C:\System Volume Information\_restore - Win32/Spy.PerfKey.12 trojan

Discussion in 'NOD32 version 2 Forum' started by donm207, Oct 13, 2004.

Thread Status:
Not open for further replies.
  1. donm207

    donm207 Registered Member

    Joined:
    May 11, 2003
    Posts:
    5
    NOD32 has been finding:

    C:\System Volume Information\_restore{C4187BA9-7563-4EFE-B482-C14A20ABCB6F}\RP706\A0277611.dll - Win32/Spy.PerfKey.12 trojan

    on my system, can't seem to clean or delete it. i guessing it's a restore point?

    anybody have any ideas to get rid of it, safe modeo_O


    running winxp home, nod32 version 2.000.2, 10-12-04 definitions,,,


    thanx for ya help
     
  2. Meltdown

    Meltdown Registered Member

    Joined:
    Sep 17, 2004
    Posts:
    299
    Location:
    Babylon
    You're right, it is a restore point. Try this: disable system restore, reboot in safe mode and run a full scan with NOD. That should do it.
     
  3. donm207

    donm207 Registered Member

    Joined:
    May 11, 2003
    Posts:
    5
    thanx for the reply,, will try.

    just read the "sticky" on extra settings for nod32, came across the info on "scan" or "clean". trying a scan under the "clean" option, right now in that folder to see if i can get rid of it.

    "To have Nod32 use all the settings you have just configured, with a scan you need to click on “Clean” not “Scan”. “Scan” will advise you of a problem, however, it will not let you choose an action, this is the function of “Clean”.

    i've been running it under "scan"
     
  4. Meltdown

    Meltdown Registered Member

    Joined:
    Sep 17, 2004
    Posts:
    299
    Location:
    Babylon
    Yes, I found that counter-intuitive. But the system restore files are protected, your AV won't be able to clean them up. You have to disable system restore in order to flush out those files, then run clean, ideally in safe mode.
     
  5. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I am running nod 2.12.3 and have cleaned infections out of system restore files.

    info here
     
Thread Status:
Not open for further replies.