That appeared to be the problem. The full text is in the attached txt file but this is the main gist without the logs:
I followed the steps in the guide. These are the steps and logs I received:
Avast Message:
avast!File System Shield has blocked a threat.
Object: c:\windows\system32\rqpopq.dll
Infection: Win32:Malware-gen
Action: Deleted
Process: C:\WINDOWS\system32\lsass.exe
A full system scan with Avast comes up with the following files every time (I ran the scan a few times in the vain hope that it would fix itself):
c:\system volume information\_restore{5P527826-4A83-8416-28ACDDA14001}\RP877\A0203923.DLL
c:\system volume information\_restore{5P527826-4A83-8416-28ACDDA14001}\RP878\A0203943.DLL
c:\system volume information\_restore{5P527826-4A83-8416-28ACDDA14001}\RP880\A0203980.DLL
c:\system volume information\_restore{5P527826-4A83-8416-28ACDDA14001}\RP880\A020413.DLL
I then ran TFC.exe
Then ERUNT
I already had MBAM on my computer and had used it successfully last week. This week it would not open (probably the Malware). I uninstalled my version and reinstalled the link from your site with the same results.
I then ran GMER rootkit scanner. Logs attached
I then ran OTL. Logs attached
Thanks for offering this service and I really hope you can help.
Edited by Oddrose, 23 July 2010 - 04:41 PM.