How do  I  eliminate a virus infection that does not allow to open and or to install an antivirus program

Posted on 2008-11-17
Last Modified: 2013-11-22
Dear Sir:
My problem is that the hard drive of my PC, I think so,  is infected with a virus
that does not allow to open or to install an antivirus program.
When I try to open the avast! antivirus program  it appears the following message:
"D:\Archivos de programa\Alwil Software\Avast\ashAvast.exe is not a valid application Win32"
Please, help me to solve my problem.
Monday 17-November 2008  9:17 hs. (gmt - 3)
Question by:SYMOTOM
    LVL 14

    Assisted Solution

    You may be able to open the program in safe mode.  When you reboot your computer, try pressing F8 during the bootup process.  just keep pressing it unitl you finally get the screen asking if you want to boot up in safe mode.   Most virus removal will start with this mode.   What symptoms are you seeing?
    LVL 5

    Assisted Solution


    Try and right click on the Avast installer and go to properties, is there an unblock option?
    If so, unblock, and try to install.


    I suggest that you download AVG from

    LVL 47

    Accepted Solution


    If System Restore is turned on, try rolling back to a date before the infection, see if that helps.

    Also try and fix .exe file association, in case it's borked.

    You can try and remove the infection by downloading either MalwareBytes or Combofix. Rename them before saving the file to your desktop. Show us the logfiles.

    1.  Download Malwarebytes' Anti-Malware to your desktop. check for Updates before scanning.

    2.  Please download ComboFix by sUBs:

    You must download it to and run it from your Desktop
    Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
    Double click combofix.exe & follow the prompts.
    When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
    Re-enable all the programs that were disabled during the running of ComboFix..

    Do not mouse-click combofix's window while it is running. That may cause it to stall.
    CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    LVL 35

    Expert Comment


    I see you are linking to 'bleepingcomputer' for downloading ComboFix.
    Now, this may only affect me (although it would be strange), but I haven't been able to access any bleepincomputer URL for the past two weeks. Your link doesn't work for me either.

    So in case SYMOTOM had the same problem, here's an alternative download location:
    LVL 47

    Expert Comment

    There's nothing wrong with site, it's accessable and that combofix link works for me. Maybe your pc has some nasties there blocking it? just kidding :)
    There are infections that block MBAM and Combofix download, I know, so it's possible for an infected pc not to be able to download tools, that's why my MBAM link is from
    LVL 23

    Assisted Solution

    by:Mohammed Hamada
    As rpggamergirl said
    All you have to do if you didn't fix anything or didn't try any tools is to restore to earlier date using System Restore....
    Then infection will surely go and if there's still you can access your antivirus after you do the restoration.


    Author Comment

    Dear rpggamergirl:
    It´s Bagle. As you can see in the attached file, there was three infections in my disk. I booted up from another disk and performed an analisys with Elibagle. It came up with that.
    But, I still can´t run Avast! ,the error persists. Do you know some other way to clean up this virus??
    Waiting for your reply, I thanks in advance.
    Monday 17-November 2008  13:44 hs. (gmt - 3)

    LVL 23

    Expert Comment

    by:Mohammed Hamada
    In my opinion I would suggest that you Uninstall Avast, and reinstall it and perform a bootable scan.
    I guess Avast scan computer files before windows log on.
    Or try using another Free antivirus Product...... Plus you must use a firewall coz spywares and viruses nowadays are so aggressive.


    Author Comment

    Dear moh10ly:
    Please, if possible, explain me  what does it means: "you must use a firewall coz spywares",
    Thanks in advance
    LVL 23

    Expert Comment

    by:Mohammed Hamada
    I meant that you should Try to secure your computer with more Security Softwares and instead of using only Antivirus, Get an internet security Package solution "Kasper Internet Security - Eset Smart Security" and so on..

    Incase you wanted to build your own choice of security package go on with Avast antivirus and use Zone Alarm Professional to be more secured.

    I hope that has clarified enough what i meant.

    LVL 47

    Expert Comment

    SDFix, Combofix removes bagle infection, but these tools need to be renamed first before saving to your desktop because bagle will just jumps in and stop the tools from running.
    With SDFix, you can also download it using another pc and extract it before transfering to the infected pc. Once it's been extracted, bagle then can't stop it from running. And with Combofix you must rename it before saving the file to your desktop.
    MalwareBytes also removes bagle (last time I knew it didn't need to be renamed) but who knows maybe bagle have caught up with MBAM as well.
    So just renamed the tools before saving to your desktop and let us know how it goes.
    Hi moh10ly,
    Haven't seen you in awhile, nice to see you again.
    LVL 47

    Expert Comment

    Renaming Combofix or other tools AFTER it has been downloaded will not work. It has to be renamed BEFORE SAVING (before downloading the file) because once it's been downloaded bagle knows it.
    LVL 23

    Expert Comment

    by:Mohammed Hamada
    Glad that you solve ur problem.

    Hi Rpggamergirl
    Just got disappointed of the admins on this site.
    hope your fine.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Suggested Solutions

    Title # Comments Views Activity
    End Point Protection 11 57
    Norton Blue Screen 11 73
    Can we get infected by copying & pasting 6 53
    How to handle Ransom ware 23 56
    As more computers now shipped with 64-bit version of Windows, more users are now using this Operating System.  So it's important to be aware how some 32-bit diagnostic tool works on these systems, so we know what to expect when analyzing the logs an…
    By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now