not a valid Win32 application - warning. Can't run antivirus apps

[Nehmo]

Win XP home sp3

Most things function normally but..
When I try to install BitDefender Total Security 2009 or some other
security (anti-virus, anti-malware) programs I get a warning saying
that the installer can’t write to the folder that’s there for the
virus definitions.

With some programs, like McAffee, I can install, but then when I try
to run, I get the notice that the program is

-not a valid Win32 application-.

I get that with Adaware, SpybotS&D, Windows Defender, Norton, and AVG
free.

Unlike other people with the -not a valid Win32 application- problem,
I can open MS Office programs and browsers.

I ran sfc /scannow . I also did the disk cleanup deleting the temp
files. I also did the error checking on the Tools tab of Properties of
the drive. Nothing changed.

Most online scanners didn’t function. But now I’m using Trend Micro’s
online scanner, and it seems to be running. I’ll see what happens.

~~ Nehmo

 

[Nehmo]

Win XP home sp3

Most things function normally but..
When I try to install BitDefender Total Security 2009 or some other
security (anti-virus, anti-malware) programs I get a warning saying
that the installer can’t write to the folder that’s there for the
virus definitions.

With some programs, like McAffee, I can install, but then when I try
to run, I get the notice that the program is

 -not a valid Win32 application-.

I get that with Adaware, SpybotS&D, Windows Defender, Norton, and AVG
free.

Unlike other people with the -not a valid Win32 application- problem,
I can open MS Office programs and browsers.

I ran sfc /scannow . I also did the disk cleanup deleting the temp
files. I also did the error checking on the Tools tab of Properties of
the drive. Nothing changed.

Most online scanners didn’t function. But now I’m using Trend Micro’s
online scanner, and it seems to be running. I’ll see what happens.

~~ Nehmo

Trend Micro online scanner is stuck on 3 min. I need to try something
else. Suggestions?
~~ Nehmo

 

[The Real Truth MVP]

Use my Remove-it software, it will remove that malware from your system.
Choose yes for all options when prompted. Download it here
http://pcbutts1.com/downloads/tools/tools.htm



--
The Real Truth http://pcbutts1-therealtruth.blogspot.com/

Win XP home sp3

Most things function normally but..
When I try to install BitDefender Total Security 2009 or some other
security (anti-virus, anti-malware) programs I get a warning saying
that the installer can’t write to the folder that’s there for the
virus definitions.

With some programs, like McAffee, I can install, but then when I try
to run, I get the notice that the program is

-not a valid Win32 application-.

I get that with Adaware, SpybotS&D, Windows Defender, Norton, and AVG
free.

Unlike other people with the -not a valid Win32 application- problem,
I can open MS Office programs and browsers.

I ran sfc /scannow . I also did the disk cleanup deleting the temp
files. I also did the error checking on the Tools tab of Properties of
the drive. Nothing changed.

Most online scanners didn’t function. But now I’m using Trend Micro’s
online scanner, and it seems to be running. I’ll see what happens.

~~ Nehmo

Trend Micro online scanner is stuck on 3 min. I need to try something
else. Suggestions?
~~ Nehmo

 

[Nehmo]

Use my Remove-it software, it will remove that malware from your system.
Choose yes for all options when prompted. Download it herehttp://pcbutts1..com/downloads/tools/tools.htm

--
The Real Truthhttp://pcbutts1-therealtruth.blogspot.com/












Trend Micro online scanner is stuck on 3 min. I need to try something
else. Suggestions?
~~ Nehmo

OK, I'm going to try Remove it. It seemed like it installed rather
quickly. I don't see how all the definitions could have been
downloaded in 824kb. It will run when I restart, I hope.
I just tried Avast, and it got the not a valid Win322 error when I
tried to run it.\
~Nehmo
~~ Nehmo

 

[Nehmo]

