avast crash flash- now log reports here

If Avast tries to stop or block anything a popup will appear select no action on it

This is a copy paste
2012-11-18 14:00:47 . 2012-11-18 14:00:47 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TosReelTimeMonitor.reg.dat
2012-11-18 14:00:46 . 2012-11-18 14:00:46 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SynTPEnh.reg.dat
2012-11-18 14:00:46 . 2012-11-18 14:00:46 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TCrdMain.reg.dat
2012-11-18 14:00:46 . 2012-11-18 14:00:46 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TPwrMain.reg.dat
2012-11-18 14:00:46 . 2012-11-18 14:00:46 92 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-Locked.reg.dat
2012-11-18 14:00:30 . 2012-11-18 14:00:30 104 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-Toolbar-Locked.reg.dat
2012-11-18 13:58:29 . 2012-11-18 13:58:29 6,198 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2012-11-18 13:54:14 . 2012-11-18 13:54:16 51 ----a-w- C:\Qoobox\Quarantine\catchme.log

think I MAY have attached it using the attach button below just in case the above is not complete…now is this the only file from combo fix that is needed?

ComboFix 12-11-16.02 - mine 11/18/2012 5:55.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.4476 [GMT -8:00]
Running from: c:\users\mine\Downloads\ComboFix.exe
AV: avast! Antivirus Enabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus Enabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

