Avast! Warning Same File

I have downloaded the free home version of avast on my laptop with XP Pro and it ran the scanner on reboot and I selected the delete all for the files that it returned. I restarted my computer and up popped the avast! Warning window and it is still popping up after I have deleted and/or moved files to chest but the same file is in the filename in the warning. The reason I downloaded avast was a program called Antivirus XP 2008 loaded itself onto my computer and I tried to remove it but the computer cannot find the uninstall.exe file to remove it. Any suggestions? Thank You.

I suggest:

  1. Disable System Restore and then reenable it again.
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  4. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

Check also http://forum.avast.com/index.php?topic=38276.msg320693#msg320693

These two applications have relatively good removal success with the fake alert malware.

MalwareBytes Anti-Malware freeware version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.

Also Try this tool (perhaps even first), RogueRemover, available here http://www.malwarebytes.org/rogueremover.php

I believe the rationale for turning system restore off/on is that malware could create itself in one or more restore points.
There fore it is appropriate to delete all the restore points only after the malware is cleaned and everything is working well.
It can’t migrate from system restore to the active OS, unless a restore point is selected.

(Correct me if I’m wrong, please.)

The steps posted above should take care of it. Assuming they have, and everything works well, turn system restore off, reboot, turn it back on again.

It isn’t that malware could create itself in one or more restore points, it is a protected area (though avast doesn’t seem to have a problem with the protection).

It is just that when cleaning malware that might be in the system folders, it is possible that when deleted or moved, system restore could create a copy of the file in a restore point.

So some time in the future when you use system restore you could be restoring an infected file (and possibly its associated registry entry), infecting your system. So my rational is, if you have any doubt about an infection in the system volume information restore point/s clearing everything out removes that doubt.

Is it better to do that after the computer has been successfully cleaned?
Reason I ask, there have (infrequently) been reports that the use of system restore has fixed a malware problem. And if malware part-cripples the system, it may be a necessary (though not always desirable) step in the cleanup process.

It is debatable, but many AV companies would suggest disabling system restore first.

OK, thanks.