OK, I'm going to try Remove it. It seemed like it installed rather
quickly. I don't see how all the definitions could have been
downloaded in 824kb. It will run when I restart, I hope.
I just tried Avast, and it got the not a valid Win322 error when I
tried to run it.\
~Nehmo

I ran Remove it. I then tried to install AVG free. I got this error
Local machine: installation failed
Installation:
Error: Action failed for file avgwdsvc.exe: starting
service....
Error 0x800700c1

I'm going to try to install Win Defender
~~ Nehmo

 

[Nehmo]

OK, I'm going to try Remove it. It seemed like it installed rather
quickly. I don't see how all the definitions could have been
downloaded in 824kb. It will run when I restart, I hope.
I just tried Avast, and it got the not a valid Win322 error when I
tried to run it.\
~Nehmo
~~ Nehmo

Win Defender installation failed. Couldn't write to
mpengine.dll
~~ Nehmo

 

[The Real Truth MVP]

You start it manually after rebooting by going to start>programs>remove-it.
Remove-it does not use definitions it uses known file names and locations
that are derived from the definitions itself using multiple AV and Malware
programs along with common sense. That makes it super fast and no false
positives.


--
The Real Truth http://pcbutts1-therealtruth.blogspot.com/

Use my Remove-it software, it will remove that malware from your system.
Choose yes for all options when prompted. Download it
herehttp://pcbutts1.com/downloads/tools/tools.htm

--
The Real Truthhttp://pcbutts1-therealtruth.blogspot.com/












Trend Micro online scanner is stuck on 3 min. I need to try something
else. Suggestions?
~~ Nehmo

OK, I'm going to try Remove it. It seemed like it installed rather
quickly. I don't see how all the definitions could have been
downloaded in 824kb. It will run when I restart, I hope.
I just tried Avast, and it got the not a valid Win322 error when I
tried to run it.\
~Nehmo
~~ Nehmo

 

[Nehmo]

Uninstall Adaware, SpybotS&D, Windows Defender, Norton, and AVG then
redownload and install them except Norton.

--
The Real Truthhttp://pcbutts1-therealtruth.blogspot.com/





Win Defender installation failed. Couldn't write to
mpengine.dll

I've uninstalled all the antivirus programs. But I can't seem to
install one and get it to work. I get the not valid Win32 message.
I've been trying to get any kind of virus scan. I just tried Kasparski
online scan. It failed with this message:

Update has failed. Program has failed to start. Close the Kaspersky
Online Scanner 7.0 window and open it again to install the program.
You must be online to update the Kaspersky Online Scanner 7 database.
With the latest database updates, you can find new viruses and other
threats. Please go online to use Kaspersky Online Scanner 7. [ERROR:
Scan has failed to start. [0x80004005]]

I can't reinstall windows because I don't have the install disk.
~~ Nehmo

 

[The Real Truth MVP]

Run my diagnostic tool called whatslivern. That file after a few seconds,
when complete, will generate a log file. That log file will be saved in the
same directory you ran the program from, using the email link and the bottom
of my page send me a copy of that log file.
http://pcbutts1.com/downloads/tools/tools.htm


--
The Real Truth http://pcbutts1-therealtruth.blogspot.com/

Uninstall Adaware, SpybotS&D, Windows Defender, Norton, and AVG then
redownload and install them except Norton.

--
The Real Truthhttp://pcbutts1-therealtruth.blogspot.com/





Win Defender installation failed. Couldn't write to
mpengine.dll

I've uninstalled all the antivirus programs. But I can't seem to
install one and get it to work. I get the not valid Win32 message.
I've been trying to get any kind of virus scan. I just tried Kasparski
online scan. It failed with this message:

Update has failed. Program has failed to start. Close the Kaspersky
Online Scanner 7.0 window and open it again to install the program.
You must be online to update the Kaspersky Online Scanner 7 database.
With the latest database updates, you can find new viruses and other
threats. Please go online to use Kaspersky Online Scanner 7. [ERROR:
Scan has failed to start. [0x80004005]]

I can't reinstall windows because I don't have the install disk.
~~ Nehmo

 

[The Real Truth MVP]

Judging from the log you sent me it looks like you might infected with a
variant of the VBS/Redlof-A
http://www.sophos.com/security/analyses/viruses-and-spyware/vbsredlofa.html
follow the instructions on that page for removal and let me know if the
registry keys are there. Also as much as I hate to say it but David Lipman's
Multi-avi tool may be able to help you.




