Tried everything posted, and I still can not uninstall avast.

[REDACTED]

I had some malware, and wanted to uninstall avast, then reinstall it since it was not working.  If I try to reinstall I get:
"The stub cannot run installer/updater executable 'C\Program\Files\AVAST Software\Avast\Setup\Sfx\avast.setup' (code 0x3)

When I try to run avastclear I get the same exact message.  Doesn't matter if I am in safe mode or not.  I even tried running as admin in every mode. 
I've been using different scans, I have ran malwarebytes, adwcleaner, ccleaner, Downloaded and installed Microsoft Security Essentials...I don't know what else to do.

I'm a long time user of avast, and I've never had any experience like this.  I am at my wits end.  Please help me.

[Asyn]

Attach your basic logs. (MBAM, FRST and aswMBR..!!)
Instructions: https://forum.avast.com/index.php?topic=53253.0

[REDACTED]

Here are my logs.

[essexboy]

We will clear the malware first and then try to re-install Avast

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

Code: [Select]

CreateRestorePoint:
HKLM\...\Run: [3dbs_2] => [X]
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-1044276522-2504370285-3631023187-1000\...409d6c4515e9\InprocServer32: [Default-shell32]  <==== ATTENTION!
IFEO\bbqleads.exe: [Debugger] TaskList.exe
IFEO\bbqleadsapplication.exe: [Debugger] TaskList.exe
IFEO\bbqleadsservice.exe: [Debugger] TaskList.exe
IFEO\bbqquotes.exe: [Debugger] TaskList.exe
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\donutleads.exe: [Debugger] TaskList.exe
IFEO\donutquotes.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\pastaleads.exe: [Debugger] TaskList.exe
IFEO\pastaquotes.exe: [Debugger] TaskList.exe
IFEO\theanswerfinder.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Policy Restriction on ProxySettings)
ProxyServer: [HKLM] => http=127.0.0.1:52794;https=127.0.0.1:52794
Toolbar: HKU\S-1-5-21-1044276522-2504370285-3631023187-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1044276522-2504370285-3631023187-1000 -> No Name - {2D7432C9-A3FD-4ED1-AEA9-FBDB12DBA4A7} -  No File
CHR DefaultSearchKeyword: Default -> 2B11C41AFEA7816AD79344B43E0BDBBCA866291F1E4A28E03F2A196C7DA344EB
CHR DefaultSearchURL: Default -> 628C1A851E8EC782739B69FC37EF8BF20B3DA044EB5299657D18238E35BA8B52
S2 56f83cd8; "C:\windows\system32\rundll32.exe" "c:\Program Files\SoftwarePlus\SoftwarePlus.dll",serv
2015-03-07 23:54 - 2015-03-08 00:01 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-07 23:54 - 2015-03-07 23:54 - 00000000 ____D () C:\Users\zachary\AppData\Local\MFAData
2015-03-01 11:48 - 2015-03-01 11:48 - 00000000 ____D () C:\Users\zachary\AppData\Local\444676a2-7f7c-4eae-8faa-9ec93b841c4e
2015-02-09 10:44 - 2015-03-07 23:12 - 00000000 ____D () C:\ProgramData\977e8aca43da14a
2015-03-07 23:07 - 2015-01-24 01:58 - 00000000 ____D () C:\ProgramData\NhYnHkd
2015-03-07 23:05 - 2014-11-09 17:07 - 00000000 ____D () C:\ProgramData\RuqiBvogo
2015-03-07 23:05 - 2014-11-09 17:07 - 00000000 ____D () C:\ProgramData\CeliGunc
2015-03-07 23:05 - 2014-11-09 01:28 - 00000000 ____D () C:\ProgramData\HidwEceku
2015-03-07 23:05 - 2014-11-09 01:28 - 00000000 ____D () C:\ProgramData\AatlIbnan
2015-03-07 23:05 - 2014-11-04 19:25 - 00000000 ____D () C:\ProgramData\FuhayTidgi
2015-03-07 23:05 - 2014-11-03 21:35 - 00000000 ____D () C:\ProgramData\WogeLbedu
2015-01-24 02:01 - 2015-01-24 02:01 - 0000088 _____ () C:\Users\zachary\AppData\Local\95d34e5026ed72a44508df2327358ee6
Task: {4DCA04A8-C46E-481F-AC33-D51E14AB644C} - System32\Tasks\RunTool => C:\Users\zachary\AppData\Local\444676a2-7f7c-4eae-8faa-9ec93b841c4e\install_temp.exe [2015-03-01] ()
Task: {A22F325D-A559-41E4-939C-CB156F61042E} - System32\Tasks\NNYOXBV => C:\ProgramData\3a8e94626c7e455eab9ee6b45c18d0d0\3a8e94626c7e455eab9ee6b45c18d0d0.exe
Task: {BBCEF3D2-0175-45B2-9BD0-FD4148449E1D} - \DonutQuotes No Task File <==== ATTENTION
Task: {B440CFCA-CB04-4B0C-AD92-4396CE2FEB44} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-13] (Google Inc.)
Task: {B855AF0D-D76A-414D-877A-4F2249F708F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-13] (Google Inc.)
Task: {795AB6E3-DB65-4D57-A208-6F5C85CA8F89} - System32\Tasks\{BE69F521-BA70-46A9-AAAA-68D9559857E3} => pcalua.exe -a "C:\Program Files\Mp3Tube Toolbar\uninstall.exe" -c bho /S
Task: {BBCEF3D2-0175-45B2-9BD0-FD4148449E1D} - \DonutQuotes No Task File <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
S2 X6XSEx; \??\C:\Program Files\Free Ride Games\X6XSEx.Sys [X]
C:\$Recycle.Bin\S-1-5-18\$94d6765fa10d8d4f18832fea183a04a2
C:\Users\zachary\AppData\Local\Google\Chrome
c:\Program Files\SoftwarePlus
C:\Users\zachary\AppData\Local\444676a2-7f7c-4eae-8faa-9ec93b841c4e
C:\ProgramData\3a8e94626c7e455eab9ee6b45c18d0d0
C:\Program Files\Mp3Tube Toolbar
C:\Program Files\Free Ride Games
2014-11-09 01:29 - 2014-11-09 01:29 - 0000448 ____H () C:\Users\zachary\AppData\Roaming\麽鎒駓覜
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Download and run farbar service scanner



Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

[REDACTED]

Thank you very much, here are the logs that were completed after following the instructions.  I've also included them as attachments.

fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-03-2015 03
Ran by zachary at 2015-03-08 12:49:17 Run:1
Running from C:\Users\zachary\Downloads
Loaded Profiles: zachary (Available profiles: zachary)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************

CreateRestorePoint:
HKLM\...\Run: [3dbs_2] => [X]
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-1044276522-2504370285-3631023187-1000\...409d6c4515e9\InprocServer32: [Default-shell32]  <==== ATTENTION!
IFEO\bbqleads.exe: [Debugger] TaskList.exe
IFEO\bbqleadsapplication.exe: [Debugger] TaskList.exe
IFEO\bbqleadsservice.exe: [Debugger] TaskList.exe
IFEO\bbqquotes.exe: [Debugger] TaskList.exe
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\donutleads.exe: [Debugger] TaskList.exe
IFEO\donutquotes.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\pastaleads.exe: [Debugger] TaskList.exe
IFEO\pastaquotes.exe: [Debugger] TaskList.exe
IFEO\theanswerfinder.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Policy Restriction on ProxySettings)
ProxyServer: [HKLM] => http=127.0.0.1:52794;https=127.0.0.1:52794
Toolbar: HKU\S-1-5-21-1044276522-2504370285-3631023187-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1044276522-2504370285-3631023187-1000 -> No Name - {2D7432C9-A3FD-4ED1-AEA9-FBDB12DBA4A7} -  No File
CHR DefaultSearchKeyword: Default -> 2B11C41AFEA7816AD79344B43E0BDBBCA866291F1E4A28E03F2A196C7DA344EB
CHR DefaultSearchURL: Default -> 628C1A851E8EC782739B69FC37EF8BF20B3DA044EB5299657D18238E35BA8B52
S2 56f83cd8; "C:\windows\system32\rundll32.exe" "c:\Program Files\SoftwarePlus\SoftwarePlus.dll",serv
2015-03-07 23:54 - 2015-03-08 00:01 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-07 23:54 - 2015-03-07 23:54 - 00000000 ____D () C:\Users\zachary\AppData\Local\MFAData
2015-03-01 11:48 - 2015-03-01 11:48 - 00000000 ____D () C:\Users\zachary\AppData\Local\444676a2-7f7c-4eae-8faa-9ec93b841c4e
2015-02-09 10:44 - 2015-03-07 23:12 - 00000000 ____D () C:\ProgramData\977e8aca43da14a
2015-03-07 23:07 - 2015-01-24 01:58 - 00000000 ____D () C:\ProgramData\NhYnHkd
2015-03-07 23:05 - 2014-11-09 17:07 - 00000000 ____D () C:\ProgramData\RuqiBvogo
2015-03-07 23:05 - 2014-11-09 17:07 - 00000000 ____D () C:\ProgramData\CeliGunc
2015-03-07 23:05 - 2014-11-09 01:28 - 00000000 ____D () C:\ProgramData\HidwEceku
2015-03-07 23:05 - 2014-11-09 01:28 - 00000000 ____D () C:\ProgramData\AatlIbnan
2015-03-07 23:05 - 2014-11-04 19:25 - 00000000 ____D () C:\ProgramData\FuhayTidgi
2015-03-07 23:05 - 2014-11-03 21:35 - 00000000 ____D () C:\ProgramData\WogeLbedu
2015-01-24 02:01 - 2015-01-24 02:01 - 0000088 _____ () C:\Users\zachary\AppData\Local\95d34e5026ed72a44508df2327358ee6
Task: {4DCA04A8-C46E-481F-AC33-D51E14AB644C} - System32\Tasks\RunTool => C:\Users\zachary\AppData\Local\444676a2-7f7c-4eae-8faa-9ec93b841c4e\install_temp.exe [2015-03-01] ()
Task: {A22F325D-A559-41E4-939C-CB156F61042E} - System32\Tasks\NNYOXBV => C:\ProgramData\3a8e94626c7e455eab9ee6b45c18d0d0\3a8e94626c7e455eab9ee6b45c18d0d0.exe
Task: {BBCEF3D2-0175-45B2-9BD0-FD4148449E1D} - \DonutQuotes No Task File <==== ATTENTION
Task: {B440CFCA-CB04-4B0C-AD92-4396CE2FEB44} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-13] (Google Inc.)
Task: {B855AF0D-D76A-414D-877A-4F2249F708F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-13] (Google Inc.)
Task: {795AB6E3-DB65-4D57-A208-6F5C85CA8F89} - System32\Tasks\{BE69F521-BA70-46A9-AAAA-68D9559857E3} => pcalua.exe -a "C:\Program Files\Mp3Tube Toolbar\uninstall.exe" -c bho /S
Task: {BBCEF3D2-0175-45B2-9BD0-FD4148449E1D} - \DonutQuotes No Task File <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
S2 X6XSEx; \??\C:\Program Files\Free Ride Games\X6XSEx.Sys [X]
C:\$Recycle.Bin\S-1-5-18\$94d6765fa10d8d4f18832fea183a04a2
C:\Users\zachary\AppData\Local\Google\Chrome
c:\Program Files\SoftwarePlus
C:\Users\zachary\AppData\Local\444676a2-7f7c-4eae-8faa-9ec93b841c4e
C:\ProgramData\3a8e94626c7e455eab9ee6b45c18d0d0
C:\Program Files\Mp3Tube Toolbar
C:\Program Files\Free Ride Games
2014-11-09 01:29 - 2014-11-09 01:29 - 0000448 ____H () C:\Users\zachary\AppData\Roaming\?
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


*****************


FSS:

Farbar Service Scanner Version: 17-01-2015
Ran by zachary (administrator) on 08-03-2015 at 12:57:58
Running from "C:\Users\zachary\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\windows\system32\nsisvc.dll => File is digitally signed
C:\windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\windows\system32\dhcpcore.dll => File is digitally signed
C:\windows\system32\Drivers\afd.sys => File is digitally signed
C:\windows\system32\Drivers\tdx.sys => File is digitally signed
C:\windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\windows\system32\dnsrslvr.dll => File is digitally signed
C:\windows\system32\mpssvc.dll => File is digitally signed
C:\windows\system32\bfe.dll => File is digitally signed
C:\windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\windows\system32\SDRSVC.dll => File is digitally signed
C:\windows\system32\vssvc.exe => File is digitally signed
C:\windows\system32\wscsvc.dll => File is digitally signed
C:\windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\windows\system32\wuaueng.dll => File is digitally signed
C:\windows\system32\qmgr.dll => File is digitally signed
C:\windows\system32\es.dll => File is digitally signed
C:\windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\windows\system32\ipnathlp.dll => File is digitally signed
C:\windows\system32\iphlpsvc.dll => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed


**** End of log ****

[essexboy]

Could you manually delete this folder please :

C:\Users\zachary\AppData\Roaming\麽鎒駓覜

Follow these steps to display hidden files and folders.

