Thanks for your reply.
I have read the guidelines suggested by you. They are really helpful and i wish that i could have seen this forum before trying AVAST cleanup.
My problem as i mentioned in my original post is that my computer is not allowing me to go beyond login screen. I login with my username and password and immediately after clicking OK the screen appears that your system is going to be logged off and i am again at the login screen. I tried it again and again and return to the login screen everytime.
So please guide me in this scenario, since i am unable to advance from login screen so i think i cannot now install anything to my computer because i cannot have any access to my desktop.
Please help.
Before using AVAST i ran scan through HijackThis and the log is as under:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:52:09, on 19/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\servises.exe
C:\WINDOWS\system32\runouce.exe
C:\WINDOWS\services.exe
C:\WINDOWS\system32\servises.exe
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\servises.exe
C:\ARQUIV~1\iGv6\sysbrand.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Ana\reader_s.exe
C:\WINDOWS\system32\servises.exe
C:\ARQUIV~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\Net.exe
C:\WINDOWS\system32\net1.exe
C:\WINDOWS\system32\Net.exe
C:\WINDOWS\system32\net1.exe
C:\WINDOWS\system32\Net.exe
C:\WINDOWS\system32\net1.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\Net.exe
C:\WINDOWS\system32\net1.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: &iG - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - C:\ARQUIV~1\iGv6\igshop.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &iG - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - C:\ARQUIV~1\iGv6\igshop.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [7928] C:\WINDOWS\system32\51.tmp.exe
O4 - HKLM\..\Run: [Runonce] C:\WINDOWS\system32\runouce.exe
O4 - HKLM\..\Run: [services] C:\WINDOWS\services.exe
O4 - HKLM\..\Run: [servises] C:\WINDOWS\system32\servises.exe
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKLM\..\Run: [ter8m] RUNDLL32.EXE C:\WINDOWS\system32\msxm192z.dll,w
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SysBrand] "C:\ARQUIV~1\iGv6\sysbrand.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\ARQUIV~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [OM_Monitor] C:\Arquivos de programas\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKCU\..\Run: [12CFG914-K641-26SF-N32P] C:\RECYCLER\S-1-5-21-0243336031-4052116379-881863308-0851\vse432.exe
O4 - HKCU\..\Run: [reader_s] C:\Documents and Settings\Ana\reader_s.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe -autorun
O4 - HKCU\..\Run: [servises] C:\WINDOWS\system32\servises.exe
O4 - HKLM\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe
O4 - HKCU\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe
O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [SysBrand] "C:\ARQUIV~1\iGv6\sysbrand.exe" (User '?')
O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [Yahoo! Pager] "C:\ARQUIV~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (User '?')
O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [OM_Monitor] C:\Arquivos de programas\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart (User '?')
O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe (User '?')
O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [12CFG914-K641-26SF-N32P] C:\RECYCLER\S-1-5-21-0243336031-4052116379-881863308-0851\vse432.exe (User '?')
O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [reader_s] C:\Documents and Settings\Ana\reader_s.exe (User '?')
O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [DAEMON Tools Lite] C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe -autorun (User '?')
O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?')
O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Barra do iG - {FD1672E0-AE0D-465B-B345-F7B0944A121D} - C:\ARQUIV~1\iGv6\igshop.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -
http://messenger.zone.msn.com/binary...r.cab56986.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} (ValidaUsuario Class) -
https://cpne.bradesco.com.br/certifexp.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary...t.cab56907.cabO23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe
O23 - Service: Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader (usnjsvc) - Unknown owner - C:\Arquivos de programas\MSN Messenger\usnsvc.exe (file missing)
--
End of file - 7841 byte
But as i ran Avast after that so i think the log definitely had been changed.