TechSpot

Win32/heur virus

By josh99
Jun 2, 2009
  1. I just found the win32/heur virus using AVG 8.0. I am running Windows Vista. I read your 8 step virus removal instructions but I cannot download malwarebytes, superantispysoftware, or avast. I assume these sites are being blocked by the virus as I can access other websites fine. And it won't let me install avira. What should I do?

    Also I am hooked up to a network. Will this virus effect other computers on the network?

    Also if AVG does not detect the virus any longer does that mean I am safe?
     
  2. touch

    touch TS Rookie Posts: 978

    Hello josh99

    It will, if you share files.

    Please download combofix here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    Before Saving it to Desktop, please rename it to 123.com to stop malware from disabling it.

    Now, please make sure no other programs are running, close all other windows.

    Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
    Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
    It may take a while to complete scanning and this is normal.

    You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
    scanning has completed.

    Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post
     
  3. josh99

    josh99 TS Rookie Topic Starter

    I am using the internet through this network but am doing nothing else through the network. Will this affect other users on the network? Will the virus spread by itself?
     
  4. josh99

    josh99 TS Rookie Topic Starter

    Did this as you said but when the combofix had finished avg said that C:\32788R22FWJFW.swre.exe was infected and so I put in in the virus vault and then the combofix porgram comes up with an error. I'm guessing that C:\32788R22FWJFW.swre.exe is really the combofix program and so that is why the combofix program comes up with an error. If I don't clean this quick then I'll just reinstall windows which is probably the best way regardless correct?

    As an update I have malwarebytes and superantispysoftware installed. I also have hijackthis and ccleaner.
     
  5. touch

    touch TS Rookie Posts: 978

  6. josh99

    josh99 TS Rookie Topic Starter

    Still comes up with an error and then the combofix file gets deleted.
     
  7. touch

    touch TS Rookie Posts: 978

    Ok. We´ll try another scanner -

    Please download DDS: http://download.bleepingcomputer.com/sUBs/dds.scr
    to your Desktop and doubleclick on DDs.scr to run it. If your security software includes script blocking features, please disable these before you run this utility. When the scan has finished, two logs will open.
    Attach both reports in this topic.
    The logs will be reasonably large so it possible you may have to divide them into sections and make several posts to post them.
     
  8. josh99

    josh99 TS Rookie Topic Starter

    Thanks but I reinstalled windows. Thanks for your help anyways.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...