Win32/Heur Virus running AVG 8.5 with Acer 6930 laptop

Status
Not open for further replies.
L

Lornick

Posts: 10   +0
AVG is picking 13 Virus in my computer..having probs removing them, says its removed them and then it finds em again. Running windows vista, using ACER aspire 6930 laptop.

Virus names are as follows:

Win32/Heur 9 in total
Trojan Horse Adload_r.KN 3 in total

Will Appreciate any help, and i am not a computer wiz I am a beginer, so please be patient.

Thankyou
 
Lornick, Win32Heur often goes with Virut. That is a bad malware infection that morphs into a different files when you remove one. I suggest you run through this first:

  • Make sure to use Internet Explorer for this
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:
    • c:\windows\system32\userinit.exe
  • Click on the Upload button
  • If a pop-up appears saying the file has been scanned already, please select the ReScan button.
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.
Also scan these,

C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe


Usually we have you go through the malware removal steps Tmagic mentioned first. But I've seen Virut so often with the Win32Heur find by AVG, I think it's worth running the scan- paste the log in next reply when done.

I promise we'll be patient! But sometimes it an be best to cut to the chase first!
 
Thank you very much for your reply..I shall try i straight away and post up the results for u your patients is very much appreciated ty
 
HI Bobbye,

Just a quick update to my current situation, i uninstall AVG and installed Avira AntiVir Personal instead to see if that helped fix my problem..unsure if it has tho it did detect added virus that AVG did not..it did not repair the files but i sent them to quaranteen..hopefully this helps

This is the results from uploading: c:\windows\system32\userinit.exe at the website you suggested

VirSCAN.org Scanned Report :
Scanned time : 2010/01/10 06:46:45 (EST)
Scanner results: Scanners did not find malware!
File Name : userinit.exe
File Size : 25088 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : 0e135526e9785d085bcd9aede6fbcbf9
SHA1 : d15244d41efddbab08d53fe032aedff39091d3af
Online report : http://virscan.org/report/746bca02cb609bba59282686e5e5ba7e.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20100109234514 2010-01-09 4.63 -
AhnLab V3 2010.01.09.02 2010.01.09 2010-01-09 1.31 -
AntiVir 8.2.1.134 7.10.2.151 2010-01-08 0.05 -
Antiy 2.0.18 20100108.3621411 2010-01-08 0.12 -
Arcavir 2009 201001081341 2010-01-08 0.03 -
Authentium 5.1.1 201001091522 2010-01-09 1.32 -
AVAST! 4.7.4 100109-0 2010-01-09 0.01 -
AVG 8.5.288 270.14.131/2609 2010-01-09 0.30 -
BitDefender 7.81008.4847615 7.29800 2010-01-10 4.13 -
CA (VET) 35.1.0 7225 2010-01-07 11.88 -
ClamAV 0.95.2 10275 2010-01-09 0.01 -
Comodo 3.13.579 3409 2010-01-09 1.33 -
CP Secure 1.3.0.5 2010.01.09 2010-01-09 0.04 -
Dr.Web 4.44.0.9170 2010.01.09 2010-01-09 8.38 -
F-Prot 4.4.4.56 20100109 2010-01-09 1.41 -
F-Secure 7.02.73807 2010.01.09.04 2010-01-09 9.38 -
Fortinet 11.354- 11.354 2010-01-09 0.21 -
GData 19.9871/19.667 20100109 2010-01-09 8.29 -
ViRobot 20100108 2010.01.08 2010-01-08 0.61 -
Ikarus T3.1.01.80 2010.01.09.74929 2010-01-09 4.38 -
JiangMin 13.0.900 2010.01.09 2010-01-09 20.03 -
Kaspersky 5.5.10 2010.01.09 2010-01-09 0.07 -
KingSoft 2009.2.5.15 2010.1.9.22 2010-01-09 1.76 -
McAfee 5.3.00 5856 2010-01-09 3.40 -
Microsoft 1.5302 2010.01.09 2010-01-09 7.14 -
Norman 6.01.09 6.01.00 2010-01-09 4.01 -
Panda 9.05.01 2010.01.09 2010-01-09 3.63 -
Trend Micro 9.120-1004 6.758.06 2010-01-09 0.03 -
Quick Heal 10.00 2010.01.09 2010-01-09 1.57 -
Rising 20.0 22.29.05.04 2010-01-09 1.48 -
Sophos 3.03.0 4.49 2010-01-10 2.99 -
Sunbelt 3.9.2389.2 5608 2010-01-08 2.27 -
Symantec 1.3.0.24 20100102.020 2010-01-02 0.11 -
nProtect 20100109.01 6831766 2010-01-09 4.36 -
The Hacker 6.5.0.3 v00143 2010-01-09 0.80 -
VBA32 3.12.12.1 20100108.2153 2010-01-08 2.34 -
VirusBuster 4.5.11.10 10.118.25/2004768 2010-01-08 2.41 -

