I’ve just used Ace Utilities to scan my startup programs and it discovered these two:
Item : MICROSFT ANTIVIRUS UPDATE SUPPORT
Name : “microsft antivirus update support”
Filename : [random 10-letter filename].exe
Database Status : Not required
Description : “Added by the RBOT-AQA WORM!”
Item : CTFMON.EXE
Name : “ctfmon.exe”
Filename : ctfmon.exe
Database Status : Not required
Description : “Added by the RAIDYS TROJAN!”
So I disabled system restore in preparation for removing them using avast, only problem is that avast doesn’t seem to pick them up.
Could somebody help me as I do not really want to purchase another Antivirus software just so I can remove these two. - The sophos website has instructions for removing them, so come on avast.
If detected by other scanners then send it to avast.
If you are not getting a virus warning that and you believe it is a new, undetected virus , then if you can zip and password protect (‘virus’, will do) the suspect file and send it to virus @ avast.com (no spaces), or send from the chest.
Give a brief outline of the problem (possibly a link to this thread), the fact that you believe it to be a either a new, undetected virus or false positive and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.