Instead of creating a new thread I'll just steal this one!
My problems started about two days ago when I was trying to install the latest version of Alcohol 120%, after the install avast! prompted me with several warnings about viruses and Trojans. I chose delete and the prompts just disappeared. Just to be safe I started a thorough scan and after a couple of hours avast! found about 70 viruses/Trojans. Most of them could be removed but 20 or so couldn't be deleted, repaired, put in a chest or moved/renamed.
With a little help from HijackThis and Spybot S & D all of them except two malwares were removed, Win32: Trojan-gen {VC}. After another avast! thorough scan I could successfully move/rename these files and then delete them using avast!, but after scanning again they reappeared in the same folder as before with the same names. I haven't tried to do a boot scan because the last time I tried with another virus the shit hit the fan and I had to reinstall windows and everything. And after googling about this Trojan (Win32: Trojan-gen {VC}) and the file it was hiding in pwservice.exe I found out that others had also encountered problems when trying to do a boot scan.
I know that pwservice.exe is a hacktool that steals windows password hashes and I actually have no idea how it got there, since it has to be manually installed. The problem also is that the file is found in D:\System Volume Information\_restore{B445E914-6527-4311-909C-31002F7BB52F}\RP303\A0041317.MSI\Cabs1.w1.cab\pwservice.exe and pwservice.exe3, I can't access that file manually and it seemingly can't be removed using avast!, HijackThis or spybot S&D. Note that I have already disabled the system restore function so if a reboot would be performed any malware should not be recreated or restored.
My question now is most obviously how do I remove this malware? Would a boot scan perform more efficient and most likely remove the Trojan or should I start up in safe mode and try removing it that way? All suggestions are welcome with open arms! By the way I am using Windows XP Home Edition V.2002 SP2.
/Chippe