system
1
I just got a warning Win32:Brontok-CE (Wrm), and in the action column it says “Move to Chest”. My question: does it mean the virus is being isolated already and not need me to worry to infect my other files or programs? or its only saying is being qarantine for a temporary and i still need to do something about it? Because the warning now keep popping up every 7 minutes and its getting annoying. :-\ :-\
many thanks
ngn
system
2
Forgot to mention, it says the file name that being infected is my C:\Users\hp\documents\In\In.exe and C:\Users\hp\documents\Out\Out.exe
It seems i got this virus from my colleague’s flashdisk.
thanks
system
3
Hi
Download DDS and save it to your Desktop from here:
http://download.bleepingcomputer.com/sUBs/dds.scr
Double click dds.scr to run the tool.
* When done, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt
Save both reports to your desktop.
Attach log reports (DDS.txt) back to topic.
system
4
hi argus,
mmmm the report is very long, u want me to post all in here?
Pondus
5
lower left corner > Additional Options > Attach ( log )
system
6
thanks pondus for ur reply, but i cant attach the txt file that i have save. Dont know why, it doesnt appear when i want to attach.
Pondus
7
upload file(s) to mediafire ( http://www.mediafire.com/ )and post the link here
system
8
thanks again pondus. now i can upload direct to here. I realized just before i run the DSS under sandbox; once i change to “open normally”; then it can be saved. 
system
9
Download the OTM on the Desktop.
http://oldtimer.geekstogo.com/OTM.exe
Double-click the Start OTM.exe
The (left) window (below the Paste Instructions for Items to be Moved) Copy everything inside the field code:
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JP595IR86O"=-
:files
C:\Users\hp\AppData\Local\Temp\Ahg.exe
:commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
Click MoveIt!
After rebooting the system, logfile will automatically open in Notepad.
It is necessary to merge the contents of the log on the forum.
system
10
dear argus or pondus,
here is the result (see attachment)
system
12
yes argus. after i run OTM, the problem still occured. It still creating that kind of virus. eg: filename.exe
what should i do?
system
13
to argus:
sorry i forgot to restart ;D . I will restart first, and see the results.
thanks
system
14
ngn
Re run DDS
Save both reports to your desktop.
Attach log reports (DDS.txt) back to topic.
system
15
dear argus,
after i restart, it seems the brontok warning already gone now. 
but why now is abit slow when i turn it on my laptop?
many thanx :
system
16
Download The Avenger to the desktop.
http://swandog46.geekstogo.com/avenger2/download.php
Unpacks the archive into a folder
Double-click the Start [b]avenger.exe[/b]
Copy the text contained within the Code field in the (white) window:
Drivers to delete:
Tdxnus
Click Execute and then Yes in the next two windows will open
The computer will restart (in some cases, two times) and will begin the process of cleaning / scanning
Once the process is completed, the logfile C: \ avenger.txt will open in Notepad
Copy the contents obtained the logo in the topic on the forum.
system
17
hi argus,
i did as you said. but it came with a window saying: the driver can not be found
system
18
now is a bit better, it doesnt take much time to start my windows.
when i start my laptop and has opened the windows, default is no desktop but is opening my library. How to change become desktop?
many thanks.
system
19
Thats quite intresting you would get something like Brontok, Brontok is quite a old threat, but I guess old malware writers know the new tricks now.