I have a virus similar to Brontok (I think so)

It has a picture of a guy and message as this:

Promosi!!! x 5

Bla bla [insert his message here] bla bla

Masih Single!!!

You can't close it.

File name: Services.exe, jpeg icon.

Folder: OOBE



Is there an easy way to delete it?

I'm still looking for the solutions.

hello, whats ur recommendation for antivirus? which 1 is ok? thanks

hhmm, you can try malwarebytes coz there is another similiar spyware like this, just the different text
if malwarebytes cant fix it, open new thread and ask for help

as for my recommendation, free AntiVirus=avira
paid AntiVirus=kaspersky

Ok, thanks. I'll try that.

Great thread here friend. Very helpful and full of information. Keep it up!

---

Added on January 24, 2010, 2:04 amI personally recommend Avira. But Kaspersky is not bad, if you're willing to pay. Avira is much lighter for your system though.

This post has been edited by d3m0n: Jan 24 2010, 02:04 AM

anyone know how to remove TR/Spy.53248??

Hi kl8610,

Download our Kaspersky Anti-Virus 2010- http://antivirus365.net/products/anti-virus.php
or Kaspersky Internet Security- http://antivirus365.net/products/internet_security.php

It should be able to remove any type of malwares on your PC...

any decent free version portable anti-virus other than Stinger AV and trendmicro sysclean?
the thing is i can't install any AV on my company PC (company policy) but there's a lot of virus in the system.

suggest you to bring to the IT department rather than you try to solve it..

how do i say this
urm
we have an internal av server
but some of the pc in my dept bypass the server through VPN
the vpn pc's is maintained by our dept only (P&C matters)
right now im using sysclean and singer av

I am affected with Zydxc1221.dll but I can't seem to find a free malware/trogen removal. Please help. Millions thanks

Hey guys, i think i hacked by a virus n i cant file it to delete, my kaspersky 2010 cant detect it too.

here is the location that it list:(virus name:patch.exe)
C:\Users\Lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup






here is the error that pop out :



anybody can help me?

This post has been edited by lclylee: Mar 3 2010, 11:57 PM

I'll have a look in it.

• Download OTL to your desktop.
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Check the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

too long ..i try upload wif attachment.

---

Added on March 4, 2010, 4:05 pmthx for ur help

This post has been edited by lclylee: Mar 4 2010, 04:05 PM

Run OTL.exe

• Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
  
  
  CODE
  :OTL
  PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
  O4 - Startup: C:\Users\Lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Patch.exe ()
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]
  
  
• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

And hope it disappears.

THX a lot
it's work!! i go chck my startup list ard, the "patch.exe" had been removed!!

here is the content showed after i reboot my comp:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
C:\Users\Lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Patch.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Lee
->Temp folder emptied: 55010813 bytes
->Temporary Internet Files folder emptied: 148601602 bytes
->FireFox cache emptied: 93575044 bytes
->Flash cache emptied: 52954 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14923333 bytes
RecycleBin emptied: 4511068980 bytes

Total Files Cleaned = 4,600.00 mb


OTL by OldTimer - Version 3.1.33.0 log created on 03042010_215016

Files\Folders moved on Reboot...
File\Folder C:\Users\Lee\AppData\Local\Temp\~DF1D29639413222689.TMP not found!
File\Folder C:\Users\Lee\AppData\Local\Temp\~DF403DA6E012C43398.TMP not found!
File\Folder C:\Users\Lee\AppData\Local\Temp\~DF44A3A56915BFAFA9.TMP not found!
File\Folder C:\Users\Lee\AppData\Local\Temp\~DF515314D054D257B9.TMP not found!
File\Folder C:\Users\Lee\AppData\Local\Temp\~DFC923FB8AA1599A6B.TMP not found!
File\Folder C:\Users\Lee\AppData\Local\Temp\~DFF38F1EAF11CF03C7.TMP not found!
C:\Users\Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OA0BDLL5\index[2].htm moved successfully.
C:\Users\Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LUIWZZKC\adframe[4].htm moved successfully.
C:\Users\Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IKUG2LAX\ads[1].htm moved successfully.
C:\Users\Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DYU1MEIW\ads[1].htm moved successfully.
C:\Users\Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

Registry entries deleted on Reboot...

i'm using kaspersky internet security. yesterday, it detected a file k1d.exe containing a trojan-gamethief.win32.magania.cxkx. kaspersky is updated, but it cant delete the trojan. can anyone help me to get rid of this trojan? kaspersky keep reporting about detecting the virus, trying to remove it and cant remove it, over and over and over..

btw, today i install avg free without uninstalling kaspersky. for about 2-3 hours, it seems fine coz kaspersky didnt report about the trojan. after that, it come out again...very annoying..pls help..

report the virus to kaspersky official website lo...den thy ll fix it asap.

Hi there!
I would like to ask if any of you who are using Windows XP have this file "WMSysPr9.prx" in your windows folder?
I have tried googling but found some confusing answers.
So, is it a malware worm or just an ordinary file?

http://www.prevx.com/filenames/X3584158549...SYSPR9.PRX.html

you always can upload the file at here :
http://virusscan.jotti.org/