--
The Real Truth http://pcbutts1-therealtruth.blogspot.com/

Uninstall Adaware, SpybotS&D, Windows Defender, Norton, and AVG then
redownload and install them except Norton.

--
The Real Truthhttp://pcbutts1-therealtruth.blogspot.com/





Win Defender installation failed. Couldn't write to
mpengine.dll

I've uninstalled all the antivirus programs. But I can't seem to
install one and get it to work. I get the not valid Win32 message.
I've been trying to get any kind of virus scan. I just tried Kasparski
online scan. It failed with this message:

Update has failed. Program has failed to start. Close the Kaspersky
Online Scanner 7.0 window and open it again to install the program.
You must be online to update the Kaspersky Online Scanner 7 database.
With the latest database updates, you can find new viruses and other
threats. Please go online to use Kaspersky Online Scanner 7. [ERROR:
Scan has failed to start. [0x80004005]]

I can't reinstall windows because I don't have the install disk.
~~ Nehmo

 

[Nehmo]

Run my diagnostic tool called whatslivern. That file after a few seconds,
when complete, will generate a log file. That log file will be saved in the
same directory you ran the program from, using the email link and the bottom
of my page send me a copy of that log file.http://pcbutts1.com/downloads/tools/tools.htm

--
The Real Truthhttp://pcbutts1-therealtruth.blogspot.com/

Uninstall Adaware, SpybotS&D, Windows Defender, Norton, and AVG then
redownload and install them except Norton.

"Nehmo" <[email protected]> wrote in message

Win Defender installation failed. Couldn't write to
mpengine.dll

I've uninstalled all the antivirus programs. But I can't seem to
install one and get it to work. I get the not valid Win32 message.
I've been trying to get any kind of virus scan. I just tried Kasparski
online scan. It failed with this message:

Update has failed. Program has failed to start. Close the Kaspersky
Online Scanner 7.0 window and open it again to install the program.
You must be online to update the Kaspersky Online Scanner 7 database.
With the latest database updates, you can find new viruses and other
threats. Please go online to use Kaspersky Online Scanner 7. [ERROR:
Scan has failed to start. [0x80004005]]

I can't reinstall windows because I don't have the install disk.

Instead of emailing it, I posted the logfile generated by
runningnow.vbs (which was unpacked from runningnow.exe) below. The
program seemed to to have ran as it should.

After being, so far, unable to install (I still get the same errors
noted in my earlier posts) any other anti-malware scanning app, I was
able to install DriveSentry http://www.drivesentry.com/ .

When it scanned, it found two malware items, named something Beagle,
which I then deleted.

DriveSentry is also repeatedly displaying a popup that gives the
option to block winfilse.exe , which DriveSentry says lives in
system32\drivers folder, from writing. I chose to "Keep Blocking".
DriveSentry, however, did not flag winfilse.exe when DriveSentry
scanned. I also can't find winfilse.exe in that folder or anywhere on
my drive.

I'm beginning to wonder about DriveSentry.

The computer is functioning normally except it seems slow and the cpu
usage goes up to 100% a lot. I also, as noted in my earlier posts,
can't run some apps (I'm getting the not a valid Win32 app error), and
I can't completely install many anti-malware apps (something is
preventing writing of the definitions).

More on this later. I thank everybody who is helping.


