TechSpot

Need help removing Win32/Heur

By Sean1021
Jul 29, 2011
  1. Okay so I play a game call War Inc. Battlezone regularly and today there was a patch I needed to download in order to play the game. So I proceeded and after it finished and I clicked the play button AVG came up saying that a virus has been found. Win32/Heur. Now I moved it to the vault and deleted it but it keeps coming back whenever i try to play the game.

    Ive run a scan of my computer and when I saw it go over the file location where the virus is it didn't show up. Why didn't it pick it up in a scan but it picks it up when I start up the game?

    How can I get rid of this virus? I'm not too computer savvy so if it's possible to put directions in a simpler manner would be great.

    I hope to get a response soon! thank you.
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! I will help with the malware and I promise you will be more computer 'savy' by the time we finish.

    Question:
    Was this 'patch'. you got to play the game a crack or keygen, from a file sharing site My guess is yes and therein lies the story of "How did I get infected?"
    ====================================================
    Please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
    ==================================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.
    If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
    Regarding you comment of getting help "real soon.". Please read my guidelines. Keep in mind that I am also helping other members.
     
  3. Sean1021

    Sean1021 TS Rookie Topic Starter

    Actually the game is a free to play game, and the patch is an update and is downloaded automatically when ever I launch the game. It goes to an update interface and you see the progress and can read the updates. So I'm very confused as to if this game gave me the virus or it got on my computer some other way but it seems a little strange that it showed up right after I got the patch.

    My AVG scan is still running right now and is currently at 88%. It's picked up 4 other viruses so far, none of which are the Win32/Heur. They are all Trojan's. But those are going to be easier to get rid of. The Heur one wont show up unless I launch that game and I looked up on ehow.com how to remove it and it said to run regedit? I did that and it told me to search through these files and where it said it should be, I could not find it.

    I'm so confused, and I want this virus gone. I want to be able to check my bank accounts and other secure things but can't until this is gone. I don't want to risk it.
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    No regeedits while I'm helping you! As long as I am heling you, you follow my instructions only. You do not go follow directions from another site.

    Malware cleaning has to be an orderly process. I will have you run an online scan later. Either stick with my directions or we will stop.

    Please review:
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.
    If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
     
  5. Sean1021

    Sean1021 TS Rookie Topic Starter

    I did all this earlier not as I was typing the last response. I understand that I need to follow a specific order to rid the virus.
    I'm just trying to give you more information so you can get a better understanding of what's going on with my computer and what I have done before I posted this.

    So my AVG scan is done. In my virus vault i see the Heur one atleast 4 times. Is there a different program I should get? Im ready to get started to kick this viruses butt!



    Edit: I checked the game's forums for the patch update and apparently I am not the only one that this has happened to. So this virus is originating from this game developers patch update. Just thought i'd let you know!


    Edit 2: Sorry, I figured it out!!! Thanks for the help anyways! It was a false positive, I found a fix in the game's forum website about the resident sheild on AVG needing you to exclude the game.
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    AVG and Win32/Heur have a really bad time together. Would you consider running this online virus scan befor I close up?:
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESETOnlineScan
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
      [o] Double click on the [​IMG]on your desktop.
    • Check 'Yes I accept terms of use.'
    • Click Start button
    • Accept any security warnings from your browser.
      [​IMG]
    • Uncheck 'Remove found threats'
    • Check 'Scan archives/
    • Leave remaining settings as is.
    • Press the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    • When the scan completes, press List of found threats
    • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    • Push the Back button
    • Push Finish

    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...