bNETCommando.exe and bKernelMain.exe

  • Bluedemon
  • Novice
  • Novice
  • Bluedemon
  • Posts: 30

Post 3+ Months Ago

So, recently I've noticed that I have a process running called "bNETCommando.exe" and another which links to it "bKernelMain.exe', when doing a search for bKernelMain.exe, all I found was this article: http://pchelpguide.eu/infected-with-microsoft-commando

Every time I try to end both process tree's, they come back usually within the minute. When trying to delete the files, it says they are no longer located in the system32 folder, but really, they still are.

Is this some type of malware or is it nothing to be worried about?
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • FrankDuda
  • Born
  • Born
  • FrankDuda
  • Posts: 1

Post 3+ Months Ago

Do not worry about it. bNetCommando is a package installed by your rental company to keep you from installing additional antivirus software packages. Rental/Lease company's have to repair all the computers they rent/lease so they get tired of fixing issues when a user loads a 'so called' antivirus package or a free one like a trial version. Then when the trial expires the computer is NOT protected causing them repair issues. Therefore, they install a FULL antivirus package for you and lock out the trial version of others using Commando.

Typically, they install Microsoft Security and then install Commando. Microsoft Commando will then flag other antivirus/malware as malware to keep you from installing something else. They may also block lime-wire or P2P programs known to cause harm.

I know because I use to work for a rental company and we installed CA antivirus which we paid for (had a corporate license) just to have the customer take it home and think that installing a Free Trial of Norton was a good idea. Of course the trial period would expire and soon the customer was bringing it back in for repair because they were loaded with viruses. So, we bought bNetCommando and it cut our support calls by over 90%.

Anyway, be happy you have it as it's a very expensive commercial package.

Frank
  • Dustrun
  • Born
  • Born
  • Dustrun
  • Posts: 2

Post 3+ Months Ago

I know ways to defeat the bNETCommando.exe, bKernelMain.exe, bKernelSecurity.exe and bSecurityCrypt.exe.
First thing is to block rtorental[dot]com so the computer can't send IP and location updates to the server/rental company.
Then find windows fix it to force remove Microsoft Security. then get a stronger security program like Comodo Internet Security, update and then block the processes from running and they'll never run again.

I've seen the processes send info to ws5[dot]rtorental[dot]com everytime the computer would start, to me it looks like SPYWARE.

Another way is to just format the drive and reinstall windows from a DVD and use the activation key on the back of the computer, it's easy to do with a laptop.
  • Dustrun
  • Born
  • Born
  • Dustrun
  • Posts: 2

Post 3+ Months Ago

(UPDATE)
I know ways to defeat the bNETCommando.exe, bKernelMain.exe, bKernelSecurity.exe and bSecurityCrypt.exe.

I found more information on a way to delete these files permanently.
First you will need a USB stick/Flash Drive and download Ubuntu, Insert a USB stick with at least 2GB of free space, and stall ubuntu on it.
You can find all the instructions on ubuntu's website.
Then reboot your computer from the USB stick and once ubuntu is up and running open your hard drive from there and find the files in "c:\windows\system32\" bNETCommando.exe, bKernelMain.exe, bKernelSecurity.exe, bSecurityCrypt.exe and bCNGKeyLock.exe and just delete them, thats it very easy and fast then reboot your computer back in windows and the files will be gone permanently.

Post Information

  • Total Posts in this topic: 4 posts
  • Users browsing this forum: No registered users and 60 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.