I am infected with Beagle-AAW and Rootkit-Gen! Help please!

I download an executable file (. EXE) to emule, and when I download my warnings came as 5 reported that he had found the virus, and so on. and I delete all, the location is in the WINDOWS folder and file Syrosa. Once “eliminated” I thought that they no longer had the virus, but restarts, and when it came to uncertain windows, I came out 2 notices: One is saying that he had found the Beagle-AAW and another notice that said it had been found Rootkit-Gen

How can I remove these malware? Although I don 't trust too much and could be one of 1000000 false positives of avast!

This shows that avast! is not good enough against viruses and Trojans strong, and this should improve in the new avast! 5, is URGENT!

thanks for your help

Hi…

Here are some free programs that might help you get rid of this infection…

Online scans…

http://housecall65.trendmicro.com/

http://www.bitdefender.com/scan8/ie.html

Please be sure to have the most recent version of java installed on your system.

Separate anti-malware programs…

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

http://www.f-secure.com/security_center/

(This is for Blacklight, an rootkit scanning program. You will find it at the bottom of the page.)

I also recommend SpywareBlaster…

http://www.javacoolsoftware.com/sbdownload.html

Also, you should turn off system restore (and then turn it back on if you desire.)

Please let is know the results… :slight_smile:

Best Regards…

Yeah, thanks for the tools, but I repeat

This can not be like that, avast! must be able to eliminate these viruses, I hope you take this into account and that avast! in the new version 5, is capable of eliminating these viruses and traces, the virus itself,

Thank you and respond to what they think about this

Hi…

Your title said you wanted help so that’s what I did. I do not have any control how the program is written or engineered. ::slight_smile:

Best Regards…

Of course we all want avast to find and eliminate ALL threats :), but sometimes you just need to use other software (like ardvark mention) to clean your computer.

The avast version introduced a self-defence module and that has provided good protection against many viruses that go after the AV and firewall applications. However there is a new variant of beagle that can disable avast.

Not the actual version of avast wont make the slightest difference to detections as that the the province of the virus signatures and that is constantly being improved and for that they require samples of the virus file.

Now, from all your protestations (a more than slight over exaggeration of 1 million FPs) and information re detections avast has been getting on top of the majority of this problem, but hasn’t found what is launching the rootkits found on the anti-rootkit scan. However there hasn’t been a single shred of information of the file name and locations, etc. and that helps us to help you.

Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections.

Also for the rootkit scan log, see C:\Program Files\Alwil Software\Avast4\DATA\log\aswAr.log

I appreciate your are angry, but don’t lets lose sight of the fact we are trying to help (and who clicked the .exe file).

Also see, anti-rootkit, detection, removal & protection http://www.antirootkit.com/software/index.htm. Try these as they are some of the more efficient and user friendly anti-rootkit tools.

Don’t forget if something is found, before deleting it try to capture a sample into the avast chest.
Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and undetected malware in the subject.

Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already there) where it can do no harm and send it from there (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest. A copy of the file/s will remain in the original location, so any further action you take can remove that.