Jump to content
space_man

Trojan horse SHeur3.GWS

Recommended Posts

AVG has started reporting threat detected

File Name C:\System Volume Information\_restore etc. see attached jpg for details

Threat Name Trojan Horse SHeur3.GWS detected on open

The process name reported is C:\WINDOWS\system32|svchost.exe

Which I assume is a restore checkpoint the system is trying to create. As the only option is to place offending file in tthe virus I don't think the checkpoint is being completed.

All scans using Superantispyware do not detect any infections.

post-11316-126900251022_thumb.jpg

Share this post


Link to post
Share on other sites

Unfortunately I cannot upload the offending file as when I attempt to restore it from the virus vault AVG then sees it as a threat and only allows it to go back to the virus vault.

Is there any log file that I can provide to assist with the investigation ?

Share this post


Link to post
Share on other sites

IMO, remove AVG and install Microsoft Security Essentials.

With that being said, I suggest "layered" protection, as no antimalware product is 100% effective.

If you agree to such, then I can offer further suggestions.

Share this post


Link to post
Share on other sites

It seems that this has been caused by an attack earlier which whilst I cleaned it out, clearly left some carbage in the system restore file. This prevented the system taking automatic checkpoints. I just deleted all the system restore points and all is now OK.

Thanks for your assistance, anyway.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...