mixnycakpemv.exe, removal?

Yesterday i let Avast do a full system scan in Windows Safemode, because Avast would not activate in normal windows mode.

Avast found a virus in the System32 folder, this was a “*.sys” file, this one i could delete in safemode.

I found a virus myself also, when looking thru the taskmanager, this one is named “mixnycakpemv.exe”.
This was not possible to close via taskmanager. Neither able to delete it, it said i needed to be administrator, but i am…
Opened “msconfig”, where this one also was in the startuptab… Removed it from msconfig, rebooted the pc in safemode and deleted the file.

Now Avast is activated and working as it should, this message keeps popping up: (roughly translated from norwegian)

“EVIL (hehe) URL Blocked”

“Object: hXXp://agelbetterway.ru” - Varies (i would not visit this page)
“Infection URL: Mal”
“Propulsion: C:\Users\Myuser\mixnycakpemv.exe”

How do i remove this?? It makes my computer slow.

Send the file to avast labs for detection

Open Avast! Virus chest [ Avast User interface>> maintainence>>virus chest]

right click on the empty space in chest>>select add>> browse to C:\Users\MyUsers\

select the mixnycakpemv.exe and select open

the file will be added to the chest…now right click on the file added to chest and click send to virus labs…next,update the definations manually to send the file to the labs.

Removal

follow this guide and attach all logs here:
http://forum.avast.com/index.php?topic=53253.0

@ MeSs
Please ‘modify’ your post change the URL from http to hXXp, to break the link and avoid accidental exposure to suspect sites, thanks.

The strange thing is that the file isnt there, but still the message pops up…

Ive edited the webadress

The c:\users folder may well be a hidden folder and or the file could be hidden.

I would concentrate on following the guide and posting/attaching the logs so that they can be analysed.