Hi there!
Avast 4.8 has recently (22/05/08) downloaded and updated itself to the latest edition and since then I am getting Win32:Neptunia-VS [trj] virus detections in C:\System Volume Restore_restore{C509B866-8382-48CE-B66C-583DD4FBBED0}\restiore. I have tried looking online to see if anyone else has this problem and the only hits that come up are people running World of Warcraft and it affects their WoW auto-update system. I also run WoW but do not have any interference with it. As this has been a fairly recent update from avast and that I have run a scan before the last avast update, which came up clean, and that these files have been on since at least 27/01/08, can it be said these are false positives?
Look forward to hearing from someone soon!
RK
Additional: I have also run AVG 7.5 on C:\System Volume Information and it comes up clean.
How have you run AVG 7.5 on the same system ?
Having two resident scanners installed is not recommended as rather than provide twice the protection it can cause conflicts that could leave you more vulnerable.
Strangely the CLSID/activeX control doesn’t bring up any hits on google either. If it were legit/valid I would have expected to see some hits.
I assume that you have only been checking for the Win32:Neptunia-VS [trj] name and that could be for a detection on different files so may be unrelated to your own detection. Searching on a malware name isn’t very efficient as a) there is no convention/standardisation when naming new malware and b) the same detection could well have numerous different names.
Since it was/is in a restore point, it has at some point been deleted and system restore has save it in the C:\System Volume Restore\ as a restore point, so its loss from the C:\System Volume Restore\ shouldn’t be a problem.