trojan horse SHeur2.AGTY

  eddie937 06:53 22 May 2009

Good morning all,
I have just woken up to find that AVG has just found a trojan horse SHeur2.AGTY. AVG says its in my C:\Sysetem Volume Information\_restore then a load of numbers then .exe in five different places. AVG says it can't heal them.
Does anyone know if there is a removal tool out there for this virus?

Many thanks in advance.


  mooly 07:37 22 May 2009

Disable restore points which deletes that folder and reboot and rescan.
Remember to re enable restore points afterwards.

  eddie937 07:47 22 May 2009

Thanks for your quick reply.
How do i go about disabling restore points.


It's been a while since i've touched a computer.

  mooly 08:19 22 May 2009

Vista or XP. Open "help and support" from the start menus. Type system restore and search.
On XP,

click here

  mooly 08:20 22 May 2009

click here

  eddie937 08:23 22 May 2009

Cheers Mooly

  mooly 08:28 22 May 2009

Worth running disc cleanup too.
click here

XP will be similar from memory.

  birdface 09:01 22 May 2009

Download and run this. Update it first.

click here

  eddie937 11:52 22 May 2009

Thankyou to everyone who helped.

I disabled restore points and restarted my computer. I ran AVG and the viruses have gone. (I enabled restore points again)Phewwwww!

Thanks for your help again.


  mooly 12:39 22 May 2009

That's good to hear. System restore and temporary internet files are favourite hiding places for a lot of malware.

  mfletch 12:50 22 May 2009

Just to add

Nothing can get out of the system restore unless you actually do a system restore,

So if a virus>Trojan is stored in the system restore it is trapped in there until you do a system restore or turn S/R off and delete all the restore points

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Best phone camera 2017

Stunning new film posters by Hattie Stewart, Joe Cruz & more

iPad Pro 10.5in (2017) review

28 astuces pour profiter au mieux de votre iPhone