I decide to test how protected I am!!
I paused avast! web shield and standard shield and download a virus sample from TheSerials.com (infected) web site, run it as administartor and wait to see what would happen, and then run avast! again, now I am infected, after a scan with avast, avast found these:

Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Users\Omid Farhang\AppData\Local\Temp\VRTD280.tmp” file.
Sign of “Win32:JunkPoly [Cryp]” has been found in “D:\Desktop\microsoft_office__enterprise.exe” file.
Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Users\Omid Farhang\AppData\Local\Temp\VRTF6ED.tmp” file.
Sign of “Win32:Vitro” has been found in “C:\Windows\System32\conime.exe” file.
Sign of “Win32:Vitro” has been found in “C:\Windows\System32\dllhost.exe” file.
Sign of “Win32:Vitro” has been found in “C:\Windows\System32\cacls.exe” file.
Sign of “Win32:Vitro” has been found in “C:\Windows\System32\msdtc.exe” file.
Sign of “Win32:Vitro” has been found in “C:\Windows\System32\SearchFilterHost.exe” file.
Sign of “Win32:Vitro” has been found in “C:\Windows\System32\SearchProtocolHost.exe” file.
Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Windows\Temp\VRT48B2.tmp” file.
Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Windows\Temp\VRT8813.tmp” file.
Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Windows\Temp\VRT30CF.tmp” file.
Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Windows\Temp\VRT698C.tmp” file.
Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Windows\Temp\VRTA15E.tmp” file.
Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Windows\Temp\VRT4B92.tmp” file.
Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Windows\Temp\VRT5996.tmp” file.

I watched and found suspicion transfer in these place:
TCP and HTTP to/from these IP using these process:
WMIPRVSE.EXE WMI Provider Host
WINLOGON.EXE Windows Logon Application
211.95.79.6
218.93.205.24

after every send/recieve to these bad IP, avast! found a new “Win32:Trojan-gen {Other}” in “C:\Windows\Temp\VRTXXXX.tmp”

ok, and now after scan with MBAM, SAS and avast I could not find anything, only normal process with their usual command line are running in my computer, I would post my hijackthis log now in the reply

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:20:43 AM, on 3/31/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Windows\VM305_STI.EXE
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Toshiba\Utilities\VolControl.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Foxmarks\IE Extension\foxmarkssync.exe
C:\Users\Omid Farhang\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Malwarebytes’ Anti-Malware\mbamgui.exe
C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe
C:\Windows\Explorer.exe
D:\Downloads\TrendMicro\HijackThis™\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.live.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM..\Run: [PSQLLauncher] “C:\Program Files\Protector Suite QL\launcher.exe” /startup
O4 - HKLM..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM..\Run: [BigDog305] C:\Windows\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM..\Run: [OutpostFeedBack] “C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe” /dump:os_startup
O4 - HKLM..\Run: [Babylon Client] C:\PROGRAM FILES\Babylon\BABYLON-PRO\Babylon.exe -AutoStart
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\PROGRAM FILES\COMMON FILES\Adobe\CS4SERVICEMANAGER\CS4SERVICEMANAGER.EXE -launchedbylogin

O4 - HKLM..\Run: [TOSHIBA Volume Indicator] C:\PROGRAM FILES\Toshiba\UTILITIES\VOLCONTROL.EXE
O4 - HKLM..\Run: [Malwarebytes’ Anti-Malware] “C:\Program Files\Malwarebytes’ Anti-Malware\mbamgui.exe” /starttray
O4 - HKCU..\Run: [SRS Audio Sandbox] “C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe” /hideme
O4 - HKCU..\Run: [RoboForm] “C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe”
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU..\Run: [Foxmarks] C:\Program Files\Foxmarks\IE Extension\foxmarkssync.exe -q
O4 - HKCU..\Run: [Google Update] C:\Users\OMID FARHANG\AppData\Local\Google\Update\GOOGLEUPDATE.EXE /c
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\PROGRAM FILES\DAEMON TOOLS LITE\daemon.exe -autorun
O4 - HKCU..\Run: [Auslogics BoostSpeed 4] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKUS\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra ‘Tools’ menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra ‘Tools’ menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra ‘Tools’ menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Foxmarks\IE Extension\foxmarksdll.dll (HKCU)
O9 - Extra ‘Tools’ menuitem: Foxmarks Favorites Synchronizer… - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Foxmarks\IE Extension\foxmarksdll.dll (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @comres.dll,-947 (COMSysApp) - Unknown owner - C:\Windows\system32\dllhost.exe (file missing)
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes’ Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

–
End of file - 12866 bytes

now I’ve blocked these IP and did not get any more alert by avast!, but, still those 2 process are trying to connect to those IP server in China and IP are blocked and they cannot:
211.95.79.6
218.93.205.24

Well, you like to live dangerous… ;D
Why don’t you use vmware virtual environments to test?

because I like to risk and see and feel them in real action, I want to feel their real impact on system performance and actions in real, not in a virtual…

I hope you don’t have that much to lose… documents and data, in this particular computer…
In fact, the impact or infection in virtual will be the same as in real… just that you can backup (take a shot) of the system and have it clean back in 10 seconds…

anyway now I’m infected and I got one more alert now, and don’t know where to look for the source of this alerts!!!

