Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Virus Attack - EXE Infection & AV Disabled

  • Please log in to reply
No replies to this topic

#1 LeinadChee


  • Members
  • 2 posts
  • Local time:08:47 AM

Posted 04 November 2008 - 02:18 AM

Recently I am unable to start up Windows Live Messenger and my Antivirus software Avast appears to also fail during start up as well. Upon inspecting the services, I noticed that all Avast services were disabled. Any attempts to activate the antivirus services were unsuccessful.

When I attempt to manually execute the Avast Antivirus program, I received an error saying it is not a valid Win32 program.

When I attempt to execute Windows Live Messenger, the mouse pointer briefly shows it as busy and then nothing happens. Skype however seems to be working fine.
I still have internet access and managed to restore Live Messenger through a reinstall attempt.

I was also unable to perform system restore.

Windows Firewall and Windows Update are also being disabled and any attempts to conduct a Windows Update will fail when downloading any updates. I received the following message when attempting to access Windows Firewall though Control Panel "Windows Firewalls settings cannot be displayed because the associated service is not running. Do you want to start the Windows Firewall/Internet Connection Sharing (ICS) service?" Windows Firewall has been set to startup and turned on previously.

Any attempts to run anti-rootkit tools such as Panda Anti-RootKit was also unsuccessful, system stalled when attempting to execute the program or even trying to access the file.

I tried installing HijackThis v1.9.9.1, but upon executing the program received the error "HijackThis.exe is not a valid Win32 application". Was only able to grab log using v2.

I have also attempted to conduct online virus scanning with Kaspersky and BitDefender, but both terminated prematurely with errors regarding requirement to be online to successfully download virus definitions. Reinstalling Avast met without success, antivirus was able to install without issues but unable to load up displaying same error regarding "ashAvast.exe is not a valid Win32 application".

Tried to restart Windows in Safe Mode, but encountered blue screen error message stating Windows encountered a problem and advise to conduct virus scans and checks.

I have try to source the Internet on possible virus symptoms and came up with a possible lead on Trojan-Downloader.Win32.Bagle.aeq. Avast did not report any virus intrusion during last stable system state.

Any advice or assistance will be greatly appreciated as my only alternative is a costly reformat.

Thank you.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users