Win32.Lineage

Hi, I've never posted on this forum before, but I have a Trojan called Win3.Lineage which I can't get rid of. I've heard of PW.Lineage. This seems to be a different one.

Just to advise, I run Avast AV, AVG Anti-Spyware, Spybot, Ad-Aware, Spyware Blaster, Spyware Guard, Win Defender, Super AntiSpyware and CCleaner. I'm also running Zone Alarm firewall with built in a Spyware guard. I've also tried to get rid of it with Trojan Hunter Guard, which I no longer have and Spy Hunter (which I've also got rid of after Spybot identified it as a spyware).

The only thing that recognises this Trojan is Avast. It finds the files but can't quarantine all of them or delete them. I've tried uninstalling Avast and trying using, to no avail. I also have a Bullguard subscription, but it as it's always let me down I got rid of it. I've also tried running lots of legit online scanners. Nothing else recognises this virus. I'm beginning to wonder if it's a false positive. To be honest, I don't know much about all of this stuff.

I read on your help pages that you recommend Counter Spy. I promise you that when I installed Counterspy some time ago, this is the exact point at which I got the virus. Originally the log with Avast came up as Win32:QQPass-FV (13/02/07). It found it in C:\Program Files\Sunbelt Software\CounterSpy\Consumer\Sunthreat and C:\System Volume Information\_Restore{C19B1562-860E-4769-8276. Now I am only finding it when I run Windows in safe mode.

With Avast, you can't seem to print off your full log. The system files that I have managed to quarantine are kernel32.dll, winsock.dll and wsock32.dll. all in system32.

Does the following make any sense?:

27/02/2007 15:13:36 Administrator 688 Error in aswChestC: chestOpenList Error 1753.
27/02/2007 15:13:36 Administrator 688 aswChestInterface - Program error description: CChestListView::LoadFiles() chestOpenList() failed: 2147422219.
27/02/2007 15:13:54 Administrator 688 aswChestInterface - Program error description: CChestListView::OnCreate() !m_strErrorWnd.IsEmpty().
27/02/2007 15:13:56 Administrator 776 Error in aswChestC: chestOpenList Error 1753.
27/02/2007 15:13:56 Administrator 776 aswChestInterface - Program error description: CChestListView::LoadFiles() chestOpenList() failed: 2147422219.
27/02/2007 15:13:57 Administrator 776 aswChestInterface - Program error description: CChestListView::OnCreate() !m_strErrorWnd.IsEmpty().


26/02/2007 17:45:39 SYSTEM 1368 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
26/02/2007 17:45:40 SYSTEM 1368 An error has occured while attempting to update. Please check the logs.
26/02/2007 21:38:42 Susan 2116 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.
27/02/2007 14:19:18 Administrator 1708 Sign of "Win32:Lineage-518 [Trj]" has been found in "C:\System Volume Information\_restore{C19B1562-860E-4769-B276-50BF02082AB3}\RP39\A0003314.msi\Data1.cab\sunthreatfilename.sdb1" file.
27/02/2007 14:41:19 Administrator 1708 Sign of "Win32:Lineage-518 [Trj]" has been found in "C:\System Volume Information\_restore{C19B1562-860E-4769-B276-50BF02082AB3}\RP77\A0013425.msi\Data1.cab\sunthreatfilename.sdb1" file.
27/02/2007 14:44:27 Administrator 1708 Sign of "Win32:Lineage-518 [Trj]" has been found in "C:\System Volume Information\_restore{C19B1562-860E-4769-B276-50BF02082AB3}\RP78\A0013663.msi\Data1.cab\sunthreatfilename.sdb1" file.
27/02/2007 14:52:28 Administrator 1708 Sign of "Win32:Lineage-518 [Trj]" has been found in "C:\WINDOWS\Downloaded Installations\{1F055D73-39A0-4221-9F25-23B828A55E46}\Sunbelt CounterSpy.msi\Data1.cab\sunthreatfilename.sdb1" file.

I would be so grateful is someone could help me!!!