Virus Blocking Avast

[Sirconversation]

c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> No action taken.

[Sirconversation]

c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> No action taken.

[Sirconversation]

c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\application data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> No action taken.
c:\documents and settings\Work.Hm.Pc\local settings\Temp\cd15E3.tmp (Heuristics.Malware) -> No action taken.
C:\Program Files\Common\helper.sig (Trojan.Agent) -> No action taken.
C:\WINDOWS\SYSTEM32\DRIVERS\str.sys (Rootkit.Agent) -> No action taken.
C:\WINDOWS\bf23567.dat (Worm.KoobFace) -> No action taken.
c:\WINDOWS\0101120101465749.dat (Worm.KoobFace) -> No action taken.
c:\WINDOWS\0101120101465752.dat (Worm.KoobFace) -> No action taken.




I Have Since Taken the Suggested Option By Malwarebytes & Deleted/Quarantine  these FIles and Restarted the PC

The Same Issue with Launchin the Avast Splash Has Occurred !

[micky77]

Quickly run this program, it will take seconds http://filehippo.com/download_hijackthis/
Then post that first
Choose scan and save a log file, copy/paste the txt log. Then I would run MBAM quick scan again, should be lots quicker. Then run SAS and post both logs. I get the feeling, something is still lurking

[Sirconversation]

 Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:19:04 AM, on 7/15/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Downloads\avasthomeedition 4.6\download.application\aswUpdSv.exe
C:\Downloads\avasthomeedition 4.6\download.application\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\aol\ACS\acsd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Downloads\avasthomeedition 4.6\download.application\ashMaiSv.exe
C:\Downloads\avasthomeedition 4.6\download.application\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\DOWNLO~1\AVASTH~1.6\DOWNLO~1.APP\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\eFax Messenger 4.1\J2GDllCmd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\IE7-WindowsXP-x86-enu.exe
c:\6f9b93bb5472ded60bfb76c4564c7fa5\update\iesetup.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

[Sirconversation]

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bellsouth.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: My Web Search Bar BHO - {8EAB99C1-F9EC-4b64-A4BA-D9BCAE8779C2} - C:\Program Files\MyWebSearchWB\bar\1.bin\W6BAR.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll

[Sirconversation]

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [avast!] C:\DOWNLO~1\AVASTH~1.6\DOWNLO~1.APP\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [eFax 4.1] "C:\Program Files\eFax Messenger 4.1\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: eFax 4.1.lnk = C:\Program Files\eFax Messenger 4.1\J2GTray.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

[Sirconversation]

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab27571.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) - http://i.dell.com/images/global/js/scanner/SysProExe.cab
O16 - DPF: {40289096-9F72-4A04-BCB3-E434ECDCEE33} (AppDLCtrl Class) - http://download.howudodat.com/chatterbox/download/appdl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/en/filesharingctrl.cab
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://128.121.20.15:1995/talk.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures05.aim.com/ygp/aol/plugin/upf/AOLUPF.en-US-AIM.9.5.1.8.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab27571.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {EA7F451B-94DD-4009-A8BF-8F977B0B2696} - http://pbells.broadjump.com/wizlet/StandardInstall/static/controls/WebflowActiveXInstaller_4-2-0.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\aol\ACS\acsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Downloads\avasthomeedition 4.6\download.application\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Downloads\avasthomeedition 4.6\download.application\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Downloads\avasthomeedition 4.6\download.application\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Downloads\avasthomeedition 4.6\download.application\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 13657 bytes

[Sirconversation]

@micky77....... Thanks.... After the restart and i noticed the issue with the avast i started a thorough scan with Malwarebytes .......I will post the results when its complete and try sas as well

[DeliriousGA]

I'm having the same problem on one of our stations.  Microsoft turned off Avast! to do an update on this station then didn't turn it back on and the user had no idea it had happened (a good reason to have a password on Avast!...doh!)

When I try to start Avast! It begins a memory scan then the splash screen disappears and I have nothing.  I tried running the AshAvast.exe file from explorer and that's when I get the "access denied" warning.  Same thing with Spybot S&D.  I copied the AshAvast.exe to another drive from one of my other stations and it will run from the remote drive.

I'm using the list on this thread http://forum.avast.com/index.php?topic=37795.0 to try and get rid of it.  I'll post if this procedure gets rid of it and takes care of the problem.

[YoKenny]

@Sirconversation

Having a Quick Scan take 1 hour(s), 28 minute(s), 1 second(s) indicates a slow system.

What is the CPU type and speed and how much RAM does the system have?

@DeliriousGA
Please start you own topic by selecting NEW TOPIC in the viruses and worms area to have you situation handled individually as having two situations in one topic can become confusing.

[Sirconversation]

@YoKenny .......  Thanks


My System Information is the following :
OS Name   Microsoft Windows XP Home Edition
Version   5.1.2600 Service Pack 3 Build 2600
Processor   x86 Family 15 Model 2 Stepping 9 GenuineIntel ~2394 Mhz
SMBIOS Version   2.3
Hardware Abstraction Layer   Version = "5.1.2600.5512 (xpsp.080413-2111)"
Total Physical Memory   2,048.00 MB
Available Physical Memory   1.06 GB
Total Virtual Memory   2.00 GB
Available Virtual Memory   1.96 GB
Page File Space   2.23 GB



I Mentioned this in the Initial Posting.... Or Is there Something I'm Leaving out/or  Different System  Spec's you would need...

Processor Intel(R) Pentium(R) 4 CPU 2.40GHz
Processor Speed 2.34 GHz
Memory (RAM) 2048 MB
Operating System Microsoft Windows XP Home Edition
Operating System Version 5.1.2600

Does this help Posting it in a Different format ?
 

I just completed the Thorough scan and that took

 Objects scanned: 410993
Time elapsed: 3 hour(s), 54 minute(s), 42 second(s)  Using  Malwarebytes 

[Sirconversation]

@DeliriousGA  Thanks and hope this post helps or yours with mines...
I wasnt concerned with locking avast with a password   due to the computer status and usage..  Appreciate the input & tips

[DeliriousGA]

Doing everything on that list did get rid of the viruses, but Avast is still locked out with the "Access denied" message you're getting.

After 6 hours of wasted time trying to get rid of the problem I've decided to just format and start from scratch.

[Lisandro]