I’m really at my wits ends here; ive searched the net for info and ive come to a conclusion that my computer’s infested with win32.bagle.aeq since the sympthoms are are similar to this case–> http://forum.avast.com/index.php?topic=39635.0
All scanners are dead; they just wont start and i cant boot the machine in safe mode. Ive tried those online scanners; no dice. the ESET one does find stuff on every scan, but it never gets to complete. Instead it freezes after a while.
Ive tried reinstalling & fixing Avast. Doesnt work. Spyware Doctor freezes in start.
Just finished with f-secure’s rescued CD: It found over 250 infections. I restart the machine and reinstall avast, and then restart: “ashAvast.exe is not a valid Win32 application.” It just wont go away :o btw the only anti-malvare program it seems to let me install is Malwarebytes. And the only online scanner that doesnt give me error is the ESET one; the others says that the download was corrupt and that they just cant update. ESET finds stuff, but wont get rid of the infestation.
Can you try to repair your avast installation?
Go to Control Panel > Add/Remove programs > avast! antivirus > Remove. Then choose Repair function in the popup window (Repair).
If this does not help, can you uninstall / boot / install / boot again?
Can you try to repair your avast installation?
Go to Control Panel > Add/Remove programs > avast! antivirus > Remove. Then choose Repair function in the popup window (Repair).
If this does not help, can you uninstall / boot / install / boot again?
Yeah i tried that; no dice. It was still “ashAvast.exe is not a valid Win32 application.”
Anyway, i reinstalled XP (without formating the system partition) and it finally let me install and run avast. It still found beagle hauting there, but atleast now the system lets me to install vaccines. +100 infestations killed this far. It looks good, but i’ll let you know if anything unexpected comes up knocks wood
Yeah that was the first thing i did. It found like 70 infections (beagle & rootkits), after that i ran full system scan with avast and with those online scanners. It seems theres still some sort of rootkit still in place since these scanners keep finding virus’ & trojans here and there. Also, i installed spyware doctor and it keep’s giving notifications of blocked viruses/troijans. Anyways, each new scan finds less and less crap, so i guess it’s a winning battle
Double click on Combo-Fix.exe & follow the prompts.
[*]When finished, it will produce a report for you.
[*]Please post the C:\ComboFix.txt along with a HijackThis log so we can continue cleaning the system.
To guarantee security and stability after multiple infections including rootkit(s), nuking is the only option, followed by a reinstall and a thorough update of Windows and all other applications. The Secunia Software Inspector is invaluable in this respect, either online or installed.
With file infectors, no Combofix or Secunia will ever help. Either clean with avast! if possible (only non system files because it cannot repair them, just delete). Otherwise only DrWeb and Symantec may repair files. If all this fails you just have to backup all non infectable files and format the system.
I’ve tested VRDB on clean Windows XP SP3, generated VRDB database and infected it with Win32:Vitro.
Delete was the only option. I wonder if there is any recent file infector (by recent i mean after year 2000 till now) that can be treated with VRDB or in any way with Repair option?
Well, DrWeb suposedly cured the files. At least it didn’t complain about them later and avast! also didn’t complain later when i rescaned the system with it.
Symantec was not tested but considering they have one of the best specialists for file infectors in AV segment, i believe they can repair them.
