hi!

have ran into a very odd stuff ,
these past day nod32 has discovered there trojans:

Time***Module***Object***Name***Virus***Action***User***Info
2003-11-02 16:41:45***AMON***file***C:\System Volume Information\_restore{A928FB1D-F461-47C1-949F-1545C97747B0}\RP51\A0005519.exe***Win32/TrojanDownloader.WinShow.A trojan***deleted***NT INSTANS\SYSTEM***
Time***Module***Object***Name***Virus***Action***User***Info
2003-11-01 10:21:14***AMON***file***C:\System Volume Information\_restore{A928FB1D-F461-47C1-949F-1545C97747B0}\RP48\A0005409.dll***Win32/TrojanDownloader.WinShow.A trojan***deleted***NT INSTANS\SYSTEM***
Time***Module***Object***Name***Virus***Action***User***Info
2003-11-01 07:10:46***AMON***file***C:\Q230903.exe***Win32/TrojanDownloader.WinShow.A trojan***deleted***SPELMASKIN\
Time***Module***Object***Name***Virus***Action***User***Info
2003-10-29 17:41:05***AMON***file***C:\DOCUMENTS AND SETTINGS\MåRTEN WILBORGSSON\APPLICATION DATA\WINSHOW\WINSHOW.DLL***Win32/TrojanDownloader.WinShow.A trojan***deleted***SPELMASKIN\***

yesterday i pulled out the network cable and did do a search over the whole computer , and it didnt find anything , today when ive started the machine nod32 did find a new trojan , and the network cable aint plugged in ,
how can nod32 "miss" a trojan like that ?
any help are wanted in this case .

The Winshow trojan is not dangerous, it modifies the default home page set in your browser as well as search settings. The sample was added to update 1.545, as soon as ESET got it. It is essential to keep your antivirus always up-to-date to get the maximum detection capabilities.

does nod32 discover when that trojan tries to install it on the system , or do i have to run a full scan over all files to find the trojan ?

NOD32 (or indeed AMON, the on-access scanner) scans files for viruses on opening, creation and execution, and blocks further malicious actions.

> any help are wanted in this case.

Disable your Restore Points, or you will have trouble forever.