Avast Not working

I was downstairs watching tv when I heard the “Warning virus detected” alarm. When I came upstairs to see what the problem was, there was a new program on my computer with an icon.

The new program was supposed to be another virus removal/protection program. I tried opening Avast through the desktop shortcut but it didn’t work. I then tried to do it through the desktop tray icon and realized its not there. Then I went through my computer to open it and couldn’t open it again.

I figured this new program was blocking AVAST. So I went into Add/delete programs and located it. For some reason I can’t think of what its name was now but it started with and S and i think the icon had a picture of a lion and a deadbolt lock. It was a program 8 megs big and last used May 1st (I never heard of or used it). So, I deleted it without a problem.

Now, I still can’t access AVAST. I tried downloading the virus sweeper or whatever its called and re-downloading AVAST 4 without success. Everything else on my computer seems to be working fine.

Anyone have any suggestions/help??? ??? ???

Can you try to repair your installation?
Go to Control Panel > Add/Remove programs > avast! antivirus > Remove
Then choose Repair function in the popup window (Repair).
You must be connected to the internet while repairing.

Nope when I try to hit the remove/delete button in the add/remove programs list, it flashes but doesn’t do anything.

try repairing avast or uninstall/reinstall in SafeMode (F8-Boot)
you need to login as Administrator or admin-user of course…

otherwise, work through the link “VirusRemoval” below in my sig. and then post here a hijackthis-Log for diagnosis

:wink:

Logfile of HijackThis v1.99.1
Scan saved at 10:28:42 PM, on 5/1/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\init32m.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\RUNDLL32.exe
C:\WINDOWS\sys5638.exe
C:\Program Files\aim\aim.exe
C:\windows\pptuggf.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Douglas Miller\Local Settings\Temporary Internet Files\Content.IE5\PUBTR4WY\HijackThis1991[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://w-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w-find.com/index.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://w-find.com/index.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
F2 - REG:system.ini: Shell=Explorer.exe init32m.exe
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program

Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat

5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0AD937E7-2F37-4873-A05E-548A67EF1D0E} - (no file)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: BRedObj Class - {63CF97E8-4133-438a-A831-CC9C6D47D673} - c:\Program Files\Reg2\Reg2.dll (file missing)
O2 - BHO: (no name) - {665ACD90-4541-4836-9FE4-062386BB8F05} - (no file)
O2 - BHO: BRedObj Class - {7371F073-AC0F-4b80-BB2F-96A488CEFB32} - c:\Program Files\Xmod\xm320.dll (file missing)
O2 - BHO: Flash Enhancer - {7CD20E91-1F31-41da-8379-479EA31DF969} - c:\Program Files\XML\XML.dll (file missing)
O2 - BHO: FlashEnhancer Extnder - {A749B4BC-7621-4a80-9220-D0A283367DD5} - c:\Program Files\Fln\fln.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM..\Run: [IPInSightLAN 01] “C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe” -l
O4 - HKLM..\Run: [IPInSightMonitor 01] “C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe”
O4 - HKLM..\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM..\Run: [WebSavingsfromEbates] wjview /cp:p “C:\Program Files\WebSavingsfromEbates\System\Code” Main lp:

“C:\Program Files\WebSavingsfromEbates”
O4 - HKLM..\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM..\Run: [scvhost.exe] scvhost.exe
O4 - HKLM..\Run: [Microsoft Update] Microsoft.exe
O4 - HKLM..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program

Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM..\Run: [DI2] “C:\DOCUME~1\DOUGLA~1\LOCALS~1\Temp\27.exe\27.exe”
O4 - HKLM..\RunServices: [scvhost.exe] scvhost.exe
O4 - HKLM..\RunServices: [Microsoft Update] Microsoft.exe
O4 - HKCU..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU..\Run: [AIM] C:\Program Files\aim\aim.exe -cnetwait.odl
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU..\Run: [hpwriuv] c:\windows\pptuggf.exe
O4 - HKCU..\Run: [sys5638] C:\WINDOWS\sys5638.exe
O4 - HKCU..\Run: [nlwbdjn] c:\windows\toqevvb.exe
O4 - HKCU..\Run: [aioocev] c:\windows\toqevvb.exe
O4 - HKCU..\Run: [jugdrgy] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [srxiujx] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [ldkfexj] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [eoadxdj] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [qxtsycu] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [ecnaiur] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [furgtoo] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [bxoipxf] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [syelacf] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [cwgkpqq] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [ynadnbj] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [dumewbj] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [ayweyto] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [jberqin] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [vsfrygk] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [tmqpqes] c:\windows\dgfdekx.exe
O4 - HKCU..\Run: [lrsffne] c:\windows\dgfdekx.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: Verizon Online Dialer.lnk = C:\Program Files\Common Files\Verizon Online\ConnMgr\Verizon Online.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\matcli.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Web Savings - file://C:\Program

Files\WebSavingsfromEbates\System\Temp\ebateswebsavings_script0.htm
O9 - Extra button: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Verizon

Online Control Pad\VerizonControlPad.Exe
O9 - Extra ‘Tools’ menuitem: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon

Online\Verizon Online Control Pad\VerizonControlPad.Exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft

Money\System\mnyside.dll
O9 - Extra button: Microsoft AntiSpyware helper - {AA8588A4-F275-4745-B2ED-0105A99DDAA0} - (no file) (HKCU)
O9 - Extra ‘Tools’ menuitem: Microsoft AntiSpyware helper - {AA8588A4-F275-4745-B2ED-0105A99DDAA0} - (no file) (HKCU)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} -

C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

http://by102fd.bay102.hotmail.msn.com/resources/MsnPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip..{7FF42BC1-C61E-4FA3-A82F-576E7B1AA544}: NameServer = 199.45.32.43

199.45.32.38
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

You need to resolve many issues, however, many will be back if you don’t update those programs mentioned as old versions and install a firewall.

Confirm that the items listed are correct such as the version entries, although there are only a few 04 entries listed, I believe more are suspect, especially dgfdekx.exe.

I suggest you also get a second opinion of your Hijackthis log file here http://hijackthis.de/index.php before fixing entries. Once you have updated windows and IE run HJT again and use the on-line analysis again and get back to us if you have questions about the analysis.

Extract from Eddy’s HJT analyser:
Old version of Internet Explorer detected, please update.
Your Operating System is not up-to-date. (Latest service pack not installed)
No software firewall detected. If you are not using a
hardware firewall, it is highly recommended to install one.


GENERAL INFORMATION :

Use www.google.com to find out more on items not listed here or if you have doubts.

In addition to this application, you can also analyse the original HijackThis log online at: http://hijackthis.de


THESE ITEMS ARE EITHER HARMFUL OR A SECURITY RISK WE STRONGLY RECOMMEND TO FIX THEM :

\progra~1\verizo~1\suppor~1\smartb~1\motivesb.exe
\program files\verizon online\visual ip insight\ipclient.exe
\program files\verizon online\visual ip insight\ipmon32.exe
\program files\viewpoint\viewpoint manager\viewmgr.exe
\program files\verizon online\visual ip insight\ipclient.exe
\program files\aws\weatherbug\weather.exe
r1 - hklm\software\microsoft\internet explorer\main
r0 - hklm\software\microsoft\internet explorer\search
r1 - hkcu\software\microsoft\internet explorer\searchurl
o2 - bho: (no name) - {0ad937e7-2f37-4873-a05e-548a67ef1d0e} - (no file)
o2 - bho: bredobj class - {63cf97e8-4133-438a-a831-cc9c6d47d673} - c:\program files\reg2\reg2.dll (file missing)
o2 - bho: (no name) - {665acd90-4541-4836-9fe4-062386bb8f05} - (no file)
o2 - bho: bredobj class - {7371f073-ac0f-4b80-bb2f-96a488cefb32} - c:\program files\xmod\xm320.dll (file missing)
o2 - bho: flash enhancer - {7cd20e91-1f31-41da-8379-479ea31df969} - c:\program files\xml\xml.dll (file missing)
o2 - bho: (no name) - {fdd3b846-8d59-4ffb-8758-209b6ad74acc} - (no file)
o4 - hklm..\run: [motive smartbridge] c:\progra~1\verizo~1\suppor~1\smartb~1\motivesb.exe
o4 - hklm..\run: [ipinsightlan 01] “c:\program files\verizon online\visual ip insight\ipclient.exe” -l
o4 - hklm..\run: [ipinsightmonitor 01] “c:\program files\verizon online\visual ip insight\ipmon32.exe”
o4 - hklm..\run: [viewmgr] c:\program files\viewpoint\viewpoint manager\viewmgr.exe
cdaenginemain
o4 - hkcu..\run: [weather] c:\program files\aws\weatherbug\weather.exe 1
o4 - global startup: verizon online support center.lnk = c:\program files\verizon online\supportcenter\bin\matcli.exe
o9 - extra button: related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\windows\web\related.htm
o9 - extra ‘tools’ menuitem: show &related links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\windows\web\related.htm
o9 - extra button: (no name) - {cd67f990-d8e9-11d2-98fe-00c0f0318afe} - (no file)
o9 - extra button: microsoft antispyware helper - {aa8588a4-f275-4745-b2ed-0105a99ddaa0} - (no file) (hkcu)
o9 - extra ‘tools’ menuitem: microsoft antispyware helper - {aa8588a4-f275-4745-b2ed-0105a99ddaa0} - (no file) (hkcu)
o16 - dpf: {4f1e5b1a-2a80-42ca-8532-2d05cb959537} (msn photo upload tool) -