Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: ozconductor on September 09, 2008, 09:43:25 PM
-
I recently had my computer reconfigured after a virus. I installed Avast to protect against viruses. Now I can't open Avast... it says 'not a valid win32 application'. I try to uninstall and it says 'setiface error 2'. Tried to uninstall with the removal program and it says that Avast is protected and can't be removed. I can't get into Avast at all, can't uninstall or update. I tried to start the computer in safe mode to use the removal program and it will not let me, I can only start it in normal mode. Can someone help? I'm lost... ???
-
I recently had my computer reconfigured after a virus. I installed Avast to protect against viruses. Now I can't open Avast... it says 'not a valid win32 application'.
Your system is still infected, this is the clue (at least to me) 'not a valid win32 application' so I don't know who cleaned up/reconfigured, see below.
I try to uninstall and it says 'setiface error 2'. Tried to uninstall with the removal program and it says that Avast is protected and can't be removed. I can't get into Avast at all, can't uninstall or update.
The setiface error I guess is also related to the 'not a valid win32 application' error you got.
I tried to start the computer in safe mode to use the removal program and it will not let me, I can only start it in normal mode. Can someone help? I'm lost... ???
This is also a sign of infection stopping you get into safe mode to deal with infection.
- How to restore Safe Boot.
The malware may have deleted the SafeBoot registry keys.
Here are some options to restore them:
http://didierstevens.wordpress.com/2006/06/26/restoring-safeboot/ (http://didierstevens.wordpress.com/2006/06/26/restoring-safeboot/)
http://didierstevens.wordpress.com/2007/02/19/restoring-safe-mode-with-a-reg-file/ (http://didierstevens.wordpress.com/2007/02/19/restoring-safe-mode-with-a-reg-file/)
Also see http://forum.avast.com/index.php?topic=26554.msg216924#msg216924 (http://forum.avast.com/index.php?topic=26554.msg216924#msg216924)
avast! Rootkit Scan - Windows Start, Run and copy and paste this command (including the quotes, assumes that you installed avast in the default location) "C:\Program Files\Alwil Software\Avast4\ashQuick.exe" "<RTK>SUPERQUICK" and click OK.
From above, possible rootkit:
This is most likely a rootkit variant called Beagle or Bagel.
Also see, anti-rootkit, detection, removal & protection http://www.antirootkit.com/software/index.htm (http://www.antirootkit.com/software/index.htm). Try these as they are some of the more efficient and user friendly anti-rootkit tools.
- Panda Rootkit Cleaner - http://research.pandasoftware.com/blogs/images/AntiRootkit.zip (http://research.pandasoftware.com/blogs/images/AntiRootkit.zip).
- Trend Micro RootkitBuster - http://www.trendmicro.com/download/rbuster.asp (http://www.trendmicro.com/download/rbuster.asp)
- F-Secure Blacklight may not always be available, http://www.f-secure.com/blacklight (http://www.f-secure.com/blacklight)
-
I suggest full computer on-line scanning before trying to repair avast installation:
Kaspersky (http://www.kaspersky.com/virusscanner) (very good detection rates)
ESET NOD32 (http://www.eset.com/onlinescan/)
Trendmicro housecall (http://www.trendmicro.com/hc_intro/default.asp)
F-Secure (http://support.f-secure.com/enu/home/ols.shtml)
BitDefender (http://www.bitdefender.com/scan8/ie.html) (free removal of the malware)
-
I agree. Better yet, use Dr. Web CureIt (http://www.freedrweb.com/cureit/) (on-demand only).