  • Created a new restore point
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-10-18 to 2012-11-18 )))))))))))))))))))))))))))))))
    .
    .
    2012-11-18 13:59 . 2012-11-18 13:59 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-11-16 20:15 . 2012-10-17 09:31 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates{F8BC4461-57B4-49C4-A210-32FD600FE594}\mpengine.dll
    2012-11-15 20:51 . 2012-10-08 12:19 17811968 ----a-w- c:\windows\system32\mshtml.dll
    2012-11-15 20:51 . 2012-10-08 11:42 10925568 ----a-w- c:\windows\system32\ieframe.dll
    2012-11-14 21:01 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys
    2012-11-14 21:00 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
    2012-11-14 21:00 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
    2012-11-10 06:18 . 2012-10-30 23:51 132864 ----a-w- c:\windows\system32\drivers\aswFW.sys
    2012-11-10 06:18 . 2012-10-30 23:51 262656 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
    2012-11-10 06:18 . 2012-10-30 23:51 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
    2012-11-10 06:18 . 2012-09-21 09:26 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
    2012-11-10 00:28 . 2012-11-10 00:28 -------- d-----w- C:_OTL
    2012-11-09 22:55 . 2012-11-09 22:55 -------- d-----w- c:\users\mine\AppData\Roaming\Malwarebytes
    2012-11-09 22:54 . 2012-11-09 22:54 -------- d-----w- c:\programdata\Malwarebytes
    2012-11-09 22:54 . 2012-11-09 22:55 -------- d-----w- c:\program files (x86)\Malwarebytes’ Anti-Malware
    2012-11-09 22:54 . 2012-09-30 03:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-11-04 07:36 . 2012-11-04 07:36 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
    2012-11-04 07:36 . 2012-11-04 07:36 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2012-11-04 07:36 . 2012-11-04 07:36 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2012-11-04 07:36 . 2012-11-04 07:36 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2012-11-04 06:29 . 2012-11-04 06:49 -------- d-----w- c:\users\mine\2012-11-03
    2012-11-03 03:12 . 2012-11-15 20:50 66395536 ----a-w- c:\windows\system32\MRT.exe
    2012-10-30 19:41 . 2012-11-03 03:26 -------- d-----w- c:\users\mine\AppData\Local\ElevatedDiagnostics
    2012-10-29 00:49 . 2012-10-30 23:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2012-10-29 00:49 . 2012-10-30 23:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2012-10-29 00:49 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
    2012-10-29 00:49 . 2012-10-30 23:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2012-10-29 00:49 . 2012-10-30 23:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-10-29 00:49 . 2012-10-30 23:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2012-10-29 00:49 . 2012-10-30 23:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
    2012-10-29 00:49 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
    2012-10-29 00:49 . 2012-10-30 23:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
    2012-10-29 00:49 . 2012-10-29 00:49 -------- d-----w- c:\programdata\AVAST Software
    2012-10-29 00:49 . 2012-10-29 00:49 -------- d-----w- c:\program files\AVAST Software
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-09-18 17:39 . 2010-06-24 18:33 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2012-09-18 17:21 . 2012-09-18 17:21 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2012-09-18 17:21 . 2012-09-18 17:21 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2012-09-18 17:21 . 2012-09-18 17:21 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2012-09-18 17:21 . 2012-09-18 17:21 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
    2012-09-18 17:21 . 2012-09-18 17:21 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
    2012-09-18 17:21 . 2012-09-18 17:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
    2012-09-18 17:21 . 2012-09-18 17:21 367104 ----a-w- c:\windows\SysWow64\html.iec
    2012-09-18 17:21 . 2012-09-18 17:21 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
    2012-09-18 17:21 . 2012-09-18 17:21 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2012-09-18 17:21 . 2012-09-18 17:21 161792 ----a-w- c:\windows\SysWow64\msls31.dll
    2012-09-18 17:21 . 2012-09-18 17:21 152064 ----a-w- c:\windows\SysWow64\wextract.exe
    2012-09-18 17:21 . 2012-09-18 17:21 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
    2012-09-18 17:21 . 2012-09-18 17:21 11776 ----a-w- c:\windows\SysWow64\mshta.exe
    2012-09-18 17:21 . 2012-09-18 17:21 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
    2012-09-18 17:21 . 2012-09-18 17:21 101888 ----a-w- c:\windows\SysWow64\admparse.dll
    2012-09-18 17:21 . 2012-09-18 17:21 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2012-09-18 17:21 . 2012-09-18 17:21 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2012-09-18 17:21 . 2012-09-18 17:21 89088 ----a-w- c:\windows\system32\ie4uinit.exe
    2012-09-18 17:21 . 2012-09-18 17:21 85504 ----a-w- c:\windows\system32\iesetup.dll
    2012-09-18 17:21 . 2012-09-18 17:21 82432 ----a-w- c:\windows\system32\icardie.dll
    2012-09-18 17:21 . 2012-09-18 17:21 76800 ----a-w- c:\windows\system32\tdc.ocx
    2012-09-18 17:21 . 2012-09-18 17:21 65024 ----a-w- c:\windows\system32\pngfilt.dll
    2012-09-18 17:21 . 2012-09-18 17:21 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
    2012-09-18 17:21 . 2012-09-18 17:21 534528 ----a-w- c:\windows\system32\ieapfltr.dll
    2012-09-18 17:21 . 2012-09-18 17:21 49664 ----a-w- c:\windows\system32\imgutil.dll
    2012-09-18 17:21 . 2012-09-18 17:21 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2012-09-18 17:21 . 2012-09-18 17:21 452608 ----a-w- c:\windows\system32\dxtmsft.dll
    2012-09-18 17:21 . 2012-09-18 17:21 448512 ----a-w- c:\windows\system32\html.iec
    2012-09-18 17:21 . 2012-09-18 17:21 403248 ----a-w- c:\windows\system32\iedkcs32.dll
    2012-09-18 17:21 . 2012-09-18 17:21 39936 ----a-w- c:\windows\system32\iernonce.dll
    2012-09-18 17:21 . 2012-09-18 17:21 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
    2012-09-18 17:21 . 2012-09-18 17:21 30720 ----a-w- c:\windows\system32\licmgr10.dll
    2012-09-18 17:21 . 2012-09-18 17:21 282112 ----a-w- c:\windows\system32\dxtrans.dll
    2012-09-18 17:21 . 2012-09-18 17:21 267776 ----a-w- c:\windows\system32\ieaksie.dll
    2012-09-18 17:21 . 2012-09-18 17:21 249344 ----a-w- c:\windows\system32\webcheck.dll
    2012-09-18 17:21 . 2012-09-18 17:21 222208 ----a-w- c:\windows\system32\msls31.dll
    2012-09-18 17:21 . 2012-09-18 17:21 197120 ----a-w- c:\windows\system32\msrating.dll
    2012-09-18 17:21 . 2012-09-18 17:21 163840 ----a-w- c:\windows\system32\ieakui.dll
    2012-09-18 17:21 . 2012-09-18 17:21 160256 ----a-w- c:\windows\system32\ieakeng.dll
    2012-09-18 17:21 . 2012-09-18 17:21 149504 ----a-w- c:\windows\system32\occache.dll
    2012-09-18 17:21 . 2012-09-18 17:21 145920 ----a-w- c:\windows\system32\iepeers.dll
    2012-09-18 17:21 . 2012-09-18 17:21 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
    2012-09-18 17:21 . 2012-09-18 17:21 12288 ----a-w- c:\windows\system32\mshta.exe
    2012-09-18 17:21 . 2012-09-18 17:21 114176 ----a-w- c:\windows\system32\admparse.dll
    2012-09-18 17:21 . 2012-09-18 17:21 111616 ----a-w- c:\windows\system32\iesysprep.dll
    2012-09-18 17:21 . 2012-09-18 17:21 10752 ----a-w- c:\windows\system32\msfeedssync.exe
    2012-09-18 17:21 . 2012-09-18 17:21 103936 ----a-w- c:\windows\system32\inseng.dll
    2012-09-18 17:20 . 2012-09-18 17:20 165888 ----a-w- c:\windows\system32\iexpress.exe
    2012-09-18 17:20 . 2012-09-18 17:20 160256 ----a-w- c:\windows\system32\wextract.exe
    2012-08-22 18:12 . 2012-09-18 16:13 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2012-08-22 18:12 . 2012-09-18 16:13 376688 ----a-w- c:\windows\system32\drivers\netio.sys
    2012-08-22 18:12 . 2012-09-18 16:13 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    Note empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    “swg”=“c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2012-09-14 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    “Adobe Reader Speed Launcher”=“c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2010-06-20 35760]
    “Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2010-06-09 976832]
    “avast”=“c:\program files\AVAST Software\Avast\avastUI.exe” [2012-10-30 4297136]
    .

