avast! keeps on reminding me of the malware
it says original location is in C:\Windows\Installer{4c30d485-e0bd–a642-de63-aee52e0302c2}\U
but I can’t find the said location
Please attach your logs.
http://forum.avast.com/index.php?topic=53253.0
Hello, thank you for replying to my post
I noticed that Malwarebytes has successfully deleted the malware,
but after a few minutes, avast has encountered another error
here is the copy and pasted log
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.04.04
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Jerico :: NEKOGAMI [administrator]
Protection: Enabled
6/08/2012 5:59:40 PM
mbam-log-2012-08-06 (17-59-40).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203975
Time elapsed: 4 minute(s), 23 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
here is a print screen of the avast reminder
We also need your logs from OTL and aswMBR.
Here is the Log of aswMBR
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-06 18:33:13
18:33:13.943 OS Version: Windows x64 6.1.7600
18:33:13.943 Number of processors: 4 586 0x2505
18:33:13.943 ComputerName: NEKOGAMI UserName: Jerico
18:33:15.332 Initialize success
18:33:19.715 AVAST engine defs: 12080600
18:39:10.626 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\Ide\IAAStorageDevice-1
18:39:10.642 Disk 0 Vendor: Hitachi_ PC4O Size: 476940MB BusType: 3
18:39:10.657 Disk 0 MBR read successfully
18:39:10.657 Disk 0 MBR scan
18:39:10.673 Disk 0 unknown MBR code
18:39:10.704 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
18:39:10.720 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 454730 MB offset 409600
18:39:10.735 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 21906 MB offset 931696640
18:39:10.751 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
18:39:10.798 Disk 0 scanning C:\Windows\system32\drivers
18:39:23.605 Service scanning
18:39:46.194 Modules scanning
18:39:46.194 Disk 0 trace - called modules:
18:39:46.225 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
18:39:46.241 1 nt!IofCallDriver → \Device\Harddisk0\DR0[0xfffffa8006fe7060]
18:39:46.241 3 CLASSPNP.SYS[fffff88001b1e43f] → nt!IofCallDriver → [0xfffffa800511cb10]
18:39:46.256 5 hpdskflt.sys[fffff880017f3185] → nt!IofCallDriver → \Device\Ide\IAAStorageDevice-1[0xfffffa8004fb1050]
18:39:47.333 AVAST engine scan C:\Windows
18:39:49.735 AVAST engine scan C:\Windows\system32
18:42:02.166 AVAST engine scan C:\Windows\system32\drivers
18:42:11.620 AVAST engine scan C:\Users\Jerico
18:48:26.684 Disk 0 MBR has been saved successfully to “C:\Users\Jerico\Desktop\MBR.dat”
18:48:26.700 The log file has been saved successfully to “C:\Users\Jerico\Desktop\aswMBR.txt”
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-06 18:33:13
18:33:13.943 OS Version: Windows x64 6.1.7600
18:33:13.943 Number of processors: 4 586 0x2505
18:33:13.943 ComputerName: NEKOGAMI UserName: Jerico
18:33:15.332 Initialize success
18:33:19.715 AVAST engine defs: 12080600
18:39:10.626 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\Ide\IAAStorageDevice-1
18:39:10.642 Disk 0 Vendor: Hitachi_ PC4O Size: 476940MB BusType: 3
18:39:10.657 Disk 0 MBR read successfully
18:39:10.657 Disk 0 MBR scan
18:39:10.673 Disk 0 unknown MBR code
18:39:10.704 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
18:39:10.720 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 454730 MB offset 409600
18:39:10.735 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 21906 MB offset 931696640
18:39:10.751 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
18:39:10.798 Disk 0 scanning C:\Windows\system32\drivers
18:39:23.605 Service scanning
18:39:46.194 Modules scanning
18:39:46.194 Disk 0 trace - called modules:
18:39:46.225 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
18:39:46.241 1 nt!IofCallDriver → \Device\Harddisk0\DR0[0xfffffa8006fe7060]
18:39:46.241 3 CLASSPNP.SYS[fffff88001b1e43f] → nt!IofCallDriver → [0xfffffa800511cb10]
18:39:46.256 5 hpdskflt.sys[fffff880017f3185] → nt!IofCallDriver → \Device\Ide\IAAStorageDevice-1[0xfffffa8004fb1050]
18:39:47.333 AVAST engine scan C:\Windows
18:39:49.735 AVAST engine scan C:\Windows\system32
18:42:02.166 AVAST engine scan C:\Windows\system32\drivers
18:42:11.620 AVAST engine scan C:\Users\Jerico
18:48:26.684 Disk 0 MBR has been saved successfully to “C:\Users\Jerico\Desktop\MBR.dat”
18:48:26.700 The log file has been saved successfully to “C:\Users\Jerico\Desktop\aswMBR.txt”
18:50:13.365 Disk 0 MBR has been saved successfully to “C:\Users\Jerico\Desktop\MBR.dat”
18:50:13.365 The log file has been saved successfully to “C:\Users\Jerico\Desktop\aswMBR.txt”
I’m having a trouble on copy and pasting the OTL log
it says "The message exceeds the maximum allowed length (10000 characters)
so I attached the file
Good, as we want the logs attached, so don’t worry. 
sorry…
It’s no problem at all…!! 
sorry for the late reply,
here are the complete logs of all three scans
plus a screenshot of the problem