---------------begin logfile

"running now.vbs", revision 70, http://www.pcbutts1.com/downloads/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"Google Update" = ""C:\Documents and Settings\Owner\Local Settings
\Application Data\Google\Update\GoogleUpdate.exe" /c" [null data]
"SpybotSD TeaTimer" = "C:\Program Files\Spybot - Search & Destroy
\TeaTimer.exe" ["Safer Networking Limited"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"IgfxTray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"]
"HotKeysCmds" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"]
"Persistence" = "C:\WINDOWS\system32\igfxpers.exe" ["Intel
Corporation"]
"CHotkey" = "zHotkey.exe" [empty string]
"ShowWnd" = "ShowWnd.exe" [null data]
"ModPS2" = "ModPS2Key.exe" ["Chicony"]
"RTHDCPL" = "RTHDCPL.EXE" ["Realtek Semiconductor Corp."]
"Recguard" = "C:\WINDOWS\SMINST\RECGUARD.EXE"
"Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader
8.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"]
"RemoteControl" = ""C:\Program Files\CyberLink\PowerDVD
\PDVDServ.exe"" ["Cyberlink Corp."]
"LanguageShortcut" = ""C:\Program Files\CyberLink\PowerDVD\Language
\Language.exe"" [null data]
"Google Desktop Search" = ""C:\Program Files\Google\Google Desktop
Search\GoogleDesktop.exe" /startup" ["Google"]
"HPDJ Taskbar Utility" = "C:\WINDOWS\system32\spool\drivers
\w32x86\3\hpztsb04.exe" ["HP"]
"QuickTime Task" = ""C:\Program Files\QuickTime\QTTask.exe" -
atboottime" ["Apple Inc."]
"GrooveMonitor" = ""C:\Program Files\Microsoft Office
\Office12\GrooveMonitor.exe"" [MS]
"Run StartupMonitor" = "StartupMonitor.exe" [null data]
"PWRISOVM.EXE" = "C:\Program Files\PowerISO\PWRISOVM.EXE" ["PowerISO
Computing, Inc."]
"lxcrmon.exe" = ""C:\Program Files\Lexmark 2400 Series
\lxcrmon.exe"" [null data]
"EzPrint" = ""C:\Program Files\Lexmark 2400 Series
\ezprint.exe"" ["Lexmark International Inc."]
"LXCRCATS" = "rundll32 C:\WINDOWS\System32\spool\DRIVERS
\W32X86\3\LXCRtime.dll,_RunDLLEntry@16" [MS]
"CanonSolutionMenu" = "C:\Program Files\Canon\SolutionMenu
\CNSLMAIN.exe /logon" ["CANON INC."]
"CanonMyPrinter" = "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /
logon" ["CANON INC."]
"DriveSentry" = "C:\Program Files\DriveSentry
\DriveSentry.exe" ["DriveSentry Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\(Default) = "WormRadar.com
IESiteBlocker.NavFilter"
-> {HKLM...CLSID} = "AVG Safe Search"
\InProcServer32\(Default) = "C:\Program Files\AVG
\AVG8\avgssie.dll" [file not found]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Spybot-S&D IE Protection"
\InProcServer32\(Default) = "C:\Program Files
\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Groove GFS Browser Helper"
\InProcServer32\(Default) = "C:\Program Files
\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]
{A057A204-BACC-4D26-9990-79A187E2698E}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AVG Security Toolbar"
\InProcServer32\(Default) = "C:\PROGRA~1\AVG
\AVG8\AVGTOO~1.DLL" [file not found]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "c:\program files\google
\googletoolbar1.dll" ["Google Inc."]
{CA6319C0-31B7-401E-A518-A07C3DB8F777}\(Default) = "Browser Address
Error Redirector"
-> {HKLM...CLSID} = "CBrowserHelperObject Object"
\InProcServer32\(Default) = "c:\windows
\system32\BAE.dll" ["Gateway Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions
\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL
Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not
found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS
\system32\hticons.dll" ["Hilgraeve, Inc."]

