Latest version of Avast, just doesn't open.

[REDACTED]

Sorry about that guys, I gotta get more sleep, overlooked it. Here it is:

[essexboy]

I am surprised the computer actually runs

Due to the size of the fix I am having to attach it

After the first reboot let me know if Avast runs

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer
Right click the attached fixlist.txt and select save as..
Save to the desktop
 Ensure that FRST is also on the desktop

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Scan.
  
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S0].txt as well.
  

FINALLY

I will need a fresh FRST scan including the additions

[REDACTED]

Thank you very much for the follow up essex. I will do this tomorrow as I will no longer have access to this computer. I will be sure to post the results.

[REDACTED]

First part of your request is attached.

[essexboy]

Avast should now run

[REDACTED]

I did everything as above, but avast still doesn't open. Perhaps just following your steps helped my computer a lot, however.

Attached is the log adwcleaner produced.

[essexboy]

Could I have a fresh FRST scan please after you have done the following :

First ..

Uninstall Avast

Second..

Run this FRST fix ..

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
IFEO\ashAvast.exe: [Debugger] svchost.exe
IFEO\ashBug.exe: [Debugger] svchost.exe
IFEO\ashChest.exe: [Debugger] svchost.exe
IFEO\ashCnsnt.exe: [Debugger] svchost.exe
IFEO\ashDisp.exe: [Debugger] svchost.exe
IFEO\ashLogV.exe: [Debugger] svchost.exe
IFEO\ashMaiSv.exe: [Debugger] svchost.exe
IFEO\ashPopWz.exe: [Debugger] svchost.exe
IFEO\ashQuick.exe: [Debugger] svchost.exe
IFEO\ashServ.exe: [Debugger] svchost.exe
IFEO\ashSimp2.exe: [Debugger] svchost.exe
IFEO\ashSimpl.exe: [Debugger] svchost.exe
IFEO\ashSkPcc.exe: [Debugger] svchost.exe
IFEO\ashSkPck.exe: [Debugger] svchost.exe
IFEO\ashUpd.exe: [Debugger] svchost.exe
IFEO\ashWebSv.exe: [Debugger] svchost.exe
IFEO\aswChLic.exe: [Debugger] svchost.exe
IFEO\aswRegSvr.exe: [Debugger] svchost.exe
IFEO\aswRunDll.exe: [Debugger] svchost.exe
IFEO\aswUpdSv.exe: [Debugger] svchost.exe
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

Third ..

Reinstall Avast

Finally ..

Run a fresh FRST scan

[REDACTED]

First part of your request.

[REDACTED]

Okay..I completed all the steps, avast still hasn't been able to open. I attached the logs of the last scan. Thank you for your continuing support.

[essexboy]

The main culprit is running from the quarantine at the moment and masquerading as fifa 64

If this fails to kill I will move on to a heavier programme

Re-install Chrome

Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.

1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome.
 Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.

