Have you tried?
Malwarebytes Anti-Malware 1.46 http://filehippo.com/download_malwarebytes_anti_malware/
always run update before you scan so you have the latest database
click on the remove selected button to quarantine anything found
you may post the scan log here
Here is the malwarebytes log you requested:
Malwarebytes' Anti-Malware 1:46
www.malwarebytes.orgDatabase Version: 4457
Windows 05/01/2600
Internet Explorer 6.0.2600.0000
21/08/2010. 21:07:58
mbam-log-2010-08-21 (21-07-58). txt
Scan type: Quick Scan
Objects scanned: 131854
Elapsed time: 11 minutes, 6 seconds
Memory Processes Infected: 0
Memory Modules Infected: 0
Infected registry keys: 0
Registry Values Infected: 0
Infected registry data elements: 0
Folders Infected: 0
Infected files: 0
Memory Processes Infected:
(No malicious items found)
Memory Modules Infected:
(No malicious items found)
Infected registry keys:
(No malicious items found)
Infected Registry Values:
(No malicious items found)
Infected registry data elements:
(No malicious items found)
Folders Infected:
(No malicious items found)
Infected files:
(No malicious items found)
In addition, he did have a full investigation into the watched folder where systemvoluminformation but avast did not find anything alarming.
Where avast alerts systemvolumeinformationba also tested the exe VirusTotal but the 3 is the same as the alarm anti-virus lsass.exe file.
In short, malwarebytes found nothing, only 2 log file is an older virus which has left behind.
This was the 2 files:
Infected files:
C: \ Documents and Settings \ user \ Application Data \ avdrn.dat (Malware.Trace) -> Quarantine and deleted successfully.
C: \ Documents and Settings \ user \ Application Data \ wiaserva.log (Malware.Trace) -> Quarantine and deleted successfully.
So then this false alarm??
Here is the VirusTotal log file lsass.exe from:
Update Antivirus Version Last Result
AhnLab-V3 2010.08.22.00 08/21/2010 -
AntiVir 8.2.4.38 20.08.2010 -
Antiy AVL 2.0.3.7 08.16.2010 -
Authentium 5.2.0.5 08.21.2010 -
08/21/2010 Avast 4.8.1351.0 Win32: Malware-gen
Avast5 5.0.332.0 08.21.2010 Win32: Malware-gen
AVG 9.0.0.851 08.21.2010 -
BitDefender 7.2 08.21.2010 -
CAT-QuickHeal 08/21/2010 11:00 -
ClamAV git-0.96.2.0 21.08.2010 -
Comodo 5805 08/21/2010 -
DrWeb 5.0.2.03300 21.08.2010 -
Emsisoft 5.0.0.37 21.08.2010 -
eSafe 7.0.17.0 19.08.2010 -
eTrust-Vet 36.1.7804 21.08.2010 -
F-Prot 4.6.1.107 08.21.2010 -
F-Secure 9.0.15370.0 21.08.2010 -
Fortinet 4.1.143.0 08.21.2010 -
GData 21 08.21.2010 Win32: Malware-gen
Ikarus T3.1.1.88.0 08/21/2010 -
Jiangmin 13.0.900 08/21/2010 -
Kaspersky 7.0.0.125 08.21.2010 -
McAfee 5.400.0.1158 08/21/2010 -
McAfee, GW 2010.1B Edition 08/21/2010 -
Microsoft 1.6103 08.21.2010 -
NOD32 5384 08/21/2010 -
8/21/2010 6:05:11 Norman -
nProtect 2010-08-21.01 08/21/2010 -
Panda 10.0.2.7 08/21/2010 -
PCTools 7.0.3.5 08.21.2010 -
Prevx 3.0 08/21/2010 -
Rising 22.61.04.04 20/08/2010 -
Sophos 4.56.0 08.21.2010 -
Sunbelt 6771 21/08/2010 -
SUPERAntiSpyware 4.40.0.1006 08/21/2010 -
Symantec 20101.1.1.7 21/08/2010 -
TheHacker 6.5.2.1.352 08/20/2010 -
TrendMicro 9.120.0.1004 21/08/2010 -
TrendMicro HouseCall-9.120.0.1004 08/21/2010 -
VBA32 3.12.14.0 08/20/2010 -
ViRobot 2010.8.18.3995 08/21/2010 -
VirusBuster 5.0.27.0 08.21.2010 -
MD5: 9aad6a77cdbe6daa9758a28b9145e580
SHA1: caef3e2a2b899d90a8d2be6b5d49af5980603926
SHA256: 2218bb5f7354819b4f363954adba17ec800ae1d8443821e9ce822255f8f133eb
File size: 11.776 bytes
Scan date: 2010-08-21 17:28:13 (UTC)
This is the systemvolumeinformation in the exe file:
Antivirus Version Last Update Result
AhnLab-V3 2010.08.22.00 08/21/2010 -
AntiVir 8.2.4.38 20.08.2010 -
Antiy AVL-2.0.3.7 08.16.2010 -
Authentium 5.2.0.5 08.21.2010 -
08/21/2010 Avast 4.8.1351.0 Win32: Malware-gen
Avast5 5.0.332.0 08.21.2010 Win32: Malware-gen
AVG 9.0.0.851 08.21.2010 -
BitDefender 7.2 08.21.2010 -
CAT-QuickHeal 08/21/2010 11:00 -
ClamAV git-0.96.2.0 21.08.2010 -
Comodo 5805 08/21/2010 -
DrWeb 5.0.2.03300 21.08.2010 -
Emsisoft 5.0.0.37 21.08.2010 -
eTrust-Vet 36.1.7804 21.08.2010 -
F-Prot 4.6.1.107 08.21.2010 -
F-Secure 9.0.15370.0 21.08.2010 -
Fortinet 4.1.143.0 08.21.2010 -
GData 21 08.21.2010 Win32: Malware-gen
Ikarus T3.1.1.88.0 08/21/2010 -
Jiangmin 13.0.900 08/21/2010 -
Kaspersky 7.0.0.125 08.21.2010 -
McAfee 5.400.0.1158 08/21/2010 -
Microsoft 1.6103 08.21.2010 -
NOD32 5384 08/21/2010 -
8/21/2010 6:05:11 Norman -
nProtect 2010-08-21.01 08/21/2010 -
Panda 10.0.2.7 08/21/2010 -
PCTools 7.0.3.5 08.21.2010 -
Prevx 3.0 08/21/2010 -
Rising 22.61.04.04 20/08/2010 -
Sophos 4.56.0 08.21.2010 -
Sunbelt 6771 21/08/2010 -
SUPERAntiSpyware 4.40.0.1006 08/21/2010 -
Symantec 20101.1.1.7 21/08/2010 -
TheHacker 6.5.2.1.352 08/20/2010 -
TrendMicro 9.120.0.1004 21/08/2010 -
TrendMicro HouseCall-9.120.0.1004 08/21/2010 -
VBA32 3.12.14.0 08/20/2010 -
ViRobot 2010.8.18.3995 08/21/2010 -
VirusBuster 5.0.27.0 08.21.2010 -
MD5: 9aad6a77cdbe6daa9758a28b9145e580
SHA1: caef3e2a2b899d90a8d2be6b5d49af5980603926
SHA256: 2218bb5f7354819b4f363954adba17ec800ae1d8443821e9ce822255f8f133eb
File size: 11,776 bytes
Scan date: 2010-08-21 18:29:43 (UTC)