Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Got This Virus...


  • Please log in to reply
7 replies to this topic

#1 NHFTech

NHFTech

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:19 PM

Posted 19 January 2006 - 04:40 AM

I dont know where this virus come from... by a searching through google sembako-cfzjkmg.exe is a w32/brontok-m, that is a worm. i use avast 4.6.744 with definition vps 0603-3. Anybody please tell me how this worm infected to my pc and what antivirus can remove this virus. Scan with avast it found nothing.
Also this virus make my processor usage 100%.

please help me...

sory for my broken english.. cause i'm from malaysia

WindowsXP Pro SP2
RAM 256

BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:07:19 AM

Posted 19 January 2006 - 09:40 AM

If Avast didn't find it - how do you know that you have it?

Was it a pop-up telling you about it (if so, they probably wanted money to fix it!)?

Here's a link to a description of the program and removal instructions: http://www.bleepingcomputer.com/startups/s....exe-13961.html
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 NHFTech

NHFTech
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:19 PM

Posted 19 January 2006 - 12:16 PM

thanks for that question.. after that i reset my pc and goes to safe mode then i press CTRL+ALT+DEL and task manager comeout.. suddently i saw a "sembako-cfzjkmg.exe" is execute than its missing from the task manager. i try to run msconfig to disable it... but the pc is restart automatically... tq for your reply

#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:07:19 AM

Posted 19 January 2006 - 04:17 PM

I believe that Avast should have found and quarantined this virus. Have you updated your antivirus definitions? Once that's done, please perform a complete system scan with Avast to see if it finds it. You can also try to scan your system online with this free online scan (requires Internet Explorer): http://housecall.trendmicro.com/

It's disturbing that the file disappeared in Task Manager like that - it indicates to me that the infection may still be active.

Did you try the removal instructions that were in the link in my last post? Did it work?
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 NHFTech

NHFTech
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:19 PM

Posted 20 January 2006 - 06:35 AM

I have schedule boot time scan provide by avast antivirus with 0603-3, 01/18/06 and i also tick scan archive files to scan my pc, but the virus could not be found. I doesnot try the removal instruction cause i believe the avast antivirus will update the definition today, but still doesnot have update from avast. If avast doesnot update its definition i will try the removal instruction.

Sorry for broken English..

#6 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:07:19 AM

Posted 20 January 2006 - 10:46 AM

No problem with your English - I've got lot's of experience communicating with people from all over the world (25 years in the US Army), so it's easy for me. :thumbsup:

And, FWIW, your English is actually quite understandable!
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#7 NHFTech

NHFTech
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:19 PM

Posted 21 January 2006 - 07:59 AM

Scan with avast still disappointed. I also try avg 7 free, antivir free and bitdefender free version but this all antivirus does not find anything. I also scan my pc with online scan provide by trendmicro and windows live safety center but still cannot find the virus. I have follow your instruction to remove this worm but still failed. After that i click at "Description: Added by the W32/Brontok-M worm." That "w32/brontok-m" link to sophos virus summary and i decided to buy this product and finally scan with Sophos Antivirus 5.13 found 764 W32/Brontok family and quarantine it. At that time i was so suprise to know this powerful antivirus Thanks Usasma for provide me that link. Now my pc is free from this virus. TQ for your help

#8 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:07:19 AM

Posted 23 January 2006 - 10:38 AM

I'm glad that you managed to "kill" it! :thumbsup:

Sophos is a good antivirus program. But, each antivirus program uses different "definitions" to scan for viruses. Also, please only run one antivirus program at a time - they tend to conflict with each other if both are in memory simultaneously.

So, if AVG finds the virus first, it'll be fixed by AVG before the others - same thing applies to Sophos. Also, the methods of fixing it may differ - so that Sophos gets rid of it one way, while Avast gets rid of it another way.

If the fix isn't "complete" you may see strange messages about it on your screen. This is becoming more and more common as viruses become more sophisticated and they have more different types that are merely variations of the basic virus.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users