• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 884
  • Last Modified:

How do I eliminate a virus infection that does not allow to open and or to install an antivirus program

Dear Sir:
My problem is that the hard drive of my PC, I think so,  is infected with a virus
that does not allow to open or to install an antivirus program.
When I try to open the avast! antivirus program  it appears the following message:
"D:\Archivos de programa\Alwil Software\Avast\ashAvast.exe is not a valid application Win32"
Please, help me to solve my problem.
Symotom
Monday 17-November 2008  9:17 hs. (gmt - 3)
0
SYMOTOM
Asked:
SYMOTOM
  • 4
  • 4
  • 2
  • +3
4 Solutions
 
jjardineCommented:
You may be able to open the program in safe mode.  When you reboot your computer, try pressing F8 during the bootup process.  just keep pressing it unitl you finally get the screen asking if you want to boot up in safe mode.   Most virus removal will start with this mode.   What symptoms are you seeing?
0
 
johannortjeCommented:
Hi

Try and right click on the Avast installer and go to properties, is there an unblock option?
If so, unblock, and try to install.

Else

I suggest that you download AVG from http://free.avg.com/.

Cheers
0
 
rpggamergirlCommented:

If System Restore is turned on, try rolling back to a date before the infection, see if that helps.

Also try and fix .exe file association, in case it's borked.
http://www.dougknox.com/xp/fileassoc/xp_exe_fix.zip

You can try and remove the infection by downloading either MalwareBytes or Combofix. Rename them before saving the file to your desktop. Show us the logfiles.

1.  Download Malwarebytes' Anti-Malware to your desktop. check for Updates before scanning.
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

 
2.  Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
 
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
torimarCommented:
rpggamergirl:

I see you are linking to 'bleepingcomputer' for downloading ComboFix.
Now, this may only affect me (although it would be strange), but I haven't been able to access any bleepincomputer URL for the past two weeks. Your link doesn't work for me either.

So in case SYMOTOM had the same problem, here's an alternative download location:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
0
 
rpggamergirlCommented:
torimar,
There's nothing wrong with Bleepingcomputer.com site, it's accessable and that combofix link works for me. Maybe your pc has some nasties there blocking it? just kidding :)
There are infections that block MBAM and Combofix download, I know, so it's possible for an infected pc not to be able to download tools, that's why my MBAM link is from download.com
0
 
Mohammed HamadaSenior IT ConsultantCommented:
As rpggamergirl said
All you have to do if you didn't fix anything or didn't try any tools is to restore to earlier date using System Restore....
Then infection will surely go and if there's still you can access your antivirus after you do the restoration.

0
 
SYMOTOMAuthor Commented:
Dear rpggamergirl:
It´s Bagle. As you can see in the attached file, there was three infections in my disk. I booted up from another disk and performed an analisys with Elibagle. It came up with that.
But, I still can´t run Avast! ,the error persists. Do you know some other way to clean up this virus??
Waiting for your reply, I thanks in advance.
Symotom.
Monday 17-November 2008  13:44 hs. (gmt - 3)

SatInfo.jpg
0
 
Mohammed HamadaSenior IT ConsultantCommented:
In my opinion I would suggest that you Uninstall Avast, and reinstall it and perform a bootable scan.
I guess Avast scan computer files before windows log on.
Or try using another Free antivirus Product...... Plus you must use a firewall coz spywares and viruses nowadays are so aggressive.

0
 
SYMOTOMAuthor Commented:
Dear moh10ly:
Please, if possible, explain me  what does it means: "you must use a firewall coz spywares",
Thanks in advance
Symotom
0
 
Mohammed HamadaSenior IT ConsultantCommented:
I meant that you should Try to secure your computer with more Security Softwares and instead of using only Antivirus, Get an internet security Package solution "Kasper Internet Security - Eset Smart Security" and so on..

Incase you wanted to build your own choice of security package go on with Avast antivirus and use Zone Alarm Professional to be more secured.

I hope that has clarified enough what i meant.

0
 
rpggamergirlCommented:
SYMOTOM,
SDFix, Combofix removes bagle infection, but these tools need to be renamed first before saving to your desktop because bagle will just jumps in and stop the tools from running.
With SDFix, you can also download it using another pc and extract it before transfering to the infected pc. Once it's been extracted, bagle then can't stop it from running. And with Combofix you must rename it before saving the file to your desktop.
MalwareBytes also removes bagle (last time I knew it didn't need to be renamed) but who knows maybe bagle have caught up with MBAM as well.
So just renamed the tools before saving to your desktop and let us know how it goes.
Hi moh10ly,
Haven't seen you in awhile, nice to see you again.
0
 
rpggamergirlCommented:
Renaming Combofix or other tools AFTER it has been downloaded will not work. It has to be renamed BEFORE SAVING (before downloading the file) because once it's been downloaded bagle knows it.
0
 
Mohammed HamadaSenior IT ConsultantCommented:
Hi SYMOTOM
Glad that you solve ur problem.

Hi Rpggamergirl
Just got disappointed of the admins on this site.
hope your fine.

0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 4
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now