybe it's related

[PReDaToR xGoDx]

actually cmd32.exe is a proper .exe ive recently had a problem wiv this...

[PReDaToR xGoDx]

hmmm i just did a bit of searching, this is kinda disturbing...i found out something...but i cant make sense of it all...but it may help to those experts...
CHARACTERISTICS
Win32.Tank.14 is an IRC controlled backdoor that can be used to gain unauthorized access to a victim's machine. It can also exhibit worm like functionality by offering itself as a download in either the KaZaA or iMesh p2p file sharing network. It is based on code from Sdbot.

When run, it makes a hidden copy of itself in the %Windows% directory with the filename cmd32.exe.

Win32.Tank.14 then attempts to connect to a pre-defined IRC server and join a specific channel so that the victim's computer can be controlled.

Once the victim's computer is under control, the hacker is able to instruct Win32.Tank.14 to perform malicious operations such as

- Executing programs
- Opening files
- Downloading files
- Updating itself via the web
- Sending system information from the local host, such as operating system, processor speed, free ram, etc.
-Sending network information from the local host, including connection type and the local IP address.
- Launching DDoS (Denial Of Service) attacks

Win32.Tank.14 attempts to enable file sharing on machines running KaZaA and iMesh. It proceeds to share the directory %Windows%\User32 on the given Peer To Peer network. When copying itself to the shared directory it appends a random amount of data so that the filesizes do not remain constant. The base file size is 102,142 bytes. It makes multiple hidden copies of itself with the potential following 'enticing' filenames:

Battlefield1942_bloodpatch.exe
Unreal2_bloodpatch.exe
UT2003_bloodpatch.exe
AquaNox2 Crack.exe
NBA2003_crack.exe
FIFA2003 crack.exe
C&C Generals_crack.exe
UT2003_keygen.exe
UT2003_no cd (crack).exe
Age of Empires 2 crack.exe
Anno 1503_crack.exe
C&C Renegade_crack.exe
Diablo 2 Crack.exe
Gothic 2 licence.exe
GTA 3 Crack.exe
GTA 3 patch (no cd).exe
Hitman_2_no_cd_crack.exe
Mafia_crack.exe
Neverwinter_Nights_licence.exe
NHL 2003 crack.exe
WarCraft_3_crack.exe
Splinter_Cell_Crack.exe
Battlefield1942_keygen.exe
Winamp 3.8.exe
MediaPlayer Update.exe
UT2003_patch.exe
ACDSee 5.5.exe
DivX Video Bundle 6.5.exe
Global DiVX Player 3.0.exe
QuickTime_Pro_Crack.exe
KaZaA Lite (New).exe
iMesh 3.7b (beta).exe
iMesh 3.6.exe
KaZaA Hack 2.5.0.exe
DirectDVD 5.0.exe
Flash MX crack (trial).exe
Ad-aware 6.5.exe
WinZip 9.0b.exe
SmartFTP 2.0.0.exe
ICQ Lite (new).exe
ICQ Pro 2003b (new beta).exe
ICQ Pro 2003a.exe
AOL Instant Messenger.exe
Download Accelerator Plus 6.1.exe
Trillian 0.85 (free).exe
MSN Messenger 5.2.exe
Network Cable e ADSL Speed 2.0.5.exe
mIRC 6.40.exe
GetRight 5.0a.exe
Pop-Up Stopper 3.5.exe
Yahoo Messenger 6.0.exe
KaZaA Speedup 3.6.exe
Nero Burning ROM crack.exe
WindowBlinds 4.0.exe
Animated Screen 7.0b.exe
Living Waterfalls 1.3.exe
Matrix Screensaver 1.5.exe
Popup Defender 6.5.exe
Space Invaders 1978.exe
SmartRipper v2.7.exe
TweakAll 3.8.exe
DVD Copy Plus v5.0.exe
Serials 2003 v.8.0 Full.exe
Zelda Classic 2.00.exe
Need 4 Speed crack.exe
Links 2003 Golf game (crack).exe
Netfast 1.8.exe
Guitar Chords Library 5.5.exe
DVD Region-Free 2.3.exe
Cool Edit Pro v2.55.exe
Coffee Cup Free HTML 7.0b.exe
Clone CD 5.0.0.3.exe
Clone CD 5.0.0.3 (crack).exe
Nimo CodecPack (new) 8.0.exe
Business Card Designer Plus 7.9.exe
Steinberg_WaveLab_5_crack.exe
Hot Babes XXX Screen Saver.exe
FreeRAM XP Pro 1.9.exe
IrfanView 4.5.exe
Audiograbber 2.05.exe
WinOnCD 4 PE_crack.exe
Final Fantasy VII XP Patch 1.5.exe
BabeFest 2003 ScreenSaver 1.5.exe
PalTalk 5.01b.exe
DirectX Buster (all versions).exe
DirectX InfoTool.exe
Unreal2_crack.exe
FlashGet 1.5.exe
Babylon 3.50b reg_crack.exe
mp3Trim PRO 2.5.exe


that is what i just found out.