I have a potential disaster on my hands. I upgraded my desktop (Win 7 Pro x64) to Avast 7 Free a few days ago, and almost immediately, it reported a rootkit. The screen that popped up cut off the name and location of the rootkit. I let it delete and boot time scan, and the boot time scan reported nothing, but there was absolute mayhem on my system...many things no longer worked. I was going to restore, but discovered all of my restore points were wiped out. To reimage would require media I didn't have...I got that machine from Office Depot on sale, and apparently they had upgraded the machine from Home Premium to Pro, and sold it to me as Pro, while what was on the recovery partition was Home Premium. I have a fledgling online business that requires daily attention, so I couldn't be down, and went and bought a brand new laptop (Win 7 Home Premium x64) yesterday and spent all of last night getting it set up, which included installing a paid version of Avast 7 (full suite), other utilities I use, and starting to remove OEM installed crapware.
This morning, after using the new laptop for about an hour, up pops the same rootkit notice, again unreadable. I let Avast do its thing, and am not yet sure if there's mayhem on this machine, too. I haven't even had time to make the system disks, and this one has no restore partition, so if I've got damage here, too, I may just have gone out of business. I can't find the Avast log files to get more information. The single point of contact between these machines is the files in my Dropbox, which I scanned thoroughly using a third machine (Vista, 32-bit, identical access to the Dropbox account) with Avast 7 before touching it with this new laptop, and it scanned as clean.
I had Malwarebytes Pro on the desktop system, and it said everything was clean. I downloaded and ran Malwarebytes (full trial) on the laptop, and it also reports clean (log attached).
Avast does not like OTL. It wants to put it into the sandbox. I forced it to run normally. Logs are attached. Ran aswMBR.exe, log and MBR attached.