Root kit, aswMBR.exe Bsod

[Bogartbc]

Found a root kit yesterday after Cold Booting.  Deleted it with Avast then ran the prompted scan.  This came up clean.  I ran a full scan over night that came up clean.  I checked my auto starts finding a setwallpaper Unknown c:\programdata\setwallpaper.cmd.  I couldn't find this file with folder options set to show hidden, os folders, etc.  I couldn't find anything on MS about it.  I ran the 3 scans in on the Guide threat.  MBAM and OTL came up clean.  aswMBR.exe Bsod right after completing, I couldn't save that log.  I ran a second scan which I think is clean.

Given the Bsod I wanted to check if this was due to a Virus or software error.

[Bogartbc]

aswMBR.exe logs.  Did you need the MBR.dat?

[Bogartbc]

I also have the Bsod dump file if you need it.

[Pondus]

Found a root kit yesterday after Cold Booting.  Deleted it with Avast then ran the prompted scan.

what? and where?

[Bogartbc]

Unfortunately I have no idea.  Avast popped up saying it found one with no real information displayed.  Delete was auto selected so I continued.  The boot-time scan prompt opened, I accepted and it restarted the system.  I can't find anything in the logs about it, most are dated after the long scan before windows boots and for the scan I ran overnight.  Sorry I didn't think to write what I saw down.

[essexboy]

Are you experiencing any problems at all ?

[Bogartbc]

Everything seems fine except I had to disable Web shield for IExplorer or Chrome to connect no matter what I set my firewall to do.  Steam, Xfire and Ventrilo worked fine with Web shield up.  Im just curious due to the aswMBR.exe Bsod and c:\programdata\setwallpaper.cmd which I can not find in Admin mode with folder options showing everything.

[essexboy]

Have you allowed webshield through the firewall ?

[Bogartbc]

The scan web (http) traffic was blocking the connect requests, I had to turn it off.  One would open for Avastsvc.exe at boot I would accept then my normal startups that make requests.  Chrome/IE would make one request I would accept but nothing loaded or made another request.  The Web shield doesnt really seem to be scanning anything though.

Im using comodo firewall,  I read on the forum that I should leave Web shield off due to a conflict between these two programs.

[essexboy]

The webshield conflict with Comodo is on the Comodo side, and they want you to reduce protection by disabling Avast...  Personally I would change firewall

[Bogartbc]

Do you have any suggestions for a Firewall that works well with Avast?  I've been using Comodo for some long Im not up to date these days.

[essexboy]

Outpost is quite good I hear http://www.filehippo.com/download_outpost_firewall/

[Bogartbc]

That seems pretty out of date, 2009.  Are the developers keeping it up to date via an update section similar to Avast?

[essexboy]

No that date refers to when the first programme was added to fileHippo 

[Bogartbc]

Im am trying a few workarounds I have found on Comodo's forums to see if anything works.  I have on including the Web shield issue I posted about earlier.  If you have any information on these workarounds please let me know.  Both products I have been happy with the level of control so I'm hesitant to switch either program.


Are the logs I posted clean to you? 

Also is this Bsod a cause of concern?  I do not have the program to read this dump file so I do not know what caused it besides assuming a conflict with the aswMBR scanner.