I have been using Avast Home several months ago. It works fine, but yesterday mi PC has been infected by Beagle-AAW and a Rootkit (srosa.sys, hldrrr.exe and mdelk.exe). I couldn’t restore the system at a time before the infection. Also, my hidden files dissapeared and I could’t boot in safe mode because my registry was changed
I think all the system works again. I have used also Elibagla 11.41, I have installed Avast4.8 and used Antirootkit 0.9.6.
Today I have seen a hidden file in my USB memory called nideiect.com . Of course, I scanned it with Avast but nothing happend (no detection). I deleted the file and searched information by the web.
I know nideiect.com is a virus and the question is Why Avasta doesn’t detect it???
Just the manual removal instructions for this:
Removing the ntde1ect.com and autorun.inf files
There is a trojan/virus (either the Win32/Pacex virus or the Win32/PSW.Agent.NDP trojan) that uses those two files. Here is how you can get rid of them:
Open up Task Manager (Ctrl-Alt-Del)
If wscript.exe is running, end it.
If explorer.exe is running, end it.
Open up “File | New Task (Run)” in the Task manager
Run cmd
Run the following command on all your drives by replacing c:\ with other drives in turn (note: if you have autorun.inf files that you think you need to backup, do so now):
del c:\autorun.* /f /a /s /q
Go to your Windows\System32 directory by typing cd c:\windows\system32
Type dir /a avp*.*
If you see any files names avp0.dll or avpo.exe or avp0.exe, use the following commands to delete each of them:
attrib -r -s -h avpo.exe
del avpo.exe
Use the Task Manager’s Run command to fire up regedit
Navigate to HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run (as usual, take a backup of your registry before touching it!)
If there are any entries for avpo.exe, delete them.
Do a complete search of your registry for ntde1ect.com and delete any entries you find.
What version of avast did you have, the latest is 4.8.1201 and the 4.8 builds included self-defence and that version of beagle shouldn’t have been able to disable avast. Now you have 4.8 it should be much harder to disable avast, though not impossible as one forum member has found.
FreewheelinFrank. Unfornutately, I deleted the file named nideiect.com .
When I was infected by Beagle last week I had a previous Avast version (4.7 I think). Avast detected the virus several times and each time I demand Avast to delete the file. At one moment, the virus tried to stop Avast and dialog screen appeared saying something confusing. I didn’t remember exactily but itwas something like “Avast will be stop, Are you sure do you want…??” and two options Yes and No. I chossed No but I think it was too late.
The Beagle is very easy to find. If you conect to Emule and search for Bytewedge (a program that theoretically permits to import RS232 directily to Excel), almost all the results given by Emule are infected with Beagle. There are zips with two files.
Also, if you search at Emule for another similar program called COMxLRS232C_1.zip you will find a virus that is not detected by Avast
In all manners I had been reading in the web and there are a lot of webs were Avast is considered a very good antivirus. For me is secure and fast and perhaps I will upgrade to Professional Edition.
With respect to the two posted Bagle variants, it’s very strange that they were not detected by most of the popular AV. And it is also strange because it seems that the two variants sended were the same but in any cases were not detected by the same Avs. …
Definetively virustotal.com is a little bit crazy. I have made the following probe:
I remember that I have two files with virus in a DVD backup copy. Now, I have scanned it again with Avast. The results have been Win32:Agent-PBF[trj] for one file and Win32:Bifrose-BOM[trj] for the other.
Scan taken on 25 May 2008 18:29:31 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found Win32:Agent-PBF
AVG Antivirus Found nothing
BitDefender Found Backdoor.Generic.41182
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found W32/Backdoor.AEJT
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
The conclusion is that Avast has found the Win32:Agent-PBF and there are a lot of other AV that found nothing.
But it’s true that Avast cannot find the Bagle variant that infected my PC, at least at the moment… Neither nideiect.com
I have a problem with a file called nideiect which i spotted on my usb drive. I’d like to know what are the effects of this virus on my computer …because I cannot run any antivirus program whatsoever …it gives the error “it is not a Win32 valid application” or i cannot even install such a program because i have the error that “a …sys file cannot be created”. Please help me javascript:void(0);
Embarrassed