CAN'T INSTALL AVAST

Hello,

I’m trying to install Avast, but whenever I open the setup file it automatically stops. I tried a bunch of other anti-viruses but all close with no luck, I tried to logon to the safemode but with no luck too the PC reboots even before loging on to the safe mode. So sure it’s a virus but how to remove it :)?

Any ideas?

Yep lets try this

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

http://i1224.photobucket.com/albums/ee362/Essexboy3/ASWMbr1.gif

Click the “Scan” button to start scan

http://i1224.photobucket.com/albums/ee362/Essexboy3/ASWMbr2.gif

On completion of the scan click save log, save it to your desktop and post in your next reply

THEN

Download OTS to your Desktop and double-click on it to run it

[*]Make sure you close all other programs and don’t use the PC while the scan runs.
[*]Select All Users
[*]Under additional scans select the following
Reg - NetSvcs
Reg - Shell Spawning
Evnt - EventViewer Logs (Last 10 Errors)
File - Lop Check
File - Purity Scan

[*]Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
[*]When the scan is complete Notepad will open with the report file loaded in it.
[*]Please attach the log in your next post.

here you go

Hi you may have Sality

Run this OTS fix and then try to install Avast again. If it works then go for a boot time scan

Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.

[Unregister Dlls]
[Processes - Safe List]
YY -> xguxfx.exe -> C:\Documents and Settings\Tamer\Local Settings\temp\xguxfx.exe
YY -> winvsmdoc.exe -> C:\Documents and Settings\Tamer\Local Settings\temp\winvsmdoc.exe
[Driver Services - Safe List]
YY -> (amsint32) amsint32 [Kernel | Unknown | Running] -> 
[Registry - Safe List]
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
YY -> DfLogon -> C:\WINDOWS\System32\LogonDll.dll
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
YN -> "C:\DOCUME~1\Tamer\LOCALS~1\Temp\windhyo.exe" -> [C:\DOCUME~1\Tamer\LOCALS~1\Temp\windhyo.exe:*:Enabled:ipsec]
YY -> "C:\DOCUME~1\Tamer\LOCALS~1\Temp\winvsmdoc.exe" -> C:\Documents and Settings\Tamer\Local Settings\temp\winvsmdoc.exe [C:\DOCUME~1\Tamer\LOCALS~1\Temp\winvsmdoc.exe:*:Enabled:ipsec]
YY -> "C:\DOCUME~1\Tamer\LOCALS~1\Temp\xguxfx.exe" -> C:\Documents and Settings\Tamer\Local Settings\temp\xguxfx.exe [C:\DOCUME~1\Tamer\LOCALS~1\Temp\xguxfx.exe:*:Enabled:ipsec]
< Drives with AutoRun files > -> 
NY -> C:\autorun.inf  -> C:\autorun.inf [ NTFS ]
NY -> E:\autorun.inf  -> E:\autorun.inf [ NTFS ]
NY -> F:\autorun.inf  -> F:\autorun.inf [ NTFS ]
[Files/Folders - Modified Within 30 Days]
NY ->  wxlto.pif -> C:\wxlto.pif
NY ->  autorun.inf -> C:\autorun.inf
NY ->  RealUpgradeLogonTaskS-1-5-21-789336058-1788223648-682003330-1003.job -> C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-789336058-1788223648-682003330-1003.job
[Files - No Company Name]
NY ->  autorun.inf -> C:\autorun.inf
NY ->  wxlto.pif -> C:\wxlto.pif
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
[ZipFiles]
  

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here

I will review the information when it comes back in.

Still no luck :S
Didn’t work, same problem.

[list]Lets try Sality killer next

Step 1. Preparation to disinfection:

Download the file Sality.zip
Extract SalityKiller.exe
Run the file SalityKiller.exe

Step 2. Registry repair: (Allow the files to merge when requested)

Download Sality_regkeys.zip
Extract the file Sality_RegKeys.zip
Run the file Disable_autorun.reg from the archive Sality_RegKeys.zip

Step 3. Finalising :(Allow the files to merge when requested)

From the archive Sality_RegKeys.zip run the file of the registry key:

[]under Windows 2000 run the registry file SafeBootWin200.reg
[
]under Windows XP run the registry file SafeBootWinXP.reg
[]under Windows 2003 run the registry file SafeBootWinServer2003.reg
[
]under Windows Vista / 2008 run the registry file SafebootVista.reg
[*]under Windows 7 / 2008 R2 run the registry file SafebootWin7.reg

FULL SCAN

Download Dr Web from here http://www.freedrweb.com/?lng=en link on the top right of the page, tick the EULA and then download

It will download as an 8 digit file save it to your desktop

Restart in safe mode and run
Accept the enhanced version
Then run the quick scan
About halfway through you will be prompted to buy - just X the box closed
Once finished it will generate a log please attach that