I accidently installed a program that should be something else but when installed it closed the avast. I chosed no to let it do so but it did anyway and now even if i reinstall avast even with a clean install i get the msg that the anvil bla bla isnt a compatible windows file.
However before i tried to open the infected file i tried to scan the zip file with no detection but anyway now im infected and cannot find any solution to get rid of this i thing its a w32/bagle dont know exactly what this is or how it works.
But it would be nice if i could get an email adress where i could send this virus to get some support to get rid of it and avast database could detect this lamer made virus.
Sorry for the word use but that is what it is that ppl is working on something to make others life missrable, just 1 word for this kinda ppl “LOWLIFES” >:(
There is a variant of beagle that can get by the avast self-defence and many other AVs. This is frequently protected by a rootkit, see below.
Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and undetected malware in the subject.
Or you can also add the file to the User Files (File, Add) section of the avast chest where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.
Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.
Also see, anti-rootkit, detection, removal & protection http://www.antirootkit.com/software/index.htm. Try these as they are some of the more efficient and user friendly anti-rootkit tools.
Done sent with email since avast is tottaly knocked out.
Well i will try to find a solution to get rid of it, i havent tried to safe boot yet but i can suspect that this might also ruined the safe boot. like beagle did once.
I think the program was supposed to be subdowloader2 i downloaded from the internet. after hearing it should be a good program to get subtitles. i cannot go into the history to find where it was found since while trying to scan pc with the tools given above, all the scan prg’s i tried to start didnt start with the error that is wasnt a system32 file and after a 4 hours of not successfull online check i decided to reboot the pc resulting in blue screen on boot up, same with safe mode so now i will try to make a boot disc with usb disc and backup important files, but is there any risk that it can infect the new system if not actiavated with a exe?
By the way after virus hit avast i didnt type any password for my msn messenger but somehow the password i used was changed and before the full crash another pc tried to open my messenger but how is this possible when i didnt use my keyboard to type in password.?
this somehow worries me because my internet banking was also in this same pc.
You’ve been seriously compromised.
I would look at changing all passwords, and inform the bank.
If there is a MS procedure for dealing with stolen messenger passwords (like there is for a compromised hotmail account) I’d do that. (I don’t know, I have never used any IM program.)
This was probably some kind of trojan or worm. Once it’s on your machine, it appeared it had full access. Given that, I think there is probably not much risk in transferring known file over. Trojans aren’t like viruses, that replicate, although they do create and download new files. (The trojan horse cargo, hence the name.)
Telling you this program was good (whoever did this) is a bit like giving you the number of a girl with hiv.
Or this is a good program and it was downloaded from somewhere dodgy, where it was first tampered with. Read about this all the time. edit maybe you should consider not installing/trialling unknown software on the computer you do your banking on.
Yea youre right but the program should be harmless it should be a 30 day trial version of subdownloader 2 but however it showed out to be a virus and in attemt to install windows to a usb disc wasnt so succesfull i get the blue screen error stop 0x0000007b microsoft knowledge base is attempting to that the bootsector either infected or corrupted so now im trying to install to another harddrive that is inside pc so far no problem but i was wondering to make a clean install also for bootsector how should i proceed? do i need to format all harddrives inside the pc? i have 4 harddisk filled with pictures and important stuff like cam movies from hollydays and stuff.
or is it just enough to partition my original harddisk where virus was and make a format?
otherwise i need to invest in 2 new usb disc and make backups there before i can format all the 4 harddisk that is 512gb each.
And yea it was a good work from the lamer. I still think ppl around the world is using alot of good brain to make damage and nothing usefull. Otherwise we would not need virusscanners would we? Or maybe we would make some good helpfull programs than trying to protect our pc’s
I’m sorry, I just don’t know enough to offer the type of advice that I can guarantee.
But consider the possibility of making a boot anti-virus disk that might do some good.
My feeling is that your movies and pics should be OK, but I just don’t know for sure. (In case it is not obvious, you should not connect that machine to the net.)
So far i did this c: drive containst the boot.ini so i guess the bootroot is on this drive(correct me if wrong)
i managed to install windows on f: drive backing files to e: drive from d: which the infected windows was on. i later started new windows install and deleted d: partitiom formated and re-installed the windows here removed the secondary boot from boot.ini so 2 windows dosent show up at start.
I tried many anti root kit scans all shows clean.
I didnt try to install any virus scanners yet since i wanna install avast but then again avast dosent recognize this w32.bagel yet dont know how long that will take and i dont know what virus scanners i can use to get rid of any leftovers from this without getting problem “well i had some problems removing some anti virus prgrams after installing them” no names but i just wanna make sure there is nothing hidden on c: or root that can give up my passwords later on.
Btw how much diffrence is there between home and pro version of avast? do pro has more protection against such files or is it the same.?
I can answer the last question: The signatures and cleaning are the same in both the home and pro versions. The additional features offered in the pro include script blocking, and the ability to schedule scans + automatically select in advance the action to be taken.
I don’t think either of these additional features would have prevented this problem in your case, as it was a downloaded file rather than infected site/drive by, from what I can gather.
Not that I’d try to put you off buying the pro.
I don’t know what detects this. Unfortunately you never got to submit the main .exe ( I guess; if you still have it, it would be a good idea.) So all I can suggest is to be careful downloading anything, and get yourself MBAM http://www.malwarebytes.org/mbam.php, which is a very good demand antispyware. Scan anything you download with it before running it.
hope it can save me next time lol