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-08 243712]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-18 1255736]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-09-21 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service;
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
S1 aswFW;avast! TDI Firewall driver;
S1 aswKbd;aswKbd;
S1 aswSnx;aswSnx;
S1 aswSP;aswSP;
S2 aswFsBlk;aswFsBlk;
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes’ Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes’ Anti-Malware\mbamservice.exe [2012-09-30 676936]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-02-09 77424]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-01-05 1109096]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
.
.
Contents of the ‘Scheduled Tasks’ folder
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

  • c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-17 23:47]
    .
    2012-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  • c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-17 23:47]
    .
    2012-11-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3596218228-180181814-200797472-1000Core.job
  • c:\users\mine\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-18 23:47]
    .
    2012-11-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3596218228-180181814-200797472-1000UA.job
  • c:\users\mine\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-18 23:47]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @=“{472083B0-C522-11CF-8763-00608CC02F24}”
    [HKEY_CLASSES_ROOT\CLSID{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    “IgfxTray”=“c:\windows\system32\igfxtray.exe” [2011-04-08 167256]
    “HotKeysCmds”=“c:\windows\system32\hkcmd.exe” [2011-04-08 391000]
    “Persistence”=“c:\windows\system32\igfxpers.exe” [2011-04-08 418136]
    “SmartAudio”=“c:\program files\CONEXANT\SAII\SAIICpl.exe” [2010-12-14 316032]
    “TosSENotify”=“c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe” [2010-12-08 710040]
    “TosVolRegulator”=“c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe” [2009-11-11 24376]
    .
    ------- Supplementary Scan -------
    .
    uStart Page = about:blank
    uLocal Page = c:\windows\system32\blank.htm
    mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA
    mLocal Page = c:\windows\SysWOW64\blank.htm
    TCP: DhcpNameServer = 192.168.0.1
    .
        • ORPHANS REMOVED - - - -
          .
          Toolbar-Locked - (no file)
          Toolbar-Locked - (no file)
          HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
          HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
          HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
          HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
          .
          .
          .
          --------------------- LOCKED REGISTRY KEYS ---------------------
          .
          [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
          @Denied: (Full) (Everyone)
          .
          Completion time: 2012-11-18 06:01:28
          ComboFix-quarantined-files.txt 2012-11-18 14:01
          .
          Pre-Run: 590,716,887,040 bytes free
          Post-Run: 590,636,081,152 bytes free
          .
    • End Of File - - 7EE6E5493E73AD5FF14FB3925406A6E9

Here is the log also a copy paste as I can’t locate it otherwise likely due to my inexperience with windows 7.
I had to cut it in half as it was too large.

