Hello! Sorry for my english and that's my story... I hope this issue helps someone. I recognized that in my system was malicious software that runs with system start, there was unexplained network traffic, so I installed avast, because no antivirus was installed before in my system until now. And I had the same problem as describe above and nothing advises was
helping for me, so I get a great idea ;p to unistall avast using producer's uninstalling kit, run system again to complete
uninstalling some additional parts of avast, which has place after reboot, now I get completely clean system from avast
installation. Now I:
1) run system in safe mode with administration privileges,
2) install avast in safe mode (yes it is possible),
3) reboot system allowing them for run in normal mode to complete installation,
4) I shutdown system and run it again in normal mode - avast still don't worked, and in safe mode - avast worked. I tried setup in safe mode scanning task before system bootup, but I couldn't, it doesn't take effect, system starts without scanning I suppose because of safe mode in which system never startup additional task.
5) So I run avast in safe mode - everything works fine! Everyting is on green. I start full scan mode and avast found 9 viruses. Because
system is running in safe mode, avast detect that state and communicate, that system is running in safe mode and only hand's scans are available so shield are not active but we can switch to 'computer scan' option and do this manually. Ok, now everything should be ok, I tought.
6) But ... after I scanned and removed viruses using avast command ('remove'), I run system in normal mode and avast still don't worked properly. There was still one virus (rootkit in C:\WINDOWS\system32\drivers\) detected by avast but it was not removed because of 'access denied'. I found a great page ('
http://www.technibble.com/how-to-remove-a-rootkit-from-a-windows-system/') where everythings about rootkits manual removing is described so I follow this tips and remove rootkit, and now I even know how manual remove virus and where to find them. My rootkit was on msconfig startup list and I remove him with cacls and del command, there was one more worm too on the list, and I also deleted it (it was in path C:\WINDOWS\TEMP).
After that avast works fine and everythings is on green and I see beautiful spinning avast icon in tray in normal mode. Before I couldn't event setup scanning system before boot. Now I setup scan at bootup and avast detected 5 more viruses - 2 in common files and 3 in restore point. I deleted everything. After that there was one more .exe file which starts with windows but wasn't a threat anymore beacause after it run, system displayed 'Microsoft errors report'. I found this file in "C:\Documents And Settings\username\Application Data\VirusName\VirusName.exe" it was hidden. This was the last one but still I don't know how it could be running because it wasn't on msconfig list. Now I have clean system which starts very fast and working avast. I'm still on Win XP.
Greetings!
Mariusz