System restarts automaticaly......

[tdlokesh]

Hi


I have got a new type of virus which restarts the pc within 1 or 2 mins
when any of the exe files is been runned...also the folder name is been
created within the same folder with the file size 10mb.....(not in all
the folders only in the shared folder and in any flash drives).....I m
using symantec corporate edition 10.2 and have tried all the antivirus
and updates for it.....Please help whats the virus....also in the
system32 folder some folder is been created with the name
cmd-bro-jkx.exe,Dxblao.exe.....


--
tdlokesh
------------------------------------------------------------------------
tdlokesh's Profile: http://forums.techarena.in/member.php?userid=35602
View this thread: http://forums.techarena.in/showthread.php?t=857093

http://forums.techarena.in

 

[Malke]

tdlokesh wrote:
> Hi
>
>
> I have got a new type of virus which restarts the pc within 1 or 2 mins
> when any of the exe files is been runned...also the folder name is been
> created within the same folder with the file size 10mb.....(not in all
> the folders only in the shared folder and in any flash drives).....I m
> using symantec corporate edition 10.2 and have tried all the antivirus
> and updates for it.....Please help whats the virus....also in the
> system32 folder some folder is been created with the name
> cmd-bro-jkx.exe,Dxblao.exe.....
>
>

The malware names bring up no hits on Google but this is unsurprising.
There is no way for us to guess which of the thousands of viruses and
malware programs you've picked up.

Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to
do all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html
- download site

The site is in German but David's tool is in English so don't let that
worry you. Scroll all the way down to almost the bottom of the page and
you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".
You'll see "Download von www pctipp.ch" and the live link to download
Multi_AV.

You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the first link above (not here, please).

Not all tools used will work in Vista and you will need to run them
elevated. Since Vista is so new, it will be a while before removal
techniques and tools are developed. If you are unable to remove the
infection by following the general steps, register at one of the
HijackThis forums as suggested.

Standard caveat: If the procedures look too complex - and there is no
shame in admitting this isn't your cup of tea - take the machine to a
professional computer repair shop (not your local version of
BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may
be so infested that Windows will need to be clean-installed. Have all
your data backed up before you take the machine into a shop.


Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User

 

[Faisal [MSFT]]

hi,

its possible that this could be a rootkit. I don't recommend you to trust
your system any more as RootKits are much more sophisticated for anti-virus
software's to be detected. Try something like blacklight from F-secure , it
might help. Else I would recommend you to do fresh rebuild of the system and
fully patch it. try not to run as local administrator to mitigate malware
attacks.

thanks,
Faisal



"tdlokesh" <tdlokesh.30ep3c@DoNotSpam.com> wrote in message
news:tdlokesh.30ep3c@DoNotSpam.com...
>
> Hi
>
>
> I have got a new type of virus which restarts the pc within 1 or 2 mins
> when any of the exe files is been runned...also the folder name is been
> created within the same folder with the file size 10mb.....(not in all
> the folders only in the shared folder and in any flash drives).....I m
> using symantec corporate edition 10.2 and have tried all the antivirus
> and updates for it.....Please help whats the virus....also in the
> system32 folder some folder is been created with the name
> cmd-bro-jkx.exe,Dxblao.exe.....
>
>
> --
> tdlokesh
> ------------------------------------------------------------------------
> tdlokesh's Profile: http://forums.techarena.in/member.php?userid=35602
> View this thread: http://forums.techarena.in/showthread.php?t=857093
>
> http://forums.techarena.in
>

 

[priji]

A suggestion: Check to make sure all your drivers...Video, Sound, MB...are
current, by going to the mfgrs site of each. Also, have you checked in event
viewer for additional information (Ctrl Panel, Perf & Maint, Admin Tools,
Event Viewer). If you find any errors, double click on them one at a time,
and view error report, and there is usually a link to open up for
information, and possible solutions. Also, try going to Start>Run> type
dxdiag , and OK...and view all tabs, and check all tabs for errors, and run
any checks (Tests) available to run in each tab. Also, think of when
problems started...What changes have been made to your system (eg: Hardware
or software added, programs downloaded, etc.). Check memory for errors using
the following program (Save to Floppy when you download it, and boot to
it -make sure BIOS is set to boot from floppy). Troublshooting this type of
issue can be lengthy. Good Luck.