My firewall is Sygate, when I read the message I blocked the program to avoid it to connect to internet.
What do you mean by "foul-up" ?
By foul-up I mean the firewall has incorrectly identified or detected an action, it happens occasionally.
Having said that Sygate does have a problem identifying programs that use localhost proxy, it only see the proxy not the program using the proxy. This is well reported in these forums.
Sygate has now been bought out by Symantec and is/has being/been discontinued, now would seem to be a good time to look for an alternative firewall.
I too have an nvidia graphics card and it has nwiz.exe in the system32 folder. I would like to hope that avast would detect the gaobot or agobot infection.