---------------end logfile

~~ Nehmo

 

[Nehmo]

Run my diagnostic tool called whatslivern. That file after a few seconds,
when complete, will generate a log file. That log file will be saved inthe
same directory you ran the program from, using the email link and the bottom
of my page send me a copy of that log file.http://pcbutts1.com/downloads/tools/tools.htm

"Nehmo" <[email protected]> wrote in message

I've uninstalled all the antivirus programs. But I can't seem to
install one and get it to work. I get the not valid Win32 message.
I've been trying to get any kind of virus scan. I just tried Kasparski
online scan. It failed with this message:

Update has failed. Program has failed to start. Close the Kaspersky
Online Scanner 7.0 window and open it again to install the program.
You must be online to update the Kaspersky Online Scanner 7 database.
With the latest database updates, you can find new viruses and other
threats. Please go online to use Kaspersky Online Scanner 7. [ERROR:
Scan has failed to start. [0x80004005]]

I can't reinstall windows because I don't have the install disk.

Instead of emailing it, I posted the logfile generated by
runningnow.vbs (which was unpacked from runningnow.exe) below. The
program seemed to to have ran as it should.

After being, so far, unable to install (I still get the same errors
noted in my earlier posts) any other anti-malware scanning app, I was
able to install DriveSentryhttp://www.drivesentry.com/.

When it scanned, it found two malware items, named something Beagle,
which I then deleted.

DriveSentry is also repeatedly displaying a popup that gives the
option to block winfilse.exe , which DriveSentry says lives in
system32\drivers folder, from writing. I chose to "Keep Blocking".
DriveSentry, however, did not flag winfilse.exe when DriveSentry
scanned. I also can't find winfilse.exe in that folder or anywhere on
my drive.

I'm beginning to wonder about DriveSentry.

The computer is functioning normally except it seems slow and the cpu
usage goes up to 100% a lot. I also, as noted in my earlier posts,
can't run some apps (I'm getting the not a valid Win32 app error), and
I can't completely install many anti-malware apps (something is
preventing writing of the definitions).

 More on this later. I thank everybody who is helping.

