Hi Again DavidR,
I installed Malwarebytes' under safemode and ran a full scan and it turned up the following:
Malwarebytes' Anti-Malware 1.24
Database version: 1012
Windows 6.0.6001 Service Pack 1
10:29:39 03/08/2008
mbam-log-8-3-2008 (10-29-39).txt
Scan type: Full Scan (C:\|)
Objects scanned: 168263
Time elapsed: 38 minute(s), 51 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I allowed Malwarebytes' to remove whatever it found. I then proceeded to install SUPERantispyware as you instructed and run a scan but it only found a number (admittedly large number; 33) of tracking cookies which again I allowed SUPERantispyware to delete. The log file follows:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 08/03/2008 at 02:40 PM
Application Version : 4.15.1000
Core Rules Database Version : 3524
Trace Rules Database Version: 1514
Scan type : Complete Scan
Total Scan Time : 01:14:37
Memory items scanned : 720
Memory threats detected : 0
Registry items scanned : 9573
Registry threats detected : 0
File items scanned : 43953
File threats detected : 33
Adware.Tracking Cookie
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@atdmt[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@www.burstnet[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@mediaplex[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@bluestreak[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@atoc.112.2o7[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@ad.yieldmanager[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@burstnet[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@sonyeurope.112.2o7[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@imrworldwide[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@serving-sys[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@tribalfusion[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@zedo[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@ads.revsci[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@bs.serving-sys[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@tacoda[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@www.burstbeacon[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@advertising[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@82.98.235[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@www.googleadservices[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@apmebf[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@fastclick[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@doubleclick[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@adtech[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@collective-media[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\ch2lah@www.usenext[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\Low\ch2lah@ads.sun[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\Low\ch2lah@apmebf[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\Low\ch2lah@ehg-avanquest.hitbox[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\Low\ch2lah@hitbox[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\Low\ch2lah@kontera[2].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\Low\ch2lah@media.adrevolver[3].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\Low\ch2lah@mediaplex[1].txt
C:\Users\ch2lah\AppData\Roaming\Microsoft\Windows\Cookies\Low\ch2lah@statse.webtrendslive[1].txt
Neither of these actions seemed to have rectified anything with regards to the original permissions error or the blocking of Avast! at start up.
I had a hunch that the start up issue might have something to do with Vista UAC (in spite of the fact that I had previously verified it as having been deactivated). Thus I manually reactivated UAC, rebooted, deactivated UAC and rebooted again. This seems to have resolved the start up issue however it hasn't rectified the original issue; I still receive permission errors when attempted to update or view the log file via the system tray.
I haven't yet tried a clean install of COMODO Firewall, I'll give that a go sometime during the week. I was however wondering whether there was any way to completely purge/reset COMODOs settings, I figure it might be worth trying that first if possible. Please note I've already deleted the COMODO configuration file and set COMODO to training mode (although it's not as nagish as I expected it to be which concerns me). I am sceptical as to whether COMODO is the issue here, the issues with UAC and Avast! suggest to me that there might be a wider issue with permissions in relation with Avast! but then again I'm no expert and I wouldn't have the first clue where to start diagnosing such a monumental balls up in Vista.
Oh and I'm not sure whether I mentioned this earlier but Outlook 2007 keeps crashing at random intervals. I've checked the event log and the crashes has all thus far been attributed to ntdll.dll which points to an conflicting plugin. I think this may be due to the Avast Outlook OAP provider, although this is only based on a few hours with the plugin disabled so I can't be certain. Anyhow I just thought I mention that as it might be a clue of sorts.
Kindest Regards,
Nubey.
P.S. Oh and thanks everybody for all the assistance!
P.P.S. Is it wise to have Malwarebytes' running while Avast! is installed and running? Will they conflict?