How do I eliminate a virus infection that does not allow to open and or to install an antivirus program

Dear Sir:
My problem is that the hard drive of my PC, I think so,  is infected with a virus
that does not allow to open or to install an antivirus program.
When I try to open the avast! antivirus program  it appears the following message:
"D:\Archivos de programa\Alwil Software\Avast\ashAvast.exe is not a valid application Win32"
Please, help me to solve my problem.
Monday 17-November 2008  9:17 hs. (gmt - 3)
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You may be able to open the program in safe mode.  When you reboot your computer, try pressing F8 during the bootup process.  just keep pressing it unitl you finally get the screen asking if you want to boot up in safe mode.   Most virus removal will start with this mode.   What symptoms are you seeing?

Try and right click on the Avast installer and go to properties, is there an unblock option?
If so, unblock, and try to install.


I suggest that you download AVG from


If System Restore is turned on, try rolling back to a date before the infection, see if that helps.

Also try and fix .exe file association, in case it's borked.

You can try and remove the infection by downloading either MalwareBytes or Combofix. Rename them before saving the file to your desktop. Show us the logfiles.

1.  Download Malwarebytes' Anti-Malware to your desktop. check for Updates before scanning.

2.  Please download ComboFix by sUBs:

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Webinar: Cyber Crime Becomes Big Business

The rising threat of malware-as-a-service is not one to be overlooked. Malware-as-a-service is growing and easily purchased from a full-service cyber-criminal store in a “Virus Depot” fashion. Join us in our upcoming webinar as we discuss how to best defend against these attacks!


I see you are linking to 'bleepingcomputer' for downloading ComboFix.
Now, this may only affect me (although it would be strange), but I haven't been able to access any bleepincomputer URL for the past two weeks. Your link doesn't work for me either.

So in case SYMOTOM had the same problem, here's an alternative download location:
There's nothing wrong with site, it's accessable and that combofix link works for me. Maybe your pc has some nasties there blocking it? just kidding :)
There are infections that block MBAM and Combofix download, I know, so it's possible for an infected pc not to be able to download tools, that's why my MBAM link is from
Mohammed HamadaSenior IT ConsultantCommented:
As rpggamergirl said
All you have to do if you didn't fix anything or didn't try any tools is to restore to earlier date using System Restore....
Then infection will surely go and if there's still you can access your antivirus after you do the restoration.

SYMOTOMAuthor Commented:
Dear rpggamergirl:
It´s Bagle. As you can see in the attached file, there was three infections in my disk. I booted up from another disk and performed an analisys with Elibagle. It came up with that.
But, I still can´t run Avast! ,the error persists. Do you know some other way to clean up this virus??
Waiting for your reply, I thanks in advance.
Monday 17-November 2008  13:44 hs. (gmt - 3)

Mohammed HamadaSenior IT ConsultantCommented:
In my opinion I would suggest that you Uninstall Avast, and reinstall it and perform a bootable scan.
I guess Avast scan computer files before windows log on.
Or try using another Free antivirus Product...... Plus you must use a firewall coz spywares and viruses nowadays are so aggressive.

SYMOTOMAuthor Commented:
Dear moh10ly:
Please, if possible, explain me  what does it means: "you must use a firewall coz spywares",
Thanks in advance
Mohammed HamadaSenior IT ConsultantCommented:
I meant that you should Try to secure your computer with more Security Softwares and instead of using only Antivirus, Get an internet security Package solution "Kasper Internet Security - Eset Smart Security" and so on..

Incase you wanted to build your own choice of security package go on with Avast antivirus and use Zone Alarm Professional to be more secured.

I hope that has clarified enough what i meant.

SDFix, Combofix removes bagle infection, but these tools need to be renamed first before saving to your desktop because bagle will just jumps in and stop the tools from running.
With SDFix, you can also download it using another pc and extract it before transfering to the infected pc. Once it's been extracted, bagle then can't stop it from running. And with Combofix you must rename it before saving the file to your desktop.
MalwareBytes also removes bagle (last time I knew it didn't need to be renamed) but who knows maybe bagle have caught up with MBAM as well.
So just renamed the tools before saving to your desktop and let us know how it goes.
Hi moh10ly,
Haven't seen you in awhile, nice to see you again.
Renaming Combofix or other tools AFTER it has been downloaded will not work. It has to be renamed BEFORE SAVING (before downloading the file) because once it's been downloaded bagle knows it.
Mohammed HamadaSenior IT ConsultantCommented:
Glad that you solve ur problem.

Hi Rpggamergirl
Just got disappointed of the admins on this site.
hope your fine.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.