avast crash flash- now log reports here

I am not sure I can find all the reports but will do my best. It seems the last program found something.

Not sure if I was to do them all but I did :slight_smile:

Having trouble finding them as this is a new system unlike the one I am use to so they may be out of order as I find them.

RogueKiller V8.2.3 [11/07/2012] by Tigzy
mail: tigzyRKgmailcom
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : mine [Admin rights]
Mode : Scan – Date : 11/09/2012 16:55:26

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] GoogleCrashHandler64.exe – C:\Users\mine\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe → KILLED [TermProc]

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ SMENU] HKCU[…]\Advanced : Start_TrackProgs (0) → FOUND
[HJ DESK] HKLM[…]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) → FOUND
[HJ DESK] HKLM[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) → FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
→ C:\windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6476GSXN +++++
— User —
[MBR] 36eab5a6644e6a8447a0d7baffc56cfd
[BSP] fedc857b4861f5c67fb8d75a9e84f154 : Windows Vista MBR Code

FSS
Farbar Service Scanner Version: 09-11-2012
Ran by mine (administrator) on 09-11-2012 at 16:57:06
Running from “C:\Users\mine\Downloads”
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal


Internet Services:

Connection Status:

Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:

Firewall Disabled Policy:

System Restore:

System Restore Disabled Policy:

AdwCleaner v2.007 - Logfile created 11/09/2012 at 14:34:50

Updated 06/11/2012 by Xplode

Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

User : mine - MINE-PC

Boot Mode : Normal

Running from : C:\Users\mine\Downloads\adwcleaner.exe

Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\Partner

***** [Registry] *****

***** [Internet Browsers] *****

-\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\ Google Chrome v23.0.1271.64

File : C:\Users\mine\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.


AdwCleaner[R1].txt - [693 octets] - [09/11/2012 14:34:50]

########## EOF - C:\AdwCleaner[R1].txt - [752 octets] ##########

AdwCleaner v2.007 - Logfile created 11/09/2012 at 14:35:49

Updated 06/11/2012 by Xplode

Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

User : mine - MINE-PC

Boot Mode : Normal

Running from : C:\Users\mine\Downloads\adwcleaner.exe

Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\Partner

***** [Registry] *****

***** [Internet Browsers] *****

-\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\ Google Chrome v23.0.1271.64

File : C:\Users\mine\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.


AdwCleaner[R1].txt - [820 octets] - [09/11/2012 14:34:50]
AdwCleaner[R2].txt - [752 octets] - [09/11/2012 14:35:49]

########## EOF - C:\AdwCleaner[R2].txt - [811 octets] ##########

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.09.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
mine :: MINE-PC [administrator]

Protection: Enabled

11/9/2012 2:55:51 PM
mbam-log-2012-11-09 (14-55-51).txt

Scan type: Full scan (C:|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 283787
Time elapsed: 16 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

OTL logfile created on: 11/9/2012 3:48:49 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mine\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.95 Gb Total Physical Memory | 3.93 Gb Available Physical Memory | 66.12% Memory free
11.90 Gb Paging File | 9.70 Gb Available in Paging File | 81.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 585.46 Gb Total Space | 550.54 Gb Free Space | 94.03% Space Free | Partition Type: NTFS

Computer Name: MINE-PC | User Name: mine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/09 15:45:09 | 000,602,112 | ---- | M] (OldTimer Tools) – C:\Users\mine\Downloads\OTL.exe
PRC - [2012/10/30 15:50:59 | 004,297,136 | ---- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/09/29 19:54:26 | 000,981,656 | ---- | M] (Malwarebytes Corporation) – C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbam.exe
PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) – C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamgui.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) – C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) – C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamscheduler.exe
PRC - [2012/09/24 18:21:18 | 000,212,432 | ---- | M] (Google Inc.) – C:\Users\mine\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2011/02/01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/12/03 13:57:16 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) – C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/07/28 19:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) – C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/03/10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) – C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

