Found a root kit yesterday after Cold Booting. Deleted it with Avast then ran the prompted scan. This came up clean. I ran a full scan over night that came up clean. I checked my auto starts finding a setwallpaper Unknown c:\programdata\setwallpaper.cmd. I couldn’t find this file with folder options set to show hidden, os folders, etc. I couldn’t find anything on MS about it. I ran the 3 scans in on the Guide threat. MBAM and OTL came up clean. aswMBR.exe Bsod right after completing, I couldn’t save that log. I ran a second scan which I think is clean.
Given the Bsod I wanted to check if this was due to a Virus or software error.
Unfortunately I have no idea. Avast popped up saying it found one with no real information displayed. Delete was auto selected so I continued. The boot-time scan prompt opened, I accepted and it restarted the system. I can’t find anything in the logs about it, most are dated after the long scan before windows boots and for the scan I ran overnight. Sorry I didn’t think to write what I saw down.
Everything seems fine except I had to disable Web shield for IExplorer or Chrome to connect no matter what I set my firewall to do. Steam, Xfire and Ventrilo worked fine with Web shield up. Im just curious due to the aswMBR.exe Bsod and c:\programdata\setwallpaper.cmd which I can not find in Admin mode with folder options showing everything.
The scan web (http) traffic was blocking the connect requests, I had to turn it off. One would open for Avastsvc.exe at boot I would accept then my normal startups that make requests. Chrome/IE would make one request I would accept but nothing loaded or made another request. The Web shield doesnt really seem to be scanning anything though.
Im using comodo firewall, I read on the forum that I should leave Web shield off due to a conflict between these two programs.
The webshield conflict with Comodo is on the Comodo side, and they want you to reduce protection by disabling Avast… Personally I would change firewall
Im am trying a few workarounds I have found on Comodo’s forums to see if anything works. I have on including the Web shield issue I posted about earlier. If you have any information on these workarounds please let me know. Both products I have been happy with the level of control so I’m hesitant to switch either program.
Are the logs I posted clean to you?
Also is this Bsod a cause of concern? I do not have the program to read this dump file so I do not know what caused it besides assuming a conflict with the aswMBR scanner.