3/31/2009 3:56:00 AM - System - 1828 (ashServ.exe) - Sign of “Win32:Vitro” has been found in “C:\Windows\System32\msfeedssync.exe” file.

Well vitro is an alias for virut which is a virulent .exe file infecter so your lucky to get away with so few infected files.

ok! now my system is clean, but with a clean install of my windows now…! avast killed my windows!!

the file logonUI.exe got infected and avast! could not clean it and delete that…! I could not back to windows after reboot and I decide to re-install windows instead repair…

No, lets get that straight, ‘you’ killed your windows but infecting it deliberately with a virulent .exe file infecter. One that had you checked the forums has resulted in virtually all ending up formatting and starting again.

As I said in my last post:

Well vitro is an alias for virut which is a virulent .exe file infecter so your lucky to get away with so few infected files.

So it looks like you weren’t so lucky as it continued infecting files.

If you are going to take these risks then you really need to get your back-up and recovery strategy bullet proof first. Had you used hard disk imaging software and taken a disk image before, when everything fell down, you could have restored the hard disk image to did before the experiment. That would probably have taken 20-30 minutes tops to have your system as it was.

Or use VMware or some other virtual environment, but you chose not to do that, you could just as easily have seen this work in a virtual environment.

So I repeat again, avast didn’t kill your system ‘you’ did by starting the experiment in the first place.

ok! DavidR, I Killed my system, so, now a few questions:

1. What should do VRDB Generator? should not it get back up from important files like logonUI.exe and…?

2. should not a good antivirus be able to Repair infected files?

3. that virus was working and has his own risk, but it did not removed any files, it was avast! that delete my system files because of their infections, so, now who caused problem? virus or my antivirus?

4. an antivirus should be able to clean a infected system, did avast that for me?

This is not a chicken and egg problem:
you deactivated Avast and deliberately infected ¨yourself¨

1. the VRDB only protects certain files, you would have to have run the VRDB prior to infection, whilst that may be one of them, it would have the same problems in repairing a file as in point 2 below. If the VRDB covered the file, e.g. included in a VRDB generation prior to infection, then the Repair button on detection would be available (and a repair can be attempted), otherwise the repair option would be greyed out.

2. there are many viruses that encrypt their infection and change the infection for each file that they infect, some are now using two levels of encryption to prevent repair. the vitro, virut, etc. are particularly virulent. So you have to give avast a fighting chance to block/detect it before it gets established and disabling avast allows it to get established and once established you are on a losing battle.

3. avast didn’t delete your files, it detects the infected file and alerts you to it, ‘you’ chose what action to take, move to chest, delete, etc. so ‘you’ make the choice and avast carries it out.

4. notes 1&2 are the same for this, when you weight the battle against your AV by disabling it and then deliberately infecting your system doesn’t give the AV a fighting chance. So in this case I’m afraid you reap what you sow.

VRDB should backup all important system files, should not it? avast! should keep system able to boot

I used repair button, when I clicked on that avast went for repairing and then told me it could not repair and I had not any other else than move to chest and delete…

ok! everything that I say you would say I did it with my system! you don’t want to accept/believe avast! could not clean my system…

it’s not bad to know main virus.exe file that i ran in my system was detected as “Clean” file by avast

The problem is not the backup, but the restoration at boot time… why would help having a backup that you can’t restore (due to Windows limitations)?

Not all the files could be repaired, not all the virus damages allow reparation.

antivirus are thought to be protective and not for reparation, it must prevent, not essentially cure.

@Tech: Thanks for response. are you agree with any of my points?

I really don’t know exactly what files are covered by the VRDB, but it isn’t a back-up as in a copy of the file or the size of the VRDB database would be huge as it keeps three generations of the database. It retains only enough information to try and repair the file.

However, as I have said infections that use encryption that changes is trying to combat the ability of any AV to repair it and that doesn’t apply just to avast. The VRDB function was when introduced a very useful tool but that use with the development of malware is limited and as far as I’m aware from avast 5 the VRDB won’t be continued.

It has nothing to do with not accepting what you did or didn’t do, by disabling avast to start with you didn’t test the anti-viruses ability to protect you in the first place and once infected by one of the most virulent file infecters that has resulted in many having to format and reinstall and that isn’t just avast users all you need to do is check the various anti-malware sites to see that.

You don’t seem to want to accept that what you did was plainly stupid, sorry, but I have no other words for it.

Not, unfortunately, not.
I won’t test the security of a system the hard way you’ve taken. I’d rather use backups and keep my security programs on and updated. There will be always a way to circumvent the protection, there will be always a non-detectable malware… that does not worry me as I won’t have contact with such malware. I don’t want to work with possibilities (or sense of security). I’d rather have a plan to work effectively on protection and restoration… Talking about this, time to make backups this afternoon

i’m lolling still right now

Omid, you made my day after a shitty (sorry ;D) calculus midterm! ;D