THEN

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
IFEO\avastSvc.exe: [Debugger] svchost.exe
IFEO\avastUI.exe: [Debugger] svchost.exe
IFEO\tapinstall.exe: [Debugger] svchost.exe
IFEO\VisthAux.exe: [Debugger] svchost.exe
HKLM-x32\...\Run: [] => [X]
Startup: C:\Users\Little Wonders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA Soccer 64.lnk [2015-03-13]
ShortcutTarget: FIFA Soccer 64.lnk -> C:\FRST\Quarantine\C\ProgramData\{2899c890-57cb-72e8-2899-9c89057c2241}\FIFA Soccer 64.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: DeEalExpraess -> {A2FF2181-79EC-4ADD-9193-CC53BA94E9BB} -> C:\Program Files (x86)\DeEalExpraess\6Vz6NArC6LzTZi.x64.dll [2015-08-12] ()
BHO-x32: DeEalExpraess -> {A2FF2181-79EC-4ADD-9193-CC53BA94E9BB} -> C:\Program Files (x86)\DeEalExpraess\6Vz6NArC6LzTZi.dll [2015-08-12] ()
FF SearchPlugin: C:\Users\Little Wonders\AppData\Roaming\Mozilla\Firefox\Profiles\fanljv6v.default\searchplugins\startnow.xml [2014-02-28]
FF Extension: No Name - C:\Users\Little Wonders\AppData\Roaming\Mozilla\Firefox\Profiles\fanljv6v.default\extensions\_qvxbkbnnuzqukzjj_i@frnhpojlbr_in.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
R2 24efcaa5; c:\Program Files (x86)\SystemLight\SystemLight.dll [2733056 2015-08-12] () [File not signed]
2015-08-12 10:18 - 2015-08-12 10:18 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-08-12 10:18 - 2015-08-12 10:18 - 00000000 ____D C:\Program Files (x86)\DeEalExpraess
2015-08-12 10:17 - 2015-08-12 10:18 - 00000000 ____D C:\ProgramData\3513037906374832000
2015-08-12 10:17 - 2015-08-12 10:17 - 00000000 ____D C:\Program Files (x86)\DeuaaloExprEEsse
2015-08-12 10:17 - 2015-08-12 10:17 - 00000000 ____D C:\Program Files (x86)\DEaalExpreess
2015-08-12 09:57 - 2015-08-12 09:57 - 00000000 ____D C:\Program Files (x86)\SystemLight
2015-08-10 15:33 - 2015-08-12 09:33 - 00000370 _____ C:\Windows\Tasks\ImageEnhance.job
2015-08-10 15:33 - 2015-08-10 15:33 - 00003300 _____ C:\Windows\System32\Tasks\ImageEnhance
Task: {12E94DB0-B70A-4B50-A7A1-26C280A3F598} - System32\Tasks\{00BA7C04-2930-4BA0-85D8-9C64416E6396} => pcalua.exe -a C:\Users\LITTLE~1\AppData\Local\Temp\F295A114\ChildcareManagerSetup.exe -d C:\Windows\SysWOW64 -c /embed"{F4AC2A05-BDC8-48BC-9962-A2766D6B8A18}" /hide_splash /hide_progress /runprerequisites"Help,Reports,ChildcareManager,ProgramFiles,Manual,NetworkServer" /l1033
Task: {2721C2CE-DA44-4A0F-BD21-9928294F2794} - System32\Tasks\{B1ED28FA-8139-42D6-AD80-BE820BFD604E} => pcalua.exe -a "C:\Users\Little Wonders\AppData\Local\Temp\Temp2_vista_prolific_chip_driver_for_serial_adapters.zip\Vista_Installer.exe"
Task: {3A29F414-D5EC-41D7-BE1F-F3F40B8A31BC} - System32\Tasks\{B5AB9C9D-5DF1-4D36-BC1A-6DA8FA87347F} => pcalua.exe -a "C:\Program Files (x86)\DiscountBomb\DiscountBomb.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {6B4697D6-2AB3-4189-B570-1DA4747F7B3D} - System32\Tasks\{EBD12ADD-9B7C-491A-94B3-2CFFC7CC35DE} => pcalua.exe -a "C:\Users\Little Wonders\Documents\Downloads\CCM-Server_Setup(V10.0.2905).exe" -d C:\Windows\SysWOW64 -c /embed"{ADC05057-2056-4B14-B859-E67CCB2EA230}" /hide_splash /hide_progress /runprerequisites"Help,Reports,ChildcareManager,ProgramFiles,Manual,NetworkServer" /l1033
Task: {7441EABB-1BE3-4601-B490-516A306BABF0} - System32\Tasks\{1796F9BB-E4C4-4DA4-8335-24DC731E4708} => pcalua.exe -a "C:\Users\Little Wonders\Desktop\USBSrDvr.exe" -d "C:\Users\Little Wonders\Desktop"
Task: {768F60AD-DB89-4776-A45B-279E797A150F} - System32\Tasks\{395F898C-0DAF-4DFA-AA08-E8F8BAB1DF30} => pcalua.exe -a C:\kc5\setup\setup.exe
Task: {7CE2A72D-BB2F-44ED-89CA-1F6D1E32A005} - System32\Tasks\{51B1EBD4-DD09-442F-B202-70DFD26090F7} => E:\ACMSETUP.EXE
Task: {9F3E6CA9-E64E-4969-8635-7EB5D7CB6D66} - System32\Tasks\{C56306F3-67B6-486D-B81F-0B8E937C7C99} => C:\Users\Little Wonders\Desktop\MDAC_TYP.EXE
Task: {CA28FE0A-8394-4928-9950-5D9710D93598} - System32\Tasks\{29639896-F900-4CCA-B787-6BC9FAE525A0} => E:\ACMSETUP.EXE
Task: {D37F3308-16E6-4800-9687-DB07E918E18C} - System32\Tasks\{6FE15A16-DF91-49D1-BCCE-E758CB864855} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall HOMESTUDENTR /dll OSETUP.DLL
Task: {D823F284-E68E-43F4-9D0F-249C61B92645} - System32\Tasks\ImageEnhance => c:\programdata\{fd02b9e2-a850-2b00-fd02-2b9e2a85e78a}\108573950245256588b.exe <==== ATTENTION
Task: {EF4F2429-35B8-44FE-A8BD-25995276C545} - System32\Tasks\{B1769513-4A93-4EFF-95C5-F720E95A94AC} => C:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exe [2011-03-11] (Personalized Software, Inc.)
Task: C:\Windows\Tasks\ImageEnhance.job => c:\programdata\{fd02b9e2-a850-2b00-fd02-2b9e2a85e78a}\108573950245256588b.exe <==== ATTENTION
C\ProgramData\{2899c890-57cb-72e8-2899-9c89057c2241}
C:\FRST\Quarantine\C\ProgramData\{2899c890-57cb-72e8-2899-9c89057c2241}
C:\Program Files (x86)\DeEalExpraess
c:\Program Files (x86)\SystemLight
C:\Program Files (x86)\DiscountBomb
c:\programdata\{fd02b9e2-a850-2b00-fd02-2b9e2a85e78a}
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

[REDACTED]

Before I do your next steps, I really don't care to keep chrome at all, and I don't believe I have a google sync account. I would remove it, but uninstalling whatever is left of it, I get this error: "There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor." I'm not trying to install it, but uninstall it.

[essexboy]

No problem I will manually remove it if you wish after

[REDACTED]

Okay then, I can skip the entire chrome step?

[essexboy]

Yes but do not start Chrome at all otherwise it may try to download something

[REDACTED]

Here is the new log.