When looking at other topics someone has always asked whether any unpXXXX files are in the log folder.
I have 10 of these to date and every one of them reads this:
Fault source
C:\Program Files\Alwil Software\Avast4\ashServ.exe caused an Access Violation at location 7c910f29 in module ntdll.dll Reading from location 00000000.
Every single one is EXACTLY the same, in exactly the same position.
The following also appears in each and every one of the files:
Crash place
0x7C910EED: FF E9 32 FE FF FF 0F B7 0E 03 C8 81 F9 00 FE 00 00 0F 87 45 ÿé2þÿÿ.·..È.ù.þ...‡E
0x7C910F01: FD FF FF 80 7D 14 00 0F 85 25 8B 03 00 8A 46 05 24 10 A8 10 ýÿÿ.}...…%‹..ŠF.$.¨.
0x7C910F15: 88 47 05 0F 85 92 00 00 00 8B 4E 0C 8D 46 08 8B 10 89 4D 0C .G..…’...‹N..F.‹.‰M.
=> 0x7C910F29: 8B 09 3B 4A 04 89 55 14 0F 85 EA 0F 00 00 3B C8 0F 85 E2 0F ‹.;J.‰U……ê…;È.…â.
0x7C910F3D: 00 00 56 53 E8 4E FC FF FF 8B 45 14 8B 4D 0C 3B C1 89 01 89 …VSèNüÿÿ‹E.‹M.;Á‰.‰
0x7C910F51: 48 04 74 38 8A 46 05 A8 04 0F 85 A9 8B 03 00 0F B7 0E 8B 45 H.t8ŠF.¨……©‹…·.‹E
0x7C910F65: 10 01 08 0F B7 0E 29 4B 28 F6 47 05 10 66 8B 08 66 89 0F 0F …·.)K(öG…f‹.f‰…
0x7C910EE3: 6A00 push 0x0
0x7C910EE5: 8D45D8 lea eax, ds:[ebp]+FFFFFFD8
0x7C910EE8: 50 push eax
0x7C910EE9: E814D2FFFF call -FFFFD214
0x7C910EEE: E932FEFFFF jmp -FFFFFE32
0x7C910EF3: 0FB70E movzx ecx, ds:[esi]
0x7C910EF6: 03C8 add ecx, eax
0x7C910EF8: 81F900FE0000 cmp ecx, 0xFE00
0x7C910EFE: 0F8745FDFFFF ja -FFFFFD45
0x7C910F04: 807D1400 cmp ds:[ebp]+14, 0x0
0x7C910F08: 0F85258B0300 jnz +38B25
0x7C910F0E: 8A4605 mov al, ds:[esi]+05
0x7C910F11: 2410 and al, 0x10
0x7C910F13: A810 test al, 0x10
0x7C910F15: 884705 mov ds:[edi]+05, al
0x7C910F18: 0F8592000000 jnz +92
0x7C910F1E: 8B4E0C mov ecx, ds:[esi]+0C
0x7C910F21: 8D4608 lea eax, ds:[esi]+08
0x7C910F24: 8B10 mov edx, ds:[eax]
0x7C910F26: 894D0C mov ds:[ebp]+0C, ecx
=> 0x7C910F29: 8B09 mov ecx, ds:[ecx]
0x7C910F2B: 3B4A04 cmp ecx, ds:[edx]+04
0x7C910F2E: 895514 mov ds:[ebp]+14, edx
0x7C910F31: 0F85EA0F0000 jnz +FEA
0x7C910F37: 3BC8 cmp ecx, eax
0x7C910F39: 0F85E20F0000 jnz +FE2
0x7C910F3F: 56 push esi
0x7C910F40: 53 push ebx
0x7C910F41: E84EFCFFFF call -FFFFFC4E
0x7C910F46: 8B4514 mov eax, ds:[ebp]+14
0x7C910F49: 8B4D0C mov ecx, ds:[ebp]+0C
0x7C910F4C: 3BC1 cmp eax, ecx
0x7C910F4E: 8901 mov ds:[ecx], eax
0x7C910F50: 894804 mov ds:[eax]+04, ecx
0x7C910F53: 7438 jz +38
0x7C910F55: 8A4605 mov al, ds:[esi]+05
0x7C910F58: A804 test al, 0x4
0x7C910F5A: 0F85A98B0300 jnz +38BA9
0x7C910F60: 0FB70E movzx ecx, ds:[esi]
0x7C910F63: 8B4510 mov eax, ds:[ebp]+10
I haven’t checked to see if this is exactly the same but seems very similar.