Win 32:DNSChanger-VJ [Trj]

[antonia512]

On 10-10-2011 Avast! began alerting me that it blocked an attempt by: c:\windows\assembly\tmp\u\800000cb. Virus Description: Win 32:DNSChanger-VJ [Trj].
It alerts me of this every time my computer accesses the internet.  (e.g.; at startup, opening a browser, opening Outlook mail, etc.)

Running a boot-time scan with Avast! or Malwarebytes does not fix the underlying problem.
I have also flushed my DNS cache, tried Kapersky's TDSS Rootkit Removing Tool and F-Secure's Rescue CD to no avail.

New! Second Infection!
On 10-26-2011 Avast! found and blocked an attempt by c:\windows\system32\consrv.dll Virus Description Win32:Malware-gen
Again, scans with Avast! and Malwarebytes do not fix the problem.

Please Help!

[DavidR]

This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the logs and attach the logs here, not in the LOGS topic.

This is most likely the conserv or zero access infection. Whilst it is a pain it looks like avast is keeping it in check but not able to completely deal with it.