Avast still shows its alert

[jkad27]

Hello! So far, I tried my best in following all of the steps mentioned (pertaining to the topic above). I've attached here the requested logs. What do I do next? Avast still shows its alert:
C:/Documents and Settings\ ...\ kkkl.exe
Malware name: Win32:Trojan-gen {Other}

Please help. Thank you so much!

 

[kimsland]

I have one word to say: uTorrent.exe

Ok a couple more, run Malwarebytes (updated first) again
Pretty sure Combofix will be needed too

By the way, remove uTorrent

Download Combofix
Lots of info on its use h e r e
Direct download h e r e

Save it to a location that you can easily find later (in Safe Mode) ie directly to C drive

Restart your computer to Safe Mode (by repeatedly pressing F8 on your keyboard before Windows starts)
Log into your Administrator account
Locate the previously downloaded Combofix
Double click on it to run, answering any prompts along the way
Note: during Combofix scan (lasting up to 10mins) your Desktop and clock may reset (all normal)

Once Combofix has finished, save the log file to be attached to a new reply
Restart back to Normal mode, and attach the Combofix log

 

[jkad27]

Combofix Done

Okay, thank you so much. I've followed your instructions and attached the log here. Am I doing it right? Anyway, what should I do next?

(The Avast alert hasn't appeared since then--well, yet. Is everything okay now?)

Thank you!

 

[kimsland]

Actually this entry still exists: c:\documents and settings\Atienza Family\Application Data\uTorrent
But I'm assuming that you removed this File Sharing software, so I'll move on


Did you also run a full updated scan with Malwarebytes again?
If no, then please do this, as there may (and likely will) be more Malwares in your computer

Once Malwarebytes scans clean (ie sometimes the program needs to be run multiple times, to uncover hidden Malwares, and then for you to remove them)
Then restart

Then (after restarting ) provide a new HJT log to attach here
There's probably going to be stacks of file missing entries in the scan log, to avoid another reply back and forth, you can safely tick any box in HJT that has a file missing entry, then select fix all. By doing this though, you will need to restart again, and then provide the newest HJT log as an attachment

 

[jkad27]

Ran Malwarebytes and HJT again

Oops, my bad. Forgot to run malwarebytes before.
Now, I only ran the Malwarebytes once and it didn't show any infected files. Do I have to run it again to make sure? Also, HJT log file is attached here. I hope I didn't miss any file missing entry. What's next? Thanks!

 

[kimsland]

To speed up your computer startup time you can fix these entries

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

If you don't play this game anymore, you can fix these entries

O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - http://67.15.101.33/g_bin/eng/words_2_0_0_51.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} (GameDesire 1Player Word Games) - http://67.15.101.33/g_bin/eng/wordssingle_2_0_0_48.cab

Remove combofix from the computer: Click START->RUN Now type or copy Combofix /u in the runbox and click -> OK.

You can remove the cleaning tools now:
Download OTCleanIt HERE & save it to your desktop.

Double click on OTCleanIt.exe.
Click on CleanUp!.
It will go thorough the list and remove all of the tools it finds and then delete itself (requiring a reboot).
You will receive a prompt that it needs to restart the computer to remove the files>
Click Yes.
It will restart your computer automatically. If it doesn't, please restart your computer manually.

This will remove the 020 entry in HijackThis.

Clear your existing System Restore points and establish a new clean restore point:

1. Go to Start > All Programs > Accessories > System Tools > System Restore
2. Select Create a restore point, and OK it.
3. Next, go to Start > Run and type in cleanmgr
4. Select the More options tab
5.Choose the option to clean up system restore and OK it.
This will remove all restore points except the new one you just created.

Restart and then let me know how it seems to be running
Couldn't be worse ?
OK I suppose ?
Yep seems ok ?
Absolutely fantastic :grinthumb ?

 

[kimsland]

Have a look at:

UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions

And create a New Thread, just for you