You could have attached the combofix log
How is the computer behaving ?

The computer seems to be fine as far as I can tell.
I have no idea what to look for but it does what I ask which I am told in not much compared to what it could do…just hearsay.

If all is well tomorrow let me know and I will tidy up

I am not sure this is working correctly as I cannot see the forum pages the same as I once did.
I went to free avast and have been using it since my trial ran out.
I continually get this balloon message
avast! WebRep has crashed. Click this balloon to reload the extension.

I downloaded and used unhackme it is giving me this message…
AFX rootkit
avast! Firewall \System\ContentControl\Set\Services

Description implements main functionality for avast

Another thing I am not sure about before (last computer) there was a blue dot on the lower right side of my computer associated with avast to say if it was working Since I have had this computer during the free trial and now with the free version this has never appeared?

So my question is do I allow this program to delete this file?
and when I do click on the balloon to fix the web rep has crashed issue nothing happens not one thing… it goes away and comes back in seconds.


Start checking at 12/8/2012 time:4:26:57 AM
UnHackMe Engine Version:5.9

Key:avast! Firewall
Source:\SYSTEM\CurrentControlSet\Services
Info about key:avast! Firewall Key:\SYSTEM\CurrentControlSet\Services
Service/Driver Additional Information
Name:Type
Value:32
Type:REG_BINARY
Name:Start
Value:4
Type:REG_BINARY
Name:ErrorControl
Value:1
Type:REG_BINARY
Name:ImagePath
Value:“C:\Program Files\AVAST Software\Avast\afwServ.exe”
Type:REG_EXPAND_SZ
Name:DisplayName
Value:avast! Firewall
Type:REG_SZ
Name:Group
Value:ShellSvcGroup
Type:REG_SZ
Name:WOW64
Value:1
Type:REG_BINARY
Name:ObjectName
Value:LocalSystem
Type:REG_SZ
Name:ServiceSidType
Value:1
Type:REG_BINARY
Name:Description
Value:Implements main functionality for avast! Firewall
Type:REG_SZ
Name:FailureActions
Name:DeleteFlag
Value:1
Type:REG_BINARY
Rootkit is detecting using CompareServLists (compare SCM manager’s drivers list with drivers in the Services registry key).
can’t seem to find the file to attach it so copied and pasted it above.

I downloaded and used unhackme it is giving me this message.. AFX rootkit avast! Firewall \System\ContentControl\Set\Services
Do not delete this, it is Avast firewall
there was a blue dot on the lower right side of my computer associated with avast
Do you have an orange blob in its place

As to webrep I do not use that so I will need to check it out

I have been out of town to a funeral and did not see your reply things have been hectic.

Not a problem, did you see my last post

No orange blob.

Have you tried a repair of Avast

https://dl.dropbox.com/u/73555776/Avast%20repair.JPG

I am wondering if this web rep crash is the same message that inspired the original post… I can’t recall now if it said web rep crashed or just avast crashed.
As far as I can tell things are working ok the only goofy thing was my hotmail account was messed up on the sign in page my messages were on top of the sign in page before I signed in… page over top of a page… the next time I used hotmail it would be gone then come back then be gone… thought it was a hotmail issue… Have not noticed it lately.

No I have not. Could you please tell me where you found that page.

Combofix reported that Avast was functioning normally so it looks as though it is the GUI that is missing. A repair should fix that

Go to control panel > Programs and Features
Select Avast and that page will appear

I clicked repair… got this message:
if this program did not uninstall correctly try uninstalling using settings that are compatible with your versions of windows
Program : Unknown
Publisher: Unknown
Location: C:\programFiles\Avast software asw Run Dll.exe

Is this normal? sorry it is taking me long I have to write all down then copy it here…
it also has an unintalled correctly with a green arrow… I did not think I was uninstalling anything?
press the green arrow or not?

previous message if from program compatibility assistant… does it make any sense to you… ?

Is this Avast free, Pro or AIS ?