TechSpot

Win32/Heur

By Leeroy87
Sep 3, 2009
  1. Hi Guys,

    I am runnong Vista with AVG 8.5 and have got this trojan, my AVG scan is below:

    "C:\Program Files\ASUS\Splendid\ACOVS.exe";"Virus found Win32/Heur";"Infected"
    "C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe";"Virus found Win32/Heur";"Infected"
    "C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe";"Virus found Win32/Heur";"Infected"
    "C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe";"Virus found Win32/Heur";"Infected"
    "C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe";"Virus found Win32/Heur";"Infected"
    "C:\Program Files\Remote\SimHID.exe";"Virus found Win32/Heur";"Infected"
    "C:\Program Files\Remote\SimHID.exe";"Virus found Win32/Heur";"Infected"
    "C:\Program Files\Remote\SimHID.exe (1256)";"Virus found Win32/Heur";"Infected"
    "C:\Program Files\Windows Media Player\wmpnetwk.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
    "C:\Windows\ehome\ehrecvr.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
    "C:\Windows\ehome\Mcx2Prov.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
    "C:\Windows\System32\diskpart.exe";"Virus found Win32/Heur";"Object is white-listed (critical/system file that should not be removed)"
    "C:\Windows\System32\elevator.exe";"Virus found Win32/Heur";"Infected"
    "C:\Windows\System32\Locator.exe";"Virus found Win32/Heur";"Object is white-listed (critical/system file that should not be removed)"
    "C:\Windows\winsxs\x86_microsoft-windows-ehome-services-ehrecvr_31bf3856ad364e35_6.0.6001.18000_none_bd697e04219e5a29\ehrecvr.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
    "C:\Windows\winsxs\x86_microsoft-windows-m..lepc-mobilitycenter_31bf3856ad364e35_6.0.6001.18000_none_5a99f4da0b4319f4\mblctr.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
    "C:\Windows\winsxs\x86_microsoft-windows-m..resentationsettings_31bf3856ad364e35_6.0.6001.18000_none_6d275aaa036a1d6f\PresentationSettings.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
    "C:\Windows\winsxs\x86_microsoft-windows-notepad_31bf3856ad364e35_6.0.6001.18000_none_6f1a8d7b6fffbb73\notepad.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
    "C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
    "C:\Windows\winsxs\x86_microsoft-windows-rpc-locator_31bf3856ad364e35_6.0.6000.16386_none_ccfdd130eface46c\Locator.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
    "C:\Windows\winsxs\x86_microsoft-windows-s..inboxgames-freecell_31bf3856ad364e35_6.0.6001.18000_none_5871c59a9cdacbf3\FreeCell.exe";"Virus found Win32/Heur";"Infected"
    "C:\Windows\winsxs\x86_microsoft-windows-s..inboxgames-shanghai_31bf3856ad364e35_6.0.6001.18000_none_c0a3fbb5ef29fe27\Mahjong.exe";"Virus found Win32/Heur";"Infected"
    "C:\Windows\winsxs\x86_microsoft-windows-s..nboxgames-solitaire_31bf3856ad364e35_6.0.6001.18000_none_751d5a58fbacf66d\Solitaire.exe";"Virus found Win32/Heur";"Infected"
    "C:\Windows\winsxs\x86_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.0.6001.18000_none_a2611d5c392f48a1\MineSweeper.exe";"Virus found Win32/Heur";"Infected"
    "C:\Windows\winsxs\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6001.18000_none_0386cbd2ce93a16e\wmpnetwk.exe";"Virus found Win32/Heur";"Moved to Virus Vault"

    AVG cant seem to fix them every time i go to heal or delete my computer just locks up.

    I have done the 8 steps and my logs are attached.

    Any help would be great

    Cheers,
    Leeroy

    View attachment 51920

    View attachment 51921

    View attachment 51922
     
  2. Leeroy87

    Leeroy87 TS Rookie Topic Starter

    So after doing the 8 steps i still have the same issues, the trojan seems to have taken over alot of my .exe files.

    Please does any one have any help with this????

    Cheers,
    Leeroy.
     
  3. Leeroy87

    Leeroy87 TS Rookie Topic Starter

    Can any one please help ou with this at all please????
     
  4. Tmagic650

    Tmagic650 TS Ambassador Posts: 17,244   +234

    Turn off System Restore and rerun the scans. If the scans return clean, turn back on System Restore. I also suggest ditching AVG8 for the time being and download and run free Avast antivirus
     
  5. Leeroy87

    Leeroy87 TS Rookie Topic Starter

    Thanks magic,

    Will do and let you know.

    Cheers,
    Leeroy
     
  6. Leeroy87

    Leeroy87 TS Rookie Topic Starter

    ok so the computer wont let me install avast, every time i go to run the setup file it keeps telling me " there was an error while completing the setup process"

    I will just have to stick with AVG for the time being i guess :(
     
  7. Zyldar

    Zyldar TS Rookie Posts: 34

    There's nothing wrong with using avg free 8.5. But, make sure that you properly remove your old anti-virus software completely.

    Using Hijackthis, check the following & remove them:
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

    You should remove and re-install AVG 8.5.. Uninstall it from the conrtrol panel using the icon "programs & features".

    Reboot after uninstalling. Your system appears to be clean, but you should run malwarebytes, spybot s&d & anti-virus scans on a regular basis.

    Download AVG 8.5 from: http://download.cnet.com/AVG-Anti-Virus/3000-2239_4-10385707.html

    Hope that helps.
    Zyldar
     
  8. Leeroy87

    Leeroy87 TS Rookie Topic Starter

    Sorry i dont know how to use hijack this to do Using Hijackthis,

    check the following & remove them:
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
     
  9. Hijacked007

    Hijacked007 TS Rookie Posts: 21

  10. Hijacked007

    Hijacked007 TS Rookie Posts: 21

  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    This thread is 2 months old! Suggest you check date before posting.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...