When I click on the link for the automatic remover found in this post, Avast warns me that it is a virus. Is this normal?
When I received the virus warning, I followed the manual removal suggestion instead. The registry keys that are listed in this post were not found in my registry. Does this mean that the file never executed? The file has been moved to the Chest in Avast. Should I simply delete this file, or are there other steps I need to take?
The link given there is clean, so probably a FP.
This were the results of DrWeb online URL scan:
Anti-virus engine version: 4.44.0.9170
File size: 105.9K
ps_uninstaller.exe packed by BINARYRES
ps_uninstaller.exe - archive NSIS
ps_uninstaller.exe/data001 - OK
ps_uninstaller.exe/data002 packed by UPX
ps_uninstaller.exe/data002 - OK
ps_uninstaller.exe/data003 - OK
ps_uninstaller.exe - OK
Since this is in the ?:\System Volume Information folder is a part of the system restore function it was most likely previously removed from a system folder whilst system restore was enabled and saved to a restore point only to be detected again by avast.
This area protected by windows, the only really effective way to clean infected _restore points is to disable system restore (on all drives) and reboot. This will clear ALL _restore points. Once you have disabled system restore, reboot, scan your PC again and if clear enable system restore, this will create a new clean restore point.
What is on the g:\ drive or are you using g:\ as a dual boot drive ?