Abs.Net web Page

Share Your Knowledge, Build your Network..

jwgkvsq.vmx, stubborn virus that can't be easily defeated (PEBRUARY 2009 VIRUS)

Posted by absnet on 18 February 2009

I’ve just got virus in my computer. It’s autorun.inf kind, but different with other autorun.inf, this file actually executable file. Together with it, as usual, a file hide in recycler. It’s name is a little weird: jwgkvsq.vmx. If you found it in your recyler, take a very careful action :


You don’t want to know it. This virus is networking virus. On my computer, when i unplug my network cable, nothing happens, but when I plug it, well, a 100% svchost.exe process make my computer run very slow. This is true. Don’t get infected. It’s need 1 minute delay to open a program. Isn’t it crazy? (my computer spec: pentium 4 – 1.4 GHz, 256, HP). I was check my automatic running program using autoruns but found nothing suspected. When I unplug network cable, my windows normal again.

Dig Deeper

Diggin’ in internet (although not straightly), i found very long and boring explanation about this file. I decide not to handle it manually (be realistic, this is out of your control!). This virus is new. It’s data definition December, 30, 2008. So, be ready with this virus. 

It’s name is Conflicker.

How To Handle it?


I’ve told you to to kill your autorun. If so, use your total Commander to see that virus, and delete it without mercy. You don’t need to know them, and you don’t want to.


I give you two alternatives to remove this stubborn virus :

1. Manually delete

  1. Download this package
  2. Unzip the package, and run fixdownandup.exe
  3. Confirm delete the viruses found
  4. Run WindowsXP_KB.exe in your package
  5. Restart your computer
  6. Kill your autorun (see before you infected above)
  7. If you use WinXP home edition, gpedit is not available, please install gpedit package included in this bundle ( I don’t know another tools for WinXP Home, all my tools is not effective, it’s mean that your autorun still run. Maybe you should change Professional edition) (edited: March, 19, 2009)
  8. Install antivirus. McAfee is good, AVAST can be an alternative.
  9. Always open your flash disk using Total Commander first (included in this bundle). After you sure that it’s clear, you can use MS Explorer.


So, it’s the time for our AVAST BART PE in action. In case you have download avast boot, jump to step 3

  1. Download the zip file here
  2. Unzip and burn it to a blank CD using a program like Nero burning or such
  3. Set your infected computer boot order  to boot on CDROM 
  4. Enter your AVAST Bart PE to your CD ROM
  5. Scan with Avast and you caught your bad file
  6. Confirm deletion and restart by removing your CDROM Disk

3. Using Indonesian PCMAV Express (added March 18, 2009)

This Conflicker scanner is the fastest  scanner i found.


One Response to “jwgkvsq.vmx, stubborn virus that can't be easily defeated (PEBRUARY 2009 VIRUS)”

  1. TukKaTa said

    Thank for your articles.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: