Hi

 

 

I have got a new type of virus which restarts the pc within 1 or 2 mins

when any of the exe files is been runned...also the folder name is been

created within the same folder with the file size 10mb.....(not in all

the folders only in the shared folder and in any flash drives).....I m

using symantec corporate edition 10.2 and have tried all the antivirus

and updates for it.....Please help whats the virus....also in the

system32 folder some folder is been created with the name

cmd-bro-jkx.exe,Dxblao.exe.....

 

 

--

tdlokesh

------------------------------------------------------------------------

tdlokesh's Profile: http://forums.techarena.in/member.php?userid=35602

View this thread: http://forums.techarena.in/showthread.php?t=857093

 

http://forums.techarena.in

tdlokesh wrote:

> Hi

>

>

> I have got a new type of virus which restarts the pc within 1 or 2 mins

> when any of the exe files is been runned...also the folder name is been

> created within the same folder with the file size 10mb.....(not in all

> the folders only in the shared folder and in any flash drives).....I m

> using symantec corporate edition 10.2 and have tried all the antivirus

> and updates for it.....Please help whats the virus....also in the

> system32 folder some folder is been created with the name

> cmd-bro-jkx.exe,Dxblao.exe.....

>

>

 

The malware names bring up no hits on Google but this is unsurprising.

There is no way for us to guess which of the thousands of viruses and

malware programs you've picked up.

 

Go through these general malware removal steps systematically -

http://www.elephantboycomputers.com/page2.html#Removing_Malware

 

Include scanning with David Lipman's Multi_AV and follow instructions to

do all scans in Safe Mode. Please see the special Notes regarding using

Multi_AV in Vista.

 

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions

http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html

- download site

 

The site is in German but David's tool is in English so don't let that

worry you. Scroll all the way down to almost the bottom of the page and

you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".

You'll see "Download von www pctipp.ch" and the live link to download

Multi_AV.

 

You can also check to see if there are targeted removal steps for your

malware here:

Bleeping Computer removal how-to's -

http://www.bleepingcomputer.com/forums/forum55.html

 

When all else fails, run HijackThis and post your log in one of the

specialty forums listed at the first link above (not here, please).

 

Not all tools used will work in Vista and you will need to run them

elevated. Since Vista is so new, it will be a while before removal

techniques and tools are developed. If you are unable to remove the

infection by following the general steps, register at one of the

HijackThis forums as suggested.

 

Standard caveat: If the procedures look too complex - and there is no

shame in admitting this isn't your cup of tea - take the machine to a

professional computer repair shop (not your local version of

BigComputerStore/GeekSquad). Please be aware that not all local shops

are skilled at removing malware and even if they are, your computer may

be so infested that Windows will need to be clean-installed. Have all

your data backed up before you take the machine into a shop.

 

 

Malke

--

Elephant Boy Computers

http://www.elephantboycomputers.com

"Don't Panic!"

MS-MVP Windows - Shell/User

hi,

 

its possible that this could be a rootkit. I don't recommend you to trust

your system any more as RootKits are much more sophisticated for anti-virus

software's to be detected. Try something like blacklight from F-secure , it

might help. Else I would recommend you to do fresh rebuild of the system and

fully patch it. try not to run as local administrator to mitigate malware

attacks.

 

thanks,

Faisal

 

 

 

"tdlokesh" wrote in message

news:tdlokesh.30ep3c@DoNotSpam.com...

>

> Hi

>

>

> I have got a new type of virus which restarts the pc within 1 or 2 mins

> when any of the exe files is been runned...also the folder name is been

> created within the same folder with the file size 10mb.....(not in all

> the folders only in the shared folder and in any flash drives).....I m

> using symantec corporate edition 10.2 and have tried all the antivirus

> and updates for it.....Please help whats the virus....also in the

> system32 folder some folder is been created with the name

> cmd-bro-jkx.exe,Dxblao.exe.....

>

>

> --

> tdlokesh

> ------------------------------------------------------------------------

> tdlokesh's Profile: http://forums.techarena.in/member.php?userid=35602

> View this thread: http://forums.techarena.in/showthread.php?t=857093

>

> http://forums.techarena.in

>

A suggestion: Check to make sure all your drivers...Video, Sound, MB...are

current, by going to the mfgrs site of each. Also, have you checked in event

viewer for additional information (Ctrl Panel, Perf & Maint, Admin Tools,

Event Viewer). If you find any errors, double click on them one at a time,

and view error report, and there is usually a link to open up for

information, and possible solutions. Also, try going to Start>Run> type

dxdiag , and OK...and view all tabs, and check all tabs for errors, and run

any checks (Tests) available to run in each tab. Also, think of when

problems started...What changes have been made to your system (eg: Hardware

or software added, programs downloaded, etc.). Check memory for errors using

the following program (Save to Floppy when you download it, and boot to

it -make sure BIOS is set to boot from floppy). Troublshooting this type of

issue can be lengthy. Good Luck.