[Hexbolts]

I was playing around on the Internet when I really should be sleeping (doesn't it always happen at the worst times?!) when I was in a website I frequent a lot and I received an alert from AVG 2014 Resident Shield about a virus, Win32/PEPatch, and it asked me if I wanted AVG to protect me or ignore the threat; so I chose protect me of course. Now, I know this isn't over just yet so I looked on the Internet and apparently this is a pretty nasty virus and accordingly to a blog post (from four years ago) it's not as easy to deal with as just asking AVG to protect me. So what should I do now? I'm running a full scan on AVG right now (and so far it hasn't found anything) and I plan on running a scan on Malwarebytes after that, but I'm really scared of losing everything (as the blog post claims it does). Please help me.

I'm running Windows 7 Home Premium 64-bit. I haven't experienced any strange behavior from my computer. I don't know if I should attach anything just yet, but I attached a screen capture of the information I get from the vault on AVG in case that helps.

The scans are done now, AVG found nothing and Malwarebytes detected four threats but these were unrelated to Win32/PEPatch, they're 2 PUP.Optional.Installex and 2 PUP.Optional.OpenCandy; the first two and one of the opencandy are on AppData\Local\Temp so I'm assuming these are safe to remove? and the other one is daemon tools lite 4454-0316 which I don't really need, even if I've had it since 2012 and I've run many malwarebytes scans without having any problems with that file.

Should I assume my computer is safe or should I still run a OTL scan?

Attached Thumbnails

• 

Edited by Hexbolts, 31 October 2013 - 11:43 AM.

[Advertisements]

Hi Hexbolts and welcome at GeekstoGo!

I'm crooleeck and I'll try to help you. But first please notice that I'm not limitless, I'm not familiar with all software, I don't know everything. However, it has taken me years to learn what I know. I would be glad to help you.

Fight against malware is NOT instantaneous, most infections require several courses of action to completely eradicate. It's also time-consuming, so be patient! We all like to know final result, so if you have since resolved the issues you were originally experiencing, or have received help elsewhere, please post.

Note:

• Please watch this topic
• Do exactly - step by step - what I wish for. Don't be afraid! If there's anything you don't understand, stop and ask!
• Please don't run unsupervised tools or fix on your own without my direction - it can be dangerous
• You must reply within 3 days or your topic will be closed

Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue.

Step 1:
OTL
OTL is currently our primary tool for searching key areas of the registry and other system locations for the telltale signs of malware. It generates a comprehensive log, and offers an initial diagnosis.

• Download OTL to your desktop.
• Double click on the OTL icon to run it.
  
  Make sure all other windows are closed and to let it run uninterrupted.
• Select: options:
  
  • All users.
  • 64-bit scan if appears.
  • Under Extra registry select Use SafeList
  • LOP Check
  • Purity Check
    
• Under the Custom Scan box paste this in:

  netsvcs
  BASESERVICES
  %SYSTEMDRIVE%\*.exe
  /md5start
  services.*
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  winsock.*
  /md5stop
  CREATERESTOREPOINT

• Click the Run scan button.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and paste them into your reply.


Step 2:

• Download aswMBR to your desktop.
• Double click the aswMBR.exe to run it.
• Agreed to update.
• Click the Scan button to start scan.
  
  
  
• On completion of the scan click Save log, save it to your desktop and post in your next reply

[crooleeck]

Hi Hexbolts and welcome at GeekstoGo!

I'm crooleeck and I'll try to help you. But first please notice that I'm not limitless, I'm not familiar with all software, I don't know everything. However, it has taken me years to learn what I know. I would be glad to help you.

Fight against malware is NOT instantaneous, most infections require several courses of action to completely eradicate. It's also time-consuming, so be patient! We all like to know final result, so if you have since resolved the issues you were originally experiencing, or have received help elsewhere, please post.

Note:

• Please watch this topic
• Do exactly - step by step - what I wish for. Don't be afraid! If there's anything you don't understand, stop and ask!
• Please don't run unsupervised tools or fix on your own without my direction - it can be dangerous
• You must reply within 3 days or your topic will be closed

Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue.

Step 1:
OTL
OTL is currently our primary tool for searching key areas of the registry and other system locations for the telltale signs of malware. It generates a comprehensive log, and offers an initial diagnosis.

• Download OTL to your desktop.
• Double click on the OTL icon to run it.
  
  Make sure all other windows are closed and to let it run uninterrupted.
• Select: options:
  
  • All users.
  • 64-bit scan if appears.
  • Under Extra registry select Use SafeList
  • LOP Check
  • Purity Check
    
• Under the Custom Scan box paste this in:

  netsvcs
  BASESERVICES
  %SYSTEMDRIVE%\*.exe
  /md5start
  services.*
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  winsock.*
  /md5stop
  CREATERESTOREPOINT

• Click the Run scan button.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and paste them into your reply.


Step 2:

• Download aswMBR to your desktop.
• Double click the aswMBR.exe to run it.
• Agreed to update.
• Click the Scan button to start scan.
  
  
  
• On completion of the scan click Save log, save it to your desktop and post in your next reply

[Essexboy]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.