Avast fails to remove trojan

For a week now I’ve had trouble with Avast finding trojans, but it can’t delete them, repair or even move them to the virus vault! There are 12 of them! All are listed as Infection Win 32: Trojan and 2 are in setupxv.exe\setup.msi\app.cab\ (then lengthy list of letters/numbers), and 10 are in sys.vol.Information, either starting with FE or F4…
I’m running windows XP, Avast is up to date.
I’m wondering if these are all false positives, which I’ve heard about but never experienced before. I also do think there’s real bugs in here. One Mod of a game called Space Empires 4, is now causing the pc to beep everytime I open or close a new screen (window) in game. And I mean the pc internal speaker, not those connected to the sound card!
Any ideas

The ones in system volume information, are in system restore, and nothing to worry about.Please post the name and locations of the other infected files

Download, install, update and run the following programs ( quick scans ).Copy/paste the log results.Then run HJT, choose scan and save log file.Copy/paste the log

http://filehippo.com/download_malwarebytes_anti_malware/

http://filehippo.com/download_superantispyware/

http://filehippo.com/download_hijackthis/

I suggest:

  1. Clean your temporary files.
  2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  3. Use MBAM (or SUPERantispyware or even Spyware Terminator) to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
  4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
  6. Disable System Restore and then reenable it again.
  7. Immunize your system with SpywareBlaster.
  8. Check if you have insecure applications with Secunia Software Inspector.

Hi. I have simmilar friks. System Volume Information and System32 files are infected by Vanti-CB and Kavos. Avast! did not repair them.
I am not skill in this. I need someone to help me.

Thanks

I’ll suggest the same steps… I’ll post them in more detail if it will help you:

If a virus is replicant (coming and coming again), you could follow the general cleaning procedure:

  1. Clean your temporary files. You can use CleanUp or CCleaner for that.

  2. Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot. Other option is scanning in SafeMode (repeatedly press F8 while booting).
    If avast does not detect it, you can try DrWeb CureIT! instead.

  3. It will be good if you download, install, update and run MBAM (or SUPERantispyware or even SpywareTerminator).
    If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
    About legit antispyware applications or the bad ones see here.

  4. If you still detecting any strange behavior or even you’re sure you’re not clean, maybe it will be good to test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster for XP/Vista. For XP only: Panda.

  5. Also, if you still detecting strange behaviors or you want to be sure you’re clean, maybe making a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.

  6. After you’re clean, disable System Restore on Windows ME, XP or Vista. System Restore is not available in Windows 9x and 2k. After disabling you can enable it again.

  7. Use the immunization of SpywareBlaster.

  8. Finally, when you’re clean, check for insecure applications with Secunia Software Inspector to update insecure applications and avoid reinfection.

The reason why avast can’t deal with this in is because it is burried within several archive files and to extract it from within them and try to put all the archives back together again is likelt yo corrupt the overall file. This is why the reason given is not a supported operation or words to that effect.

You will have to make the decision if you wish to manually delete the complete file, setupxv.exe.

avast should be able to deal with those in the system volume information folder, so what exactly do you mean by avast can’t remove them ?
What reasons are given by avast ?

Any doubt with a restore point being infected I would immediately remove it as left there there is the possibility that you could infect your system if you use system restore in the future and it includes those restore points.

Since you have XP, you could enable a boot time scan, which will deal with those in the system volume information folder. Right click the avast icon, select Start avast! Antivirus, a memory scan will take place followed by the opening of the Simple User Interface, Menu, ‘Schedule boot-time scan…’ Or see http://www.digitalred.com/avast-boot-time.php.