Trojan in System volume information and cannot move to chest

Hello, I did a virus scan today and got two results. one is win32:trojan-gen and it is in G:\System Volume Information_restore{lots of letters and numbers}\RP11\A000081.exe and the other was a daemon tools lite installer as a Win32:agent-AIIU [trj]. I was pretty sure that the daemon tools file was a false positive since i dled it directly from their site and daemon tools has a history of false positives but it was an old file tha ti don’t use so i deleted it and when i did that i got a big red scary window that said avast has protected my comp from a trojan attack coming from G$recyclebin from a file called $R0WMACA.exe. is that just another false positive? I was able to move it to the chest.

as for the other one in the system volume information folder I looked online and it seemed I had to disable system restore to fix that however when i went to do that windows isn’t set to create restore points for that drive and only my system drive but I disabled my system drive’s restore points. and i restarted and did a scan but I still get the same results. I have formatted my computer so maybe it was a restore from a previous installation of windows? also the folder has a size of 0 bytes. I tried to move the file to quarantine but I get an error saying: Error the system cannot find the file specified (2). I’m not sure how to proceed with these two files at this point. any help would be appreciated. Thank you.

Daemon tools are adware/spyware as far I know…
The file from $recyclebin seems really infected. That is not a trust folder.
Disable system restore, apply (or boot), scan again. The infected files (and restore points) should be gone.
If you’re using Windows 7, you can delete the points (not only disabling system restore).

I use daemon tools as a virtual cd drive. I know it tries to get you to install it’s tool bar and change your homepage but a lot of valid programs try to do that and I have opted out of all that stuff and it has worked fine. I know malware bytes has taken it off its list of malware.

Yes I am using windows 7, do you mean i can delete the individual files? disabling system restore and manually deleting all the restore points does not get rid of the infected files. the G drive was never set to have restore points but I tried to enabling and disabling it but it did nothing. I currently do have not any restore points set. thank you.

You can try running this and see what it find

Malwarebytes Antimalware http://filehippo.com/download_malwarebytes_anti_malware/
after install click UPDATE and run scan, click on REMOVE SELECTED to quarantine anything found

malwarebytes comes up clean.

so are there any other suggestions? anybody else experience this problem? according to avast I got a virus in my G drive that it can’t locate and can’t quarantine so it’s just sitting there. I doubt it would even be able to delete the file since it can’t locate it. I was hoping to upload it to an online virus scanner and see what it says but since it’s a protected folder i can’t access it. again, malwarebytes anti-malware does not find any malicious files on my computer.

I’m running windows 7, system restore is disabled, I’ve tried deleting all points from the system protection menu as well for each drive and so far nothing has helped. another detail i remembered was that when I first installed windows 7 i had a problem where the hard drive where my C drive was located was marked as the boot and the hard drive with G was marked as the system drive and I had to use window 7’s start up/boot fix wizard so maybe that might be why there’s some restore files that avast can’t locate? I have no clue just throwing some ideas out there. you can find more info about that problem here: http://www.hanselman.com/blog/CommentView.aspx?guid=54ce4de2-2920-4904-bfaf-b8f3ab7737b8

thank you.

what! this is wrong

ok i just did a boot time scan and i was able to move the file to the chest. now that I have both files quarantined is there anyway to completely remove them?

Why? Let the files into Chest. They can’t harm and allow further investigation if you need.