Without seeing what was detected in System Restore points, impossible to know what the malware is (was) and even then maybe not possible. If you have had malware in the past, the chances are high that it would have created itself in a system restore point, that's a common trick. Usually the final part of a malware cleaning procedure is to delete all restore points, but only once the computer is clean, and running correctly (ie it is reasonably certain that system restore won't be needed at that point.)
What I would do, if everything is working well, is to disable system restore, reboot, turn it back on. Future restore points (you won't know for a day or two) should be clean.
Regarding protected files, this is normal. Such files are often encrypted and/or password protected. Some antispyware applications use this to keep there definition files under lock and key, so to speak. Avast has no way of opening them, and it doesn't matter. Unless you see a password protected file that you or a known program did not put there, you can treat them as safe.
Very commonly seen with users of Adaware, and Spybot S&D. Also MS Crypto keys etc.