Infected w/ Vundo & others - am I clean

Hello. I have been infected with multiple Trojans with the most notable being the Vundo variant. I have run through the entire README process and believe I followed every step to the letter. I am not sure if I am actually clean yet and was hoping for someone to look at my logs.

History:
Back in end of May (25-May), my daughter was logged on to her account on the PC (Brit's space) looking at guitar tabs and playing in myspace. She called me to the PC when she started getting non-stop pop-ups about the PC not being protected but the messages were not from any protection software I installed. I realized then that I had a big problem but could not even get to your site because the virus(s)/trojan(s) had taken over Internet Explorer.

I have one other home PC which I used to download the software packages in the cleaning process and burned to a CD to use on the infected PC. Even after moving them from the CD to the hard drive, some of the programs would not even launch. I finally used your renaming trick and was able to get through the process but after rebooting was still having issues. Because it was Memorial Day Weekend, I gave up and completely unplugged the PC (both the ethernet cable and the power cord).

I just now am getting back to this PC (which is the newer of the 2 that I have so I really would like to get things fixed). I ran all the scans overnight and the logs are attached (9-July). The scans look better than when I ran them in May (although in some cases, I could not save those May logs for comparison because even notepad was having issues because of the infection.)

One last thing. My daughter did have admin rights on her user account (yes, I know this was stupid. Don't worry, I am kicking myself!!). I did change this account to be limited as soon as realized what happened back in May which was how it was set up when I ran the scans from my user account (Mom's space).

I hope this is enough information to get started but not too much to waste your time. I appreciate any help that can be given!!!

 

Here is the last of the logs.

 

I removed the file and uninstalled Windows Messenger.
Everything appears to be back to normal on my user account and my daughter's account.

Thank you, thank you, thank you for checking my logs.
You have alleviated my fears that things are still lurking and hiding on me

Since things look good, I was going to finish with step 4 to toggle system restore and step 5 to put the right things in place to prevent future problems.
If you would suggest any other steps, let me know.

I can't say it enough. Thank you for your time!!! And thanks to all the experts who contribute and support this forum!! You all are amazing!!

 

I have what may be a stupid question so I decided to bundle it with my other question that is definitely stupid and hopefully these will be the only ones.

I just unistalled combofix and it went through successfully; however, McAfee popped a PUP detected warning message when I did this with the Name: RemAdm-ProcLaunch!171 and Location: C:\327882R2FWJFW\psexec.cfexe.
It then gives me the 3 options: remove, trust, or close alert.

Don't want to screw anything up at this point so I am leaving the window up for now why I post.

(And my second definitely stupid question, I have no idea what torrent downloads are (I bet this one is showing my age). You are not responsible for educating me but if we are downloading them, I don't know what they are or why we are).

 

Thanks for the explanations!!

I finished the steps up to and including enabling/disabling system restore without any problems.

I am now just walking through the last step(s) of making sure my PC gets protected. Appreciate all the help. I think you are done with me for now but if anything happens going through the protection steps that feels like malware, I'll let you know. But I am staying positive that we are done!!!

:-D