1.Open Folder Options by clicking the Start button , clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
2.Click the View tab.
3.Under Advanced settings, click Show hidden files and folders, and then click OK.

Once done we will go for a full clean install of Avast

Download Avast Uninstall Utility to your Desktop.
Download the correct version of Avast 
Avast Free
Avast Pro
Avast Internet Security
Avast Premier
Disconnect from the net
Uninstall Avast via control panel

• Run the uninstall tool and accept the reboot to safe mode
• Once complete reboot your system
• Reinstall Avast

----------

[REDACTED]

I just tried that, and I am still receiving the same error messages as stated in the original post.  I did right click, and run as admin.

[essexboy]

Did you uninstall from the control panel and then run Avast uninstall utility ?

Download and Install Combofix
 
Download ComboFix from one of the following locations:
Link 1
Link 2
 
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
 
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

• Double click on ComboFix.exe & follow the prompts.
  
• Accept the disclaimer and allow to update if it asks

• When finished, it shall produce a log for you.
• Please include the C:\ComboFix.txt in your next reply.[/b]
  

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3.  If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

[REDACTED]

when I try to uninstall from the control panel, nothing happens.  It the computer just sits there.  I will try ComboFix now.

[REDACTED]

Ok, I've completed Combofix and restarted. 

I tried to uninstall from Control Panel.  Same thing happened.
When I click uninstall, nothing happens.  Even if I wait 5 minutes, the screen never changes, no notifications of a uninstaller.
When I try Avastclear, I am still getting the same messages as in my original post.

I will include the log as an attachment, and post it below.




