First question: I have been plagued for about three weeks with malware called “antivirXP2008”, which claims one has multiple viruses and, if you don’t buy the program, plants real viruses (virtumonde, etc) on your computer. It was almost impossible to get rid of it (AVAST missed “antivirXP2008” but caught some of it’s trojan ‘children’). I think I got antivirXP2008 from a Japanese site offering “free mpg3 music downloads.” Among the things it did was, after I sent some of the Monde trojans to the AVAST chest, it wouldn’t let me open the chest without a reboot. It also would not let me turn on Win XP auto updates. After a bit of research, deleting some suspicious files that seemed to be using a lot of processor (and not be in the correct folder), I think I have it under control. However, I could be wrong: tonight AVAST detected trojans in the RESTORE files, and I sent them to the chest. I just noticed that there is nothing in the chest! Where did they go?
My second question: WIN XP: AVAST cannot scan many files in C:/nprotect/ and ‘documents and settings’ because they are “password protected.” What password is it referring to and how can I disable it?
Hi gncarlo,
Many legitimate programs password-protect files, so that report doesn’t necessarily mean anything bad.
First try a boot time scan with avast! Right click the scanner screen, select ‘schedule a boot time scan’ and reboot when requested.
Try the usual free adware/spyware scanners.
Ad-Aware Free
Spybot Search & Destroy
SUPERAntiSpyware Free
Malwarebytes’ Anti-Malware
Download, install and update the programs. Disconnect from the internet (pull the plug) before running scans in Safe Mode if possible.
Always select the option to quarantine any malware found rather than delete it, then you will be able to restore files or registry entries wrongly identified as malware- a rare but not unknown event for any malware scanner.
If still having problems, post a HijackThis! log.
To clean System Restore:
Create a clean restore point then delete all previous infected restore points.