Can't read the rootrepeal file, it is full of special characters, not that I think it is important for now as I don't think this detection is rootkit related.
The MBAM log shows it didn't find anything, which isn't unusual as it can't scan inside the avast chest as the files are encrypted.
What is the location where it was found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe
- Or check the source file using notepad C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log and copy and paste the entry.
Is this a file that has been on your system for some time ?
Some consider it malware,
http://spywarefiles.prevx.com/RRHFCF235708/MARKETER.EXE.html and hopefully that will be confirmed (one way or another) by the VT scan below.
You could also check the offending/suspect file at:
VirusTotal - Multi engine on-line virus scanner and
report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the
Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect\* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