I ran out of space …

========== Modules (No Company Name) ==========

MOD - [2012/10/31 14:15:05 | 000,460,312 | ---- | M] () – C:\Users\mine\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll
MOD - [2012/10/31 14:15:02 | 004,007,448 | ---- | M] () – C:\Users\mine\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll
MOD - [2012/10/31 14:13:47 | 000,587,288 | ---- | M] () – C:\Users\mine\AppData\Local\Google\Chrome\Application\23.0.1271.64\libglesv2.dll
MOD - [2012/10/31 14:13:46 | 000,123,928 | ---- | M] () – C:\Users\mine\AppData\Local\Google\Chrome\Application\23.0.1271.64\libegl.dll
MOD - [2012/10/31 14:13:35 | 000,156,712 | ---- | M] () – C:\Users\mine\AppData\Local\Google\Chrome\Application\23.0.1271.64\avutil-51.dll
MOD - [2012/10/31 14:13:34 | 000,274,984 | ---- | M] () – C:\Users\mine\AppData\Local\Google\Chrome\Application\23.0.1271.64\avformat-54.dll
MOD - [2012/10/31 14:13:32 | 002,168,360 | ---- | M] () – C:\Users\mine\AppData\Local\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] – C:\Program Files\AVAST Software\Avast\AvastSvc.exe – (avast! Antivirus)
SRV:64bit: - [2010/12/09 16:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] – C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe – (TosCoSrv)
SRV:64bit: - [2010/12/08 14:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] – C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe – (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/07/28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] – C:\Windows\SysNative\TODDSrv.exe – (TODDSrv)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] – C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamservice.exe – (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] – C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamscheduler.exe – (MBAMScheduler)
SRV - [2011/02/01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe – (UNS)
SRV - [2011/02/01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe – (LMS)
SRV - [2010/11/29 13:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] – C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe – (TMachInfo)
SRV - [2010/01/28 15:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] – C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe – (cfWiMAXService)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe – (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] – C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe – (ConfigFree Service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/30 15:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\windows\SysNative\drivers\aswTdi.sys – (aswTdi)
DRV:64bit: - [2012/10/30 15:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] – C:\windows\SysNative\drivers\aswSnx.sys – (aswSnx)
DRV:64bit: - [2012/10/30 15:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\windows\SysNative\drivers\aswSP.sys – (aswSP)
DRV:64bit: - [2012/10/30 15:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\aswMonFlt.sys – (aswMonFlt)
DRV:64bit: - [2012/10/30 15:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] – C:\windows\SysNative\drivers\aswFsBlk.sys – (aswFsBlk)
DRV:64bit: - [2012/10/15 08:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\SysNative\drivers\aswRdr2.sys – (aswRdr)
DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] – C:\Windows\SysNative\drivers\mbam.sys – (MBAMProtector)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] – C:\windows\SysNative\drivers\fs_rec.sys – (Fs_Rec)
DRV:64bit: - [2011/04/04 19:10:14 | 012,262,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\igdkmd64.sys – (igfx)
DRV:64bit: - [2011/02/14 11:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\CHDRT64.sys – (CnxtHdAudService)
DRV:64bit: - [2011/02/09 10:29:08 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\L1C62x64.sys – (L1C)
DRV:64bit: - [2011/02/08 18:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\PGEffect.sys – (PGEffect)
DRV:64bit: - [2011/01/05 00:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\rtl8192ce.sys – (RTL8192Ce)
DRV:64bit: - [2010/11/20 19:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbFlt.sys – (TsUsbFlt)
DRV:64bit: - [2010/11/20 19:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsata.sys – (amdsata)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\HpSAMD.sys – (HpSAMD)
DRV:64bit: - [2010/11/20 19:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbGD.sys – (TsUsbGD)
DRV:64bit: - [2010/11/20 19:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\amdxata.sys – (amdxata)
DRV:64bit: - [2010/11/05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\iaStor.sys – (iaStor)
DRV:64bit: - [2010/10/19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\HECIx64.sys – (MEIx64)
DRV:64bit: - [2010/10/08 10:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\RtsUStor.sys – (RSUSBSTOR)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\fssfltr.sys – (fssfltr)
DRV:64bit: - [2010/03/10 17:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\SynTP.sys – (SynTP)
DRV:64bit: - [2009/07/30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\tdcmdpst.sys – (tdcmdpst)
DRV:64bit: - [2009/07/14 14:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\TVALZ_O.SYS – (TVALZ)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsbs.sys – (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\lsi_sas2.sys – (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\stexstor.sys – (stexstor)
DRV:64bit: - [2009/07/07 07:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\FwLnk.sys – (FwLnk)
DRV:64bit: - [2009/06/24 14:36:48 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\tos_sps64.sys – (tos_sps64)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\evbda.sys – (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\bxvbda.sys – (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\b57nd60a.sys – (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hcw85cir.sys – (hcw85cir)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysWOW64\drivers\wimmount.sys – (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-09 16:40:15

16:40:15.996 OS Version: Windows x64 6.1.7601 Service Pack 1
16:40:15.996 Number of processors: 4 586 0x2A07
16:40:15.996 ComputerName: MINE-PC UserName: mine
16:40:17.977 Initialize success
16:40:18.492 AVAST engine defs: 12110900
16:40:28.476 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\Ide\IAAStorageDevice-1
16:40:28.491 Disk 0 Vendor: TOSHIBA_ GB00 Size: 610480MB BusType: 3
16:40:28.507 Disk 0 MBR read successfully
16:40:28.523 Disk 0 MBR scan
16:40:28.523 Disk 0 Windows VISTA default MBR code
16:40:28.538 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
16:40:28.569 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 599511 MB offset 3074048
16:40:28.601 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 9468 MB offset 1230872576
16:40:28.663 Disk 0 scanning C:\windows\system32\drivers
16:40:34.669 Service scanning
16:41:14.571 Modules scanning
16:41:14.587 Disk 0 trace - called modules:
16:41:14.633 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
16:41:14.649 1 nt!IofCallDriver → \Device\Harddisk0\DR0[0xfffffa800811d060]
16:41:14.649 3 CLASSPNP.SYS[fffff88001b9343f] → nt!IofCallDriver → \Device\Ide\IAAStorageDevice-1[0xfffffa8006e93050]
16:41:16.115 AVAST engine scan C:\windows
16:41:19.157 AVAST engine scan C:\windows\system32
16:41:51.028 Disk 0 MBR has been saved successfully to “C:\Users\mine\Desktop\Logs\MBR.dat”
16:41:51.028 The log file has been saved successfully to “C:\Users\mine\Desktop\Logs\aswMBR.txt”