NEXT RESULT IS FROM SCAN FOR C:\WINDOWS\explorer.exe

VirSCAN.org Scanned Report :
Scanned time : 2010/01/10 06:54:43 (EST)
Scanner results: Scanners did not find malware!
File Name : explorer.exe
File Size : 2926592 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : d07d4c3038f3578ffce1c0237f2a1253
SHA1 : 4b3bd605b63749ff255e048ca6f27aff95aec24a
Online report : http://virscan.org/report/9d9617050e47bd0931d4a71ab199cbe5.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20100109234514 2010-01-09 5.47 -
AhnLab V3 2010.01.09.02 2010.01.09 2010-01-09 1.53 -
AntiVir 8.2.1.134 7.10.2.151 2010-01-08 0.38 -
Antiy 2.0.18 20100108.3621411 2010-01-08 0.12 -
Arcavir 2009 201001081341 2010-01-08 0.09 -
Authentium 5.1.1 201001091522 2010-01-09 1.26 -
AVAST! 4.7.4 100109-0 2010-01-09 0.11 -
AVG 8.5.288 270.14.131/2609 2010-01-09 0.34 -
BitDefender 7.81008.4847615 7.29800 2010-01-10 4.11 -
CA (VET) 35.1.0 7225 2010-01-07 10.92 -
ClamAV 0.95.2 10275 2010-01-09 0.33 -
Comodo 3.13.579 3409 2010-01-09 2.25 -
CP Secure 1.3.0.5 2010.01.09 2010-01-09 0.48 -
Dr.Web 4.44.0.9170 2010.01.09 2010-01-09 8.82 -
F-Prot 4.4.4.56 20100109 2010-01-09 1.84 -
F-Secure 7.02.73807 2010.01.09.04 2010-01-09 4.41 -
Fortinet 11.354- 11.354 2010-01-09 0.25 -
GData 19.9871/19.667 20100109 2010-01-09 9.37 -
ViRobot 20100108 2010.01.08 2010-01-08 1.39 -
Ikarus T3.1.01.80 2010.01.09.74929 2010-01-09 4.50 -
JiangMin 13.0.900 2010.01.09 2010-01-09 19.03 -
Kaspersky 5.5.10 2010.01.09 2010-01-09 0.07 -
KingSoft 2009.2.5.15 2010.1.9.22 2010-01-09 0.74 -
McAfee 5.3.00 5856 2010-01-09 3.41 -
Microsoft 1.5302 2010.01.09 2010-01-09 10.62 -
Norman 6.01.09 6.01.00 2010-01-09 4.01 -
Panda 9.05.01 2010.01.09 2010-01-09 2.00 -
Trend Micro 9.120-1004 6.758.06 2010-01-09 0.04 -
Quick Heal 10.00 2010.01.09 2010-01-09 2.83 -
Rising 20.0 22.29.05.04 2010-01-09 1.14 -
Sophos 3.03.0 4.49 2010-01-10 2.99 -
Sunbelt 3.9.2389.2 5608 2010-01-08 7.50 -
Symantec 1.3.0.24 20100102.020 2010-01-02 0.78 -
nProtect 20100109.01 6831766 2010-01-09 10.97 -
The Hacker 6.5.0.3 v00143 2010-01-09 1.16 -
VBA32 3.12.12.1 20100108.2153 2010-01-08 4.07 -
VirusBuster 4.5.11.10 10.118.25/2004768 2010-01-08 3.44 -

I have to do two posts for the file is too big for techspot pls find result in my next post.

Thank you very much for all your help..If i have done anything incorrectly please let me know i will fix it straight away..lol

Once again ty vm for all your patience
 
Good so far. You have one more file to do the scan on. Checking those particular files is way to determine whether the system is infected by Virut. That is a bad one that we usually recommend reformat/reinstall. but if the last file scan is clear for that, we will proceed looking for other malware.

If after running C:\WINDOWS\System32\svchost.exe you also see Scanner results: Scanners did not find malware! please go ahead and do the following:

Follow the steps HERE. When you have finished, attach the 3 logs to your next reply. I'll review them to see what we're working with.

Usually that would be where we have you start. IT was just the particular malware- Win32 Heur- that I have seen so often with Virut that made me want to rule it out.
 
Status
Not open for further replies.

Similar threads

Mac14
Solved Am I infected?
2 3
Replies
51
Views
18K
Broni
Broni
C
  • Locked
Inactive Win32/Zbot.G, Trojan horse Cryptic.BGF and Trojan horse Cryptic.BGI
Replies
3
Views
3K
Broni
Broni
L
  • Locked
Solved Win32/Heur Virus AVG
Replies
5
Views
34K
Broni
Broni

Latest posts

Back