In the last days using the computer I noticed that my Avast icons disappeared from my task bar without a reason.
Also some of the windows services do not function like wireless access. For this and other reasons I tried to restore my system from earlier date but the system do not make the restore for any dates.
I ran the Repair function from the win CD and now all the services are OK, but after I reinstalled the Avast antivirus, I noticed that ALL THE EXE FILES FROM AVAST (located in C:\Program Files\Alwil Software\Avast4 disappeared from the directory.
Also I tried to run other on line antivirus services but they crashed before they finish.
Try these and if they find any thing then try a repair of avast. Add Remove programs, select ‘avast! Anti-Virus,’ click the Change/Remove button and scroll down to Repair, click next and follow. If that doesn’t work you may need to reinstall avast (uninstall, reboot, install, reboot.).
i think its a trojan, considering the effects. most trojans and some script virus hides the .exe files, like what happened in my system a few days ago. i cant execute run, the taskbar (ctrl,alt,del) and system restore it also disables most of the administrator priviledges.
using the repair installation of avast and uninstalling it again i think will do the trick. but if some of your o.s services are not fully operational i think it might be the result of moving the infected file (quarantine) instead of using repair especially if the infected file is the .exe or some missing dll’s.
if you tried online scanners and they can’t do the job before its done I think your system is infected by a script virus that prevents any program from accesing the file system (deadlock= prevents a file from being accessed if its currently being used). if you can access your taskmanager try searching for a script that’s running or go to msconfig and go to startup and see if there are any startup programs that looks malicious (different or the path of the file doesnt make any sense usually composed of ascii characters thats unreadable) just disable it restart and see what happens. if you have updated you avast virus database and can’t remedy your system you might have to wait for a while for another update to fixed the virus. sorry
we have to understand that there is no such thing as a perfect antivirus software thats the reason why software evolves it has to constantly update the engine or its database to be effective) and dont expect a lot from free softwares, i do believe most of the best ones in life doesnt comes for free! hehehe
dont get me wrong im also using home… pro is expensive for most of us…I think.
I follow the instructions from DavidR and ran the F-Secure Blacklight Rootkit and found the following 10 SUPER Hidden files infected by WIN32-BEAGLE-WF (I think):
[b]
Blank.txt
Empty.txt
Filters.xml
hidr.exe
news.png
paint.png
Sample1.jpg
Sample2.jpg
srosa.sys
wintems.exe
Then I’m was able to reinstall the Avast Antivirus and now all is working fine.
Thanks a lot for all of you, especially to DavidR to give me the idea & experience to resolve my problem.
I know I didn’t mention it (I didn’t want to give too many instructions), but when you are hit by things like this it is difficult not to just get rid of things. If you had saved samples of these files or added them to the User Files section of the avast chest (where they can do no harm) then they could have been sent to avast for analysis. Hopefully there won’t be a next time, but something to consider.
If you still detecting strange behaviors or you want to be sure you’re clean, maybe making a HijackThis log to post here and, specially, scan and submit to on-line analysis the RunScanner log would help to identify the problem and the solution.
