Avast does not work "exe" missing

HI All,

I had clean my PC from some trojans and Avast Stopped updating. So I uninstalled it and reintall again.

Then the truble started, the icon on the desktop is just white and when I click to start Avast, the “ashavast.exe” file is missing.

I had removed again and install it, but it does not solve the problem. I also removed Avast with the facility from this website, but no news.

I run my PC with Windows XP Pro.

How could I install and make it work again?

Thanks to everyone that can help me.

Cheers,

cdestefani

You probably still have an infection, probably a rootkit on your system that is killing avast.

See http://forum.avast.com/index.php?topic=26554.0
http://forum.avast.com/index.php?topic=25941.0

http://research.pandasoftware.com/blogs/research/archive/2006/12/14/Rootkit-cleaner.aspx
http://www.f-secure.com/blacklight/try_blacklight.html

After running the above rootkit tools if nothing is found try these.
If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode.

  1. IAVG anti-spyware (formerly Ewido). Or SUPERantispyware Or Spyware Terminator.

Thanks David,

I had run the f-secure facility and found some files (rootkit). I need to learn how to remove them now.

I also downloaded the Spyware Terminator, run a scan and found some traces of Trojans, delete them all.

Then, looking at this software I can see it has almost the same facilities than Avast. Does it make any difference in having either of them installed? I mean is one better than the other? Is there any compatibility problem if I have install both?

Your comments are more than welcome.

Thanks,

Carlos

First do not harm… send files to Quarentine before deleting them… It’s safer, it prevents false positives and allow restoration.

Carlos, Spyware Terminator is compatible with avast. Even if you use its internal integration with Clam antivirus. But it could be redundant and you could see performance troubles. If you want to try, start using without Clam integration and disable Windows Defender (redundant and weaker than ST). Test if your computer does not get that slow that makes work uncomfortable. 8)

Although avast has some spyware detection, it’s an antivirus.
Spyware Terminator is an antitrojan and antispyware, not an antivirus (without ClamAv integration).

Firstly the ones that I listed should be able to deal with any rootkit detections it finds. If not there should at least be a file name and location, etc. of the rootkit. Also see, anti-rootkit, detection, removal & protection http://www.antirootkit.com/software/index.htm.

More importantly what did it indicate (and can you find it using explorer) ?
I would hope that anything found has been dealt with, that should allow avast to see anything it was hiding and importantly you should be able to restore the missing file.

Try a repair of avast. Add Remove programs, select ‘avast! Anti-Virus,’ click the Change/Remove button and scroll down to Repair, click next and follow. You need to be on-line to do this.

As Tech mentions, when you have an option, deletion is not a good first option you have none left. There should be no problem with ST as Tech mentions but the integration of the AV I would also say isn’t advisable.

question for you davidr and/or tech-if you have a clean system(hopefully)and have good protection is there any need for a rootkit scanner and removal program as the avg free one ??? ::slight_smile:

http://i17.tinypic.com/63l1d06.jpg

The rootkit scanners are specific tools used for specific tasks, if you are experiencing problems that are malware related and you are apparently clean.

These tools are also regularly updated so the worth of having it sitting in wait is perhaps akin to using an AV with out of date signatures trying to find new malware.

Whilst there is no overhead in having a few to hand on your hard disk (I have several, usually for reference), I don’t run them on a regular basis. If I wanted/needed to run them I would download the latest version.

General cleaning tools and protection (avast & antitrojan) does not offer rootkit protection. These are different things. So, my answer is yes, there is such a need.

Thanks for all the useful comments and assistance. With this trouble I did learn a lot about viruses, trojans, etc and rootkits.

Thanks,

Carlos

No problem, glad we could help.

I trust that everything is OK now.

A belated welcome to the forums.

Sorry, but since my last note (a few minutes ago) I run again the F-Secure software, just to see what kind of files it finds.

F-Secure found extensions such as txt, xml, exe, hlp, dll, png, sys, and jpg. Are all these files “rootkits”? Or is there a particular files extension to be concern with.

I can find the files, that is not a problem. I also know almost the meaning of all of them. The problem is what do I do with them.

If I find them with windows I could delete them all. But it looks like this is not the best option. What do I do with the files found by F-Secure?

Thanks again,

Carlos

I honestly haven’t any idea as just providing the file types is of little help, what are the full file names and their locations ?

What does blacklight say about them ?

Have you run any of the other anti-rootkit tools and do they confirm any of the files from blacklight ?

For suspect files you can seek other confirmation:
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently 30 different scanners.

Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive.

Hi Carlos if you have the report on your system still then post it here and I will have a look see

Hi,

The list of reported files and directory where they are located follows:

Blank.txt C:\Windows\ServicePackFiles\i386
Empty.txt C:\Windows\ServicePackFiles\i386
Filters.xml C:\Windows\ServicePackFiles\i386
HIDR.exe C:\Windows\Prefetech
imepaden.hlp C:\XPCD\I386\LANG
imepadsm.dll C:\XPCD\I386\LANG
imepadsv.exe C:\XPCD\I386\LANG
imlang.dll C:\WINDOWS\ServicePackFiles\i386\LANG;
C:\WINDOWS$NServicePack$Uninstall
C:\XPCD\I386\LANG
news.png C:\XPCD\I386\LANG
Padrs404.dll C:\WINDOWS\ServicePackFiles\i386\LANG;
C:\WINDOWS$NServicePack$Uninstall
Padrs411.dll C:\XPCD\I386\LANG
Padrs412.dll C:\XPCD\I386\LANG
Padrs804.dll C:\WINDOWS\ServicePackFiles\i386\LANG;
C:\WINDOWS$NServicePack$Uninstall
paint.png C:\WINDOWS\ServicePackFiles\i386
rosa.sys NOT FOUND
sample1.jpg C:\WINDOWS\ServicePackFiles\i386
sample2.jpg C:\WINDOWS\ServicePackFiles\i386

Any comments? Thanks,

Carlos