Threat found ... A0016823.exe ... what to do?

Discussion in 'ESET NOD32 Antivirus' started by bdemchak, Dec 22, 2008.

Thread Status:
Not open for further replies.
  1. bdemchak

    bdemchak Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    5
    Hi --

    I'm evaluating NOD32 AV ... just downloaded and installed in two days ago.

    The initial scan was clear, and all of a sudden a Threat Alert popped up today. The object is: "C:\System Volume Information\_restore{3B00C17C-D9...\A0016823.exe" and the comment says that the event occurred on a file modified by the application C:\Windows\System32\svchost.exe.

    OK. I have a choice of Delete or No Action, and I'm not sure what to do because I'm not sure what has been detected.

    I'm guessing that there's a problem with a restore point??

    What should I do?? (I can't find anything on this by searching the knowledgebase.)

    Thanks.
     
  2. Onslaught3566

    Onslaught3566 Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    14
    This is in system restore so I would turn off system restore then turn it back on and see if its gone,but first I would scan with superantispyware and Malwarebytes to make sure the system was clean first.Then you could upload the file to virustotal to insure its not a false positive.I would also upload it to ESET to let them take a look and they will be able to tell you what it is.
     
  3. bdemchak

    bdemchak Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    5
    Excellent ... thanks for the calibration. I'll do that.

    Thanks!
     
Thread Status:
Not open for further replies.