ComboFix 15-03-01.01 - zachary 03/08/2015  14:16:32.1.1 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2814.1487 [GMT -4:00]
Running from: c:\users\zachary\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\@system3.att
c:\users\zachary\AppData\Local\dsisetup19813842.exe
c:\users\zachary\AppData\Local\nsyBE45.tmp
c:\users\zachary\AppData\Roaming\FrameworkUpdate7
c:\users\zachary\Documents\~WRL3391.tmp
c:\windows\msdownld.tmp
c:\windows\system32\Thumbs.db
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2015-02-08 to 2015-03-08  )))))))))))))))))))))))))))))))
.
.
2015-03-08 18:30 . 2015-03-08 18:30   --------   d-----w-   c:\users\zachary\AppData\Local\temp
2015-03-08 15:38 . 2015-02-16 09:21   9041640   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{80982502-2A4B-4252-BCD8-B59DF613DD63}\mpengine.dll
2015-03-08 05:53 . 2014-09-10 20:30   908840   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5DF79EB-A386-4E30-B4E6-5DB21CA583E0}\gapaengine.dll
2015-03-08 05:53 . 2015-02-16 09:21   9041640   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-03-08 05:50 . 2015-02-16 09:21   9041640   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{40D967A5-AB1D-45DE-AC2B-4233D5192828}\mpengine.dll
2015-03-08 05:49 . 2015-03-08 06:08   --------   d-----w-   c:\program files\Microsoft Security Client
2015-03-08 05:16 . 2015-03-08 05:24   --------   d-----w-   C:\AdwCleaner
2015-03-08 04:56 . 2015-03-08 18:05   --------   d-----w-   C:\FRST
2015-03-08 03:57 . 2015-03-08 03:57   --------   d-----w-   c:\windows\system32\config\systemprofile\AppData\Local\Avg2015
2015-03-08 03:54 . 2015-03-08 03:54   --------   d--h--w-   c:\programdata\Common Files
2015-03-08 02:33 . 2015-03-08 07:23   114904   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-08 02:33 . 2015-03-08 15:26   --------   d-----w-   c:\program files\Malwarebytes Anti-Malware
2015-03-08 02:33 . 2014-11-21 11:14   51928   ----a-w-   c:\windows\system32\drivers\mwac.sys
2015-03-08 02:33 . 2014-11-21 11:14   75480   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2015-03-04 13:24 . 2015-01-09 02:48   76800   ----a-w-   c:\windows\system32\wdi.dll
2015-03-04 13:24 . 2015-01-09 02:48   635904   ----a-w-   c:\windows\system32\perftrack.dll
2015-03-04 13:24 . 2015-01-09 02:48   27136   ----a-w-   c:\windows\system32\powertracker.dll
2015-03-01 15:59 . 2015-03-08 03:05   --------   d-----w-   c:\program files\Screen Resolution Tester
2015-02-25 13:48 . 2015-03-08 03:05   --------   d-----w-   c:\program files\Grooveshark Mediakeys Reloaded
2015-02-17 13:45 . 2015-01-23 03:43   620032   ----a-w-   c:\windows\system32\jscript9diag.dll
2015-02-17 13:45 . 2015-01-23 03:17   4300800   ----a-w-   c:\windows\system32\jscript9.dll
2015-02-15 20:01 . 2015-03-04 13:29   163504   ----a-w-   c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-02-12 15:24 . 2015-01-12 01:22   1155072   ----a-w-   c:\windows\system32\mshtmlmedia.dll
2015-02-12 15:24 . 2015-01-12 02:05   64000   ----a-w-   c:\windows\system32\MshtmlDac.dll
2015-02-12 15:24 . 2015-01-12 01:36   817664   ----a-w-   c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-02-12 15:24 . 2015-01-12 02:08   503296   ----a-w-   c:\windows\system32\vbscript.dll
2015-02-12 15:24 . 2015-01-12 02:16   10948096   ----a-w-   c:\program files\Internet Explorer\F12Resources.dll
2015-02-12 15:21 . 2015-01-14 05:44   3972544   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2015-02-12 15:21 . 2015-01-14 05:44   3917760   ----a-w-   c:\windows\system32\ntoskrnl.exe
2015-02-12 15:19 . 2014-11-26 03:32   571904   ----a-w-   c:\windows\system32\oleaut32.dll
2015-02-12 15:18 . 2015-02-04 02:53   767488   ----a-w-   c:\windows\system32\appraiser.dll
2015-02-12 15:18 . 2015-02-04 02:54   482304   ----a-w-   c:\windows\system32\generaltel.dll
2015-02-12 15:18 . 2015-02-04 02:53   621056   ----a-w-   c:\windows\system32\invagent.dll
2015-02-12 15:18 . 2015-02-04 02:53   325632   ----a-w-   c:\windows\system32\devinv.dll
