Huer.32 Virus Windows 7

By 4042966262
Feb 24, 2012
  1. i have a VIRUS!!! :D
    how do i remove it?

    im on a Linux Ubuntu 11.10 Distro, the infected Windows7 will not load certain webpages.
    tried to run gives error''Acess Denied'' File
    C:\\hiberfil.sys used by another process
    C:\\pagefile.sys used by another process
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Not good news- if you have a Sality virus infection, better to reformat/reinstall::: This is the malware that exploits the .lnk vulnerability. (Sality: Legacy_AMSINT32.)

    Sality is a family of file infecting viruses that spread by infecting exe and scr files. The virus also includes an autorun worm component that allows it to spread to any removable or discoverable drive. In addition, Sality includes a downloader trojan component that installs additional malware via the Web

    It then creates and starts a service to load the driver. The driver blocks access to a variety of security software vendor web sites.The virus then disables security software services and ends security software processes. It also disables registry editing and the task manager.

    Windows fails to correctly parse shortcut files, identified by the ".lnk" extension. The flaw has been exploited most frequently using USB flash drives. By crafting a malicious .lnk file, hackers can hijack a Windows PC with little user interaction: All that's necessary is that the user views the contents of the USB drive with a file manager like Windows Explorer.

    Tests showed that the exploit works even when AutoRun and AutoPlay -- two functions that have previously been used by attackers to commandeer PCs using infected flash drives -- are disabled. The rootkit also bypasses all security mechanisms in Windows, including the User Account Control (UAC) prompts in Vista and Windows 7, ...
    Worm is named Win32/Stuxnet.A.

    Because of these actions, We recommend you do a reformat/reinstall. Attempts to clean this virus to include the backdoor capability usually fail.

    But you do not give documentation for Sality, just Win32/Heur. How about we get some information first:
    To run the Eset Online Virus Scan:
    If you use Internet Explorer:
    1. Open the ESETOnlineScan
    2. Skip to #4 to "Continue with the directions"

      If you are using a browser other than Internet Explorer
    3. Open Eset Smart Installer
      [o] Click on the esetsmartinstaller_enu.exelink and save to the desktop.
      [o] Double click on the desktop icon to run.
      [o] After successful installation of the ESET Smart Installer, the ESET Online Scanner will be launched in a new Window
    4. Continue with the directions.
    5. Check 'Yes I accept terms of use.'
    6. Click Start button
    7. Accept any security warnings from your browser.
    8. Uncheck 'Remove found threats'
    9. Check 'Scan archives/
    10. Leave remaining settings as is.
    11. Press the Start button.
    12. ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    13. When the scan completes, press List of found threats
    14. Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    15. Push the Back button, then Finish
    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.

    Malwarebytes' Anti-Malware
    • Please download Malwarebytes' Anti-Malware from from HERE
    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to
      [o] Update Malwarebytes' Anti-Malware
      [o] and Launch Malwarebytes' Anti-Malware
    • then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform Full scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. please attach this log with your reply
      Note: on opening Notepad, click on Format> make sure Word Wrap is unchecked.
      [o] If you accidentally close it, the log file is saved here and will be named like this:
      [o] C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    This should help decide what the malware is. One question: Do you have AVG for the AV?
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time. I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me. Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't follow directions given to someone else
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.

    If I haven't replied back to you within 48 hours, you can send a PM with your thread link in it as a reminder. Do not include technical problems from your thread. Support is given only in the forum.
    Threads are closed after 5 days if there is no reply.
  3. 4042966262

    4042966262 TS Rookie Topic Starter

    its a bit of a nasty no? nothing.. and i do mean NOTHING worked.
    the file would not download, and after running from a .exe i loaded via flash drive, ran for perhaps two minuets and shut down the computer!!
    enough. i have reinstalled Windows 7 to factory settings. is there anything that might keep it alive after the reinstall works?
    i do thank you for the time you took to attempt to help me however. thank you.
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    You have to be connected to the internet to run the online virus scan.

    I have no information from your system to answer your questions. It sounds like you just rolled back to factory settings, not reformat and reinstall. That is not sufficient. Your system has been compromised, files have been corrupt.

    You will find excellent reformat/reinstall instructions here:

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...