Please help: Win.32.Patcher.ak?

Yesterdy night I was running my weekly ‘boot-time scan’ as I always do for safety, about 5 minutes into the scan, in the recycle bin, I found a file called Win.32.Patcher.ak. So I did some googling and found out this was an extremely dangerous virus and had to be removed immediately. I have no idea where I got it from, besides that, when I found the virus I did ‘Fix automatically’ then when I got on my PC deleted it from the quarentine. I was still a bit scared about this virus, so I wanted to know if Avast! was enough to remove this virus completely, in the reboot scan I found nothing other than this virus. I have no history of the virus as I deleted it. Thanks! :slight_smile:

Hi :slight_smile:

https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Please also download the attached file named zoekscript and save it to your desktop. Both tools have to be in the same location!
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

[*]Drag and drop zoekscript onto the
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon:

https://sites.google.com/site/cannedfixes/zoek/51dd31d8563a6-output_TD9fmK.gif.pagespeed.ce.IOHNtq2KMh.gif

[*]You will be prompted that you should never take a script that was meant not for this computer - please click Yes.
[*]Wait patiently until the program will load itself and scan, it may take a couple of minutes or so.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Don’t forget to re-enable your switched-off protection software!

https://sites.google.com/site/cannedfixes/gmer/gmericon.png
Scan with Gmer

This type of scan often produces false positives. At any point do not take any action for any suspicious entries you may see there. Instead post the log to be analyzed.

Please download GMER by Gmer and save the file to your desktop.
It will come as a randomly named file (like a6ge38b4.exe) - that’s absolutely normal.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
If you are a user of CD emulation software (like Daemon Tools or Alcohol) also disable it for the cleaning process - instructions here.

[*]Right-click on randomly named
https://sites.google.com/site/cannedfixes/gmer/gmericon.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[*]It is very important that you do not use your computer while Gmer is running!
[*]Gmer will open to the Rootkit/Malware tab and perform an automatic quick scan.
[*]If you receive a warning about rootkit activity and are asked to fully scan your system click NO!

When the pre-scan is completed, please do the following:

[*]Please check in the Quick scan box.
[*]Please uncheck the IAT/EAT and Show All.
[*]Click Scan.
[*]If you see a rootkit warning window click OK.
[*]When the scan is finished, Save the results to your desktop as gmer.log.

Please include the content of this file in your next reply.
Don’t forget to re-enable previously switched-off protection software!

http://forum.programosy.pl/images/smilies/icon_idea.gif
If you encounter any problems, try running GMER in Safe Mode.

http://forum.programosy.pl/images/smilies/icon_idea.gif
If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning.

Yesterdy night I was running my weekly 'boot-time scan' as I always do for safety, about 5 minutes into the scan, in the[b] recycle bin,[/b]
i guess you could have just emptied the bin ..... or am i wrong Naathim ?

avast! 2014: Scheduling a Boot-time scan http://www.avast.com/en-eu/faq.php?article=AVKB132#artTitle

[b] Important:[/b] Please be advised, that the[b] Boot-time scan[/b] is an[b] advanced[/b] and purposeful feature designed to be used only when there’s something bad going on the system, and usually takes some time before it finishes. That's why it cannot be scheduled to run every time the computer starts, but as needed only.

Sometimes it works… and sometimes not ;D
For example there is a ZeroAccess variant that is loaded from the RecycleBin. And no, cleaning the RecycleBin is not enough then :wink:

We shall see :slight_smile:

What I’m asking is: Is deleting the virus enough to stop it from affecting my computer?

What I'm asking is: Is deleting the virus enough to stop it from affecting my computer?
if you follow Naathims instructions, he will find out if it was ;)

This is Avast! forums, surely avast! should have the capability? :?

Let’s be honest. If you want to have a 100% secure machine, then unplug it from internet, and never plug it again. And destroy USB ports there also… And of couse never plug any USB drive or insert any floppy or CD again.

I offer you my volunteered time to check if there’s something nasty lurking.

no security program have 100% detection … and when removing they often leave leftover files
so running those diagnostic tools Naathim requests will show if any leftovers are there …
and i bet he will find some additional crap that should be removed :wink:

there is no danger running these tools, removal team use them here evry day … but it is your computer so !

OK, ill check it out.

As soon as i downloaded it, Avast! detected it as Malware

happens evry day with all the tools used here :wink:
right click avast tray icon and pause shields