2015-02-12 15:18 . 2015-02-04 02:49   886784   ----a-w-   c:\windows\system32\aeinv.dll
2015-02-12 15:18 . 2015-01-27 23:36   1167520   ----a-w-   c:\windows\system32\aitstatic.exe
2015-02-12 15:18 . 2015-02-04 02:53   202752   ----a-w-   c:\windows\system32\aepdu.dll
2015-02-12 15:18 . 2015-02-04 02:53   159744   ----a-w-   c:\windows\system32\aepic.dll
2015-02-12 15:17 . 2015-01-10 06:27   172032   ----a-w-   c:\windows\system32\wdigest.dll
2015-02-12 15:17 . 2015-01-10 06:27   65536   ----a-w-   c:\windows\system32\TSpkg.dll
2015-02-12 15:17 . 2015-01-10 06:27   248832   ----a-w-   c:\windows\system32\schannel.dll
2015-02-12 15:17 . 2015-01-10 06:27   221184   ----a-w-   c:\windows\system32\ncrypt.dll
2015-02-12 15:17 . 2015-01-10 06:27   259584   ----a-w-   c:\windows\system32\msv1_0.dll
2015-02-12 15:17 . 2015-01-10 06:27   550912   ----a-w-   c:\windows\system32\kerberos.dll
2015-02-12 15:17 . 2015-01-10 06:27   17408   ----a-w-   c:\windows\system32\credssp.dll
2015-02-12 15:17 . 2014-12-12 05:07   1174528   ----a-w-   c:\windows\system32\crypt32.dll
2015-02-12 15:17 . 2014-07-07 01:40   179200   ----a-w-   c:\windows\system32\wintrust.dll
2015-02-12 15:17 . 2014-07-07 01:40   143872   ----a-w-   c:\windows\system32\cryptsvc.dll
2015-02-12 15:16 . 2014-12-08 02:46   308224   ----a-w-   c:\windows\system32\scesrv.dll
2015-02-12 15:16 . 2015-01-13 02:49   1230336   ----a-w-   c:\windows\system32\WindowsCodecs.dll
2015-02-09 13:52 . 2015-03-08 05:38   20   ----a-w-   c:\users\zachary\AppData\Roaming\appdataFr3.bin
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-03 13:16 . 2010-05-09 01:28   246920   ------w-   c:\windows\system32\MpSigStub.exe
2015-01-24 07:09 . 2015-01-24 07:09   71344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-24 07:09 . 2015-01-24 07:09   701616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2014-12-19 02:43 . 2015-01-14 13:51   164864   ----a-w-   c:\windows\system32\profsvc.dll
2014-12-19 01:34 . 2015-01-14 13:51   116224   ----a-w-   c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 13:51   74240   ----a-w-   c:\windows\system32\TSWbPrxy.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58   121968   ----a-w-   c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MyTOSHIBA"="c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe" [2009-08-06 264048]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIIBA.EXE" [2011-11-02 246368]
"EPLTarget\P0000000000000001"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIIBA.EXE" [2011-11-02 246368]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 7625248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-21 1545512]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 476512]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-04 611672]
"NortonOnlineBackupReminder"="c:\program files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-07-16 529256]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-01-21 60712]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-10-02 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-01-27 157480]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 978520]
.
c:\users\zachary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-01-12 102912]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2013-08-06 18944]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 95408]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2015-01-30 284472]
R3 PTDLBus;PANTECH UM175AL Composite Device Driver;c:\windows\system32\DRIVERS\PTDLBus.sys [2008-07-20 32256]
R3 PTDLMdm;PANTECH UM175AL Drivers;c:\windows\system32\DRIVERS\PTDLMdm.sys [2008-07-20 41344]
R3 PTDLVsp;PANTECH UM175AL Diagnostic Port;c:\windows\system32\DRIVERS\PTDLVsp.sys [2008-07-20 39936]
R3 PTDLWWAN;PANTECH UM175AL WWAN Driver;c:\windows\system32\DRIVERS\PTDLWWAN.sys [2008-07-20 59776]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-15 1343400]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S0 aswRvrt;aswRvrt;