---------------begin logfile

"running now.vbs", revision 70,http://www.pcbutts1.com/downloads/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"Google Update" = ""C:\Documents and Settings\Owner\Local Settings
\Application Data\Google\Update\GoogleUpdate.exe" /c" [null data]
"SpybotSD TeaTimer" = "C:\Program Files\Spybot - Search & Destroy
\TeaTimer.exe" ["Safer Networking Limited"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"IgfxTray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"]
"HotKeysCmds" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"]
"Persistence" = "C:\WINDOWS\system32\igfxpers.exe" ["Intel
Corporation"]
"CHotkey" = "zHotkey.exe" [empty string]
"ShowWnd" = "ShowWnd.exe" [null data]
"ModPS2" = "ModPS2Key.exe" ["Chicony"]
"RTHDCPL" = "RTHDCPL.EXE" ["Realtek Semiconductor Corp."]
"Recguard" = "C:\WINDOWS\SMINST\RECGUARD.EXE"
"Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader
8.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"]
"RemoteControl" = ""C:\Program Files\CyberLink\PowerDVD
\PDVDServ.exe"" ["Cyberlink Corp."]
"LanguageShortcut" = ""C:\Program Files\CyberLink\PowerDVD\Language
\Language.exe"" [null data]
"Google Desktop Search" = ""C:\Program Files\Google\Google Desktop
Search\GoogleDesktop.exe" /startup" ["Google"]
"HPDJ Taskbar Utility" = "C:\WINDOWS\system32\spool\drivers
\w32x86\3\hpztsb04.exe" ["HP"]
"QuickTime Task" = ""C:\Program Files\QuickTime\QTTask.exe" -
atboottime" ["Apple Inc."]
"GrooveMonitor" = ""C:\Program Files\Microsoft Office
\Office12\GrooveMonitor.exe"" [MS]
"Run StartupMonitor" = "StartupMonitor.exe" [null data]
"PWRISOVM.EXE" = "C:\Program Files\PowerISO\PWRISOVM.EXE" ["PowerISO
Computing, Inc."]
"lxcrmon.exe" = ""C:\Program Files\Lexmark 2400 Series
\lxcrmon.exe"" [null data]
"EzPrint" = ""C:\Program Files\Lexmark 2400 Series
\ezprint.exe"" ["Lexmark International Inc."]
"LXCRCATS" = "rundll32 C:\WINDOWS\System32\spool\DRIVERS
\W32X86\3\LXCRtime.dll,_RunDLLEntry@16" [MS]
"CanonSolutionMenu" = "C:\Program Files\Canon\SolutionMenu
\CNSLMAIN.exe /logon" ["CANON INC."]
"CanonMyPrinter" = "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /
logon" ["CANON INC."]
"DriveSentry" = "C:\Program Files\DriveSentry
\DriveSentry.exe" ["DriveSentry Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\(Default) = "WormRadar.com
IESiteBlocker.NavFilter"
  -> {HKLM...CLSID} = "AVG Safe Search"
                   \InProcServer32\(Default) = "C:\Program Files\AVG
\AVG8\avgssie.dll" [file not found]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
  -> {HKLM...CLSID} = "Spybot-S&D IE Protection"
                   \InProcServer32\(Default) = "C:\Program Files
\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided)
  -> {HKLM...CLSID} = "Groove GFS Browser Helper"
                   \InProcServer32\(Default) = "C:\Program Files
\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]
{A057A204-BACC-4D26-9990-79A187E2698E}\(Default) = (no title provided)
  -> {HKLM...CLSID} = "AVG Security Toolbar"
                   \InProcServer32\(Default) = "C:\PROGRA~1\AVG
\AVG8\AVGTOO~1.DLL" [file not found]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
  -> {HKLM...CLSID} = "Google Toolbar Helper"
                   \InProcServer32\(Default) = "c:\program files\google
\googletoolbar1.dll" ["Google Inc."]
{CA6319C0-31B7-401E-A518-A07C3DB8F777}\(Default) = "Browser Address
Error Redirector"
  -> {HKLM...CLSID} = "CBrowserHelperObject Object"
                   \InProcServer32\(Default) = "c:\windows
\system32\BAE.dll" ["Gateway Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions
\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL
Extension"
  -> {HKLM...CLSID} = "Display Panning CPL Extension"
                   \InProcServer32\(Default) = "deskpan.dll" [file not
found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"
                   \InProcServer32\(Default) = "C:\WINDOWS
\system32\hticons.dll" ["Hilgraeve, Inc."]

---------------end logfile

a-squared also failed to install. Or maybe it failed to run. I got the
not a valid Win32 App error.

I don't run Outlook Express. (I used to use Outlook. Now I just use
online hotmail.) I don't have the registry keys described.
~~ Nehmo

 

[Larry Sabo]

From: "Nehmo" <[email protected]>


| a-squared also failed to install. Or maybe it failed to run. I got the
| not a valid Win32 App error.

| I don't run Outlook Express. (I used to use Outlook. Now I just use
| online hotmail.) I don't have the registry keys described.
| ~~ Nehmo

And you will keep getting "not a valid Win32 App error".

Wipe and reinstall the OS !

If I were as desperate and determined as he seems to be, I'd remove
the drive, scan it for viruses on another PC, reinstall it in the
original PC and try a repair install. For the repair install, I'd need
to create a Windows CD using the procedure at...

http://www.howtohaven.com/system/createwindowssetupdisk.shtml

Lots of work and I think your suggestion makes more sense, unless he
has invaluable programs for which he is missing the install
media/files.

