Just Installed Avira Antivir Free-found Trojan

Got rid of Avast has it had web security guard issues with yahoo mail and what not and antivir seemingly a lot lighter. So not long after installing it on my system in detected this Trojan called TR/Gorshok.A, file named A0036013.dll , I quarantined it promptly then deleted it , then next time I booted my laptop I got the same message from antivir that it had found this trojan. Any particular reason why this message would show up again if I deleted this thing?

 

1. probably an FP
2. avira has poor removal, after reboot... its there again.

check the file with virscan.org

 

Running a full scan with Antivir in safemode might get rid of it. If you've still got a copy of the file then send it to avira to confirm it's not a false positive. TR/Gorshok.A is a signature detection so it might not be an FP.

 

Is System Restore turned on? If so, disable System Restore, reboot the computer. This will delete all restore points. The nasty is probably in System Restore. After rebooting, make a new restore point.

 

Okay, too send this to Avira do I click the "send to" button with the avira umbrella logo on it on the antivir interface? Thanks.

 

You could restore the file to your desktop (in a password protected zip) and send it to virus[@]avira.com, or upload it here from it's location.

 

Here's what it said in the source panel of avira. C:\System Volume Information\_restore{61BQAEB9-0158-489F-9FFA-CA033D1A8B0A}RP353\A0036013.dll

Hope I got that all right. I'm not sure how to even find this file on my pc though. Where would System Volume Information even be?

 

System Volume Information Folder

 

If its system restore file then probably best to follow mele20's advice above - it will be gone after reboot and cannot infect you from system restore.

 

The System Volume Information is a "hidden" folder on the main hard drive. it is "hidden" to prevent a user from inadvertantly deleting information in it since System restore would use it.

You have to change your file viewing option to show hidden folders.

 

just turn off system restore and then turn it back on again. All the old ones will be deleted and the virus will be gone.
You can find system restore through control panel, system.

 

All righty did the turn off system restore thing and I'll turn it back on here in a few. After a reboot ,hopefully that'll take care of it thanks guys.

 

Just for the record, I've seen users complaining of an FP on a Lotus dll component two days ago. The name Avira reported it as? TR/Gorshok.