S0 aswVmm;aswVmm;

S1 aswSnx;aswSnx;

S1 aswSP;aswSP;

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-30 176128]
S2 aswFsBlk;aswFsBlk;

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-11 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2013-06-28 14624]
S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-06-19 1646608]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 7680]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 379904]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-04 111960]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]
2009-08-06 16:15   264048   ----a-w-   c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-17 16:39   1087816   ----a-w-   c:\program files\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchAssistant = www.google.com
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{516ECC10-F0D2-49A0-BA93-F79F59E28DC3}\2556374716572716E647: NameServer = 208.69.150.250,208.69.150.252
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{25349513-852F-470D-AB31-9B42100C926B} - c:\users\zachary\AppData\Local\{66CE914E-73A3-43B0-A9AC-9EE69049D57A}\ALsetup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1044276522-2504370285-3631023187-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1044276522-2504370285-3631023187-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-03-08  14:33:41
ComboFix-quarantined-files.txt  2015-03-08 18:33
.
Pre-Run: 178,950,209,536 bytes free
Post-Run: 178,459,508,736 bytes free
.
- - End Of File - - 4DF4187B0F5AA3FE59BF0611431F4E83
5B5E648D12FCADC244C1EC30318E1EB9

[REDACTED]

I just wanted to add, when I open the file location in windows explorer where it says the error is coming from:
The stub cannot run installer/updater executable 'C\Program\Files\AVAST Software\Avast\Setup\Sfx\avast.setup' (code 0x3)

In the Avast\Setup\ location, there is no Sfx folder, let alone a avast.setup file.   I am guessing this is probably part of the issue as well??

I don't know, what else to do at this point. 

[REDACTED]

Any other suggestions, or is there any information in the combofix log?

[essexboy]

That got a few bits that I did not see..

Could you download and install a fresh copy from here and then install it..  Let me know what error you get

Avast Free

[bob3160]

Any other suggestions, or is there any information in the combofix log?

Please realize that essexboy is in GB. He may be off for the night.
He will be back to the thread as soon as he's able. Please be patient.

[REDACTED]

It did not install.  I received the same error.

The stub cannot run installer/updater executable 'C:\Program Files\AVAST Software\setup\Sfx\avast.setup' (code 0x3)