Larry

 

[Larry Sabo]

From: "Larry Sabo" <[email protected]>

| If I were as desperate and determined as he seems to be, I'd remove
| the drive, scan it for viruses on another PC, reinstall it in the
| original PC and try a repair install. For the repair install, I'd need
| to create a Windows CD using the procedure at...

| http://www.howtohaven.com/system/createwindowssetupdisk.shtml

| Lots of work and I think your suggestion makes more sense, unless he
| has invaluable programs for which he is missing the install
| media/files.

| Larry

There are benefits and problems to this approach.

The first is that when you scan the hard drive through a surrogate PC, it will find files
on the affected hard disk but will scan the Registry of the surrogate PC and thus will not
correct the Registry of the OS of the affected hard drive. In this case I'd say the the
Registry was significantly modified.

The second is more generalized.
When you scan the hard disk through a surrogate PC, the anti malware scanner may remove a
required DLL or EXE file that may be required to load and thus when the drive is inserted
back into its home PC, the OS may boot into a BSoD condition. One such example where this
may happen is with a SubSys trojan which loads via...
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\windows
and inserts itself into the DLL load chain. Thus the OS would generate a NT Stop Error.

STOP: c0000135 {Unable To Locate Component}
This application has failed to start because XXXXXX was not found.

Thanks for that David.

Larry

 

[Nehmo]

From: "Nehmo" <[email protected]>

| a-squared also failed to install. Or maybe it failed to run. I got the
| not a valid Win32 App error.

| I don't run Outlook Express. (I used to use Outlook. Now I just use
| online hotmail.) I don't have the registry keys described.
|  ~~ Nehmo

And you will keep getting "not a valid Win32 App error".

Wipe and reinstall the OS !

You, David, know more about Windows than I, so please don’t think I’m
discounting your advice. Re-installing Windows would be the option a
few steps away, if I had the install CD. I don’t. I’d have to get a
new copy.

As I see it now. I next need to try a few more virus scans – either
online scans or ones conducted locally if I can somehow install an
anti-virus program.

Perhaps I should try booting in safe mode and then trying to install
or run one of the anti-virus programs or scans.
One program (not actually a scanner) I haven’t tried yet is
hijackthis. I’ll then post the results in one of the Hijackthis
groups. Do any of you have a suggestion for where to do that?

If I can’t do a successful scan, I’ll try a system restore. I’ve never
done that, but I should have enough skill.
I’ll also try cross-posting to some other groups to get a wider
audience. For those of you just now seeing this thread, you can see
the details of my problem earlier in the thread
http://groups.google.com/group/alt.comp.anti-virus/browse_thread/thread/99745fdc2c56bfd6

In brief:
Windows XP Home SP3
Most things run OK, MS Office, the browsers, Paint Shop Pro, but they
are slow and the CPU usage is high.
I can’t seem to install or run any anti-malware program, including
AdAware, AVG free, Windows Defender, Spybot S&D. I get the error
message “not a valid Win32 application” or I get a problem trying to
write something during the installation process.
I did manage to install DriveSentry. But that’s not a real scanner as
I see it. It did do a scan and deleted a couple of things, but no
improvement.

Please help me.

~~ Nehmo

 

[Nehmo]

From: "Nehmo" <[email protected]>

| On Nov 9, 6:06 am, "David H. Lipman" <[email protected]>



| You, David, know more about Windows than I, so please don’t think I’m
| discounting your advice. Re-installing Windows would be the option a
| few steps away, if I had the install CD. I don’t. I’d have to get a
| new copy.

| As I see it now. I next need to try a few more virus scans – either
| online scans or ones conducted locally if I can somehow install an
| anti-virus program.

| Perhaps I should try booting in safe mode and then trying to install
| or run one of the anti-virus programs or scans.
| One program (not actually a scanner) I haven’t tried yet is
| hijackthis. I’ll then post the results in one of the Hijackthis
| groups. Do any of you have a suggestion for where to do that?

