Author Topic: Win32SysPatch  (Read 3236 times)

0 Members and 1 Guest are viewing this topic.

Offline rdraper9

  • Newbie
  • *
  • Posts: 2
« on: January 30, 2009, 11:48:27 PM »
Type Virus/Worm
Aliases Backdoor.Zapinit, Win32/Pruserinf,, Trojan.Win32.Patched.dr, Win32/Pinit
Platform Windows
Known locations %WINDIR%\system32

Win32:SysPatch injects the user32.dll file with its own data and forces it to load malicious DLLs. These DLLs are intended to collect network traffic data and are able to control locally running processes from a remote machine and to download/send data through an open backdoor.

avast! with VPS file 081222-0 or later is able to detect this family of malware. For the removal instructions please visit our forums.

CANNOT move or repair.  Sometimes when I am running application they just disappear.  What can I do to get rid of this problem?

Offline micky77

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1048
  • Trust no program
Re: Win32SysPatch
« Reply #1 on: January 31, 2009, 12:04:38 AM »
You could try Drweb cureit tool.Have a look at the link,some claim the tool removed the threat.I think, you need to scan in safe mode.
« Last Edit: January 31, 2009, 12:08:55 AM by micky77 »
I ‚ô• Sandboxie

Offline rdraper9

  • Newbie
  • *
  • Posts: 2
Re: Win32SysPatch
« Reply #2 on: February 02, 2009, 05:55:32 PM »
Thanks - I did run drwebb - and it did find and cure the problem. 

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 83355
  • No support PMs thanks
Re: Win32SysPatch
« Reply #3 on: February 02, 2009, 06:32:46 PM »
Thanks for the feedback, welcome to the forums.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro