URL:Mal detected in bittorrent.exe

Infection Details
URL: hxxp://trololololololololololo.com/
Process: C:\Program Files\BitTorrent\BitTorrent.e…
Infection: URL:Mal

What do i need to do to remove the malware? Upon running bittorrent.exe, avast would detect URL:Mal running from bittorrent.exe

Admittedly, recently i downloaded a fake vid torrent, so that might be the cause. I tried clearing caches,torrents from %appdata% bittorrent folder, reinstalled bittorrent, yet the problem persists.
Ran full scan on avast and malwarebyte, no problems found. Ran boot time full scan, no error found.

hey and welcome to the forum.
Could you attach the malwarebytes log to please.

a malware expert will guide you from there.

http://forum.avast.com/index.php?topic=53253.0.

One of the torrent seeds is infected, did you remove all of them ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva399.sys -- (XDva399)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva387.sys -- (XDva387)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva385.sys -- (XDva385)
@Alternate Data Stream - 1236 bytes -> C:\ProgramData\Microsoft:NfNbjZaAKShyC4Onj7
@Alternate Data Stream - 1109 bytes -> C:\ProgramData\Microsoft:tmA16Fh0U8anQq7TatkPGpUw

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Yeap i’m sure i removed the torrents. I’ve switched to using uTorrent instead.
Ran OTL as told and here’s the log :

Are you still getting the alerts ?

Nope, i’m not getting anymore alerts . Thank you very much for the help :slight_smile:

Run OTL and press the cleanup button to remove it ;D