| If I can’t do a successful scan, I’ll try a system restore. I’ve never
| done that, but I should have enough skill.
| I’ll also try cross-posting to some other groups to get a wider
| audience. For those of you just now seeing this thread, you can see
| the details of my problem earlier in the thread
|http://groups.google.com/group/alt.comp.anti-virus/browse_thread/thread/
| 99745fdc2c56bfd6

| In brief:
| Windows XP Home SP3
| Most things run OK, MS Office, the browsers, Paint Shop Pro, but they
| are slow and the CPU usage is high.
| I can’t seem to install or run any anti-malware program, including
| AdAware, AVG free, Windows Defender, Spybot S&D. I get the error
| message “not a valid Win32 application” or I get a problem trying to
| write something during the installation process.
| I did manage to install DriveSentry. But that’s not a real scanner as
| I see it. It did do a scan and deleted a couple of things, but no
| improvement.

| Please help me.

| ~~ Nehmo

Download and execute HiJack This! (HJT)http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

It will install as;  "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe"
If the file does not run, go to;  "C:\Program Files\Trend Micro\HijackThis\"
Rename HijackThis.exe to  HJT.com

Create a log and then post the contents of the HJT log in your post in the below expert
forum...

{ Please - Do NOT post the HJT Log here ! }

NOTE: Registration is REQUIRED in any of the below before posting a log

http://www.thespykiller.co.uk/index.php?board=3.0

Post that I directed you there.

HijackThis won't run, even after I rename it. I get the same error:
not a valid Win32 application.
Something is declaring all these programs as invalid for Win32. I'm
going to try to boot in safe mode, and then run. I've never done this
before. I don't think it will be a problem.
~~ Nehmo

 

[Buffalo]

You, David, know more about Windows than I, so please don’t think I’m
discounting your advice. Re-installing Windows would be the option a
few steps away, if I had the install CD. I don’t. I’d have to get a
new copy.

Nehmo, go into the Registry and copy down the ID code or Registration number
(forget what it's called) that you will need if you decide to 'borrow' an
XP cd and reinstall. You can Google to see how to find it in WinXP.
I don't have XP so I am just guessing here.


[snip]

 

[Nehmo]

HijackThis won't run, even after I rename it. I get the same error:
not a valid Win32 application.
Something is declaring all these programs as invalid for Win32. I'm
going to try to boot in safe mode, and then run. I've never done this
before. I don't think it will be a problem.
~~ Nehmo

Using MSconfig, on the general tab, I used diagnostic startup to
eliminate possible interference. HijackThis (renamed) still wouldn't
run.

~~ Nehmo

 

[David W. Hodgins]

Using MSconfig, on the general tab, I used diagnostic startup to
eliminate possible interference. HijackThis (renamed) still wouldn't
run.

You earlier posted the actual error code. A google search on that error
code, limited to m$ sites will give you the commands needed to correct it.

In my opinion, you need to format/reinstall, with a valid m$ install cd.

If you don't have an install cd, you would be much better off switching
to linux. It's become much simpler to install then it used to be, and
if you're willing to invest some time learning the differences, it's
actually easier to use.

Regards, Dave Hodgins

 

[xiao]

I think your computer is infected by a unknow infect-virus, all apps
display 'Win322 error ' after you run the app, probable cause of the
virus will infect the app when the system prepare to run it by hook
some API. After insert the virus data, it's destroy the original file.
so, you'd better submit the sample's to antivirus vendor online which
file show error dialog, then wait for them reply, after the vendor
can REPAIR the samples, remove the drive, scan it for viruses on
another PC, reinstall it in the original PC unless the antivirus
software detect a lot of viruses.
here are some vendores email address:

(e-mail address removed)
(e-mail address removed)
(e-mail address removed)
(e-mail address removed)
(e-mail address removed)