Probably a bagle infection

Hello.

I think my computer is infected by a bagle virus. It shows some distinctive features - antivirus softwares are detected as an invalid win32 application, internet operations are slowed significantly and scanning with antivirus software is being interrupted and halted.

I've come across FindyKill on this forum, hoping it will succeed in removing it (Kaspersky's Rescue Disc failed - two times in a row computer switched off automatically while it was being scanned, which was odd for me).

At first I scanned it, but the report didn't show much ( I reckoned there was an infected folder - temporary internet files, which filled me with hope ). The deletion took quite a bit of time and I thought it eredicated it completely, but antivirus software still gives an error when I try to install it, so I think is still sits there somewhere.

I'm looking forward for your reply, hoping to solve this case.

Many thanks,
Luke

View attachment FindyKill.txt
View attachment FindyKill_after_deletion.txt

 

Hello again!

At first I didn't read the READ ME, so now I am posting all the logs you recquire from each of the scanning tools. I'm sorry for the inconvenience and since the problems I mentioned still appear, I'm looking forward for your reply.

Many thanks,
Luke

 

I think, that the machine is in normal starting mode, I haven't changed it so it should be fine (if not, could you please guide me how to do it and how to use msconfig?)

Yes, Avast is installed and it is running, but when it scans the system is stops suddenly and I can never finish the full scan. Also, when I try to start the installer of Kaspersky, it gives me the "is not a valid win32 application" error and the installer won't start, which is odd for me.

And lastly, lightshot is a small app to quickly do screenshots and automatically send it to a hosting service. It was installed deliberately, so it's not a PUP.

If the problem about avast and kaspersky sounds suspicious (in my opinion it does), I'll be glad to hear some advice on deling with it.

Thanks in advance.
Luke

 

I'm a little concerned about removing avast. If I uninstall it and my computer is still infected, won't the virus block me from installing antivirus software?

And also, I'm worried that all system scans performed by avast and Kaspersky Rescue CD were interrupted at some point. Do you think it's a virus infection problem or Windows is somehow corrupted?

 

Hello again.

Sorry for inconvieniences, I've realized, that the Kaspersky antivirus couldn't be installed becaused it was downloaded incorrectly, hence the "not a valid win32 app" error occurred... Sorry for not checking wheter it was downloaded correctly and posted misjudged conclucions.

I went on with the installation of Kaspersky - it removed avast completely and installed itself. I went through the full system scan, as well as rootkit scan. One Trojan was found and was removed, rest of the system was clean according to the scan.

I think it may be clear now, but after the scan, when I logged on two days ago, I got an error trying to access My Documents. It said "access denied" but I managed to access the folder going from C:/ manually. It happened only once so I'm wondering whether it was just a one time thing, or it is some clue, that the infection may be still occuring.

Thanks again for you reply!

Yours,
Luke

 

Ah, forgot to post it here...

I've done the last steps. I appreciate your help and patience very much, af far as I see it, I don't see any more suspicious behaviour, so I assume it is clear, for now.

Again, thank you very much for help!

My Regards,
Luke