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-09 16:40:15

16:40:15.996 OS Version: Windows x64 6.1.7601 Service Pack 1
16:40:15.996 Number of processors: 4 586 0x2A07
16:40:15.996 ComputerName: MINE-PC UserName: mine

Ok I think that is it.

Rogue Killer is still open it has a button to click to fix host fix proxy fix dns
should I do this?

The last flash from Avast before the crash flash was something about the gov’t shadowing computers for a long time now… maybe part of the virus… for all I know.

Hi sandy55,

Please do not run programs on you own such as RogueKiller as these are programs that, if used improperly, can damage your system more than it already is! So the answer as to what to do with RogueKiller is, …nothing. Just attach the log and do nothing else.

Follow this guide and attach all logs produced from these four programs: AdwCleaner, Malwarebytes, OTL, and aswMBR.exe. Must stress to not try to fix anything here: we have several malware experts for that, and each does know what they are doing.

http://forum.avast.com/index.php?topic=53253.0

Attaching will save you enormous time as you do not have to copy/paste each log produced.

Once these logs from only these four programs are attached, someone is certain to contact a malware expert for you to have one of them look at your logs.

EDIT: Sorry, logs were posted as runons, did not see all of them, my mistake. To attach click the “Attachments and other options” link below the text box you are replying in; click browse to find your log, highlight it, and click ‘Save’. Your log is now attached.

giving this a try…
I hope I am not hindering your work by doing this wrong.
I am not use to working with Windows 7 or notepad. Have been typing in the name of the program and trying to add text.
When I look at the OTL file accessed from start search I see a few different text files and a file that says moved folders which you would not be able to see on your end… I have no clue what is important to you.
I have attached some files in the way you suggested some are repeats but I think a few small things are new they may be what you need. I will take another look at this as I think I am not finished but my brain has gone on vacation with overload.

The firewall in Avast is working now am I to take this as a sign my computer is ok now?
I am going to do a boot scan while my brain takes a vacation from this.

hi,

No, not hindering the work here at all. It is easier to view the logs when they are attached, is all. When attached, the complete log is there also, whereas it is possible to omit an important part using copy/paste function, so…

A malware expert will be along in a bit. Please be patient. Do not worry, they are certified malware experts; they also volunteer their time here, so due to possible time zone differences, it may be a bit before one of them analyses your logs, and steps into your thread.

Good job so far.

Hi logs look good, what problems are you experiencing ?

I had a message saying avast had crashed and the firewall would not turn on. I think this was the first post I made in general before I was directed here. I am hoping maybe it is ok as I have been using it. From what you can see it is ok now. I was using the free version when the message from Avast popped up in the lower r corner I am now using a free trial of what I think is pro but don’t quote that as I am not sure what it is called now.

Are you experiencing any problems now ?

Not that I can tell but I am not very good at this. I did not have any problems before the flash message from Avast stating Avast had crashed so who knows the computer slowed down about a month ago for no apparent reason but was still faster than my old one. I am not sure what to look for I am hoping if there is nothing outrageous going on that it is ok am I right or not?

I can see nothing untoward on the computer, though I can dig deeper if you wish

I would not want you to waste your time as I said I really can’t see anything wrong but then again I did not see any problems when the message of avast crashing popped up either. I think you should use your own judgement as you likely know better then I if this would be a good use of your time.

In all probability it was coincidental with Avast blocking the malware and then crashing

However, it is always better to be safe than sorry

I will do a slightly deeper check

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

  • IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

  1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
  2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
  3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

how do I turn off avast antispyware and antivirus…?
all I have been able to do is stop the firewall.
I do not feel ok to run with it on as it says do at your own risk that usually means trouble for me.
and unchecked some boxes in choices of how to view scans ect.

Accept the warning but do not allow Avast to block or quarantine any files whilst combofix is running

I do not know how to stop avast from doing anything… except the firewall.
I have no system tray for avast that I can find.
On my old computer when I had avast I could shut it down via a tool bar on desk top.
My old computer was windows xp this one is windows 7 could this difference be the
reason I do not have the icon in the same place as before?
I do not know how to get to the next step of controlling avast…

As I recall the button was blue…I don’t have it.