Win32/Heur

[Leeroy87]

Hi Guys,

I am runnong Vista with AVG 8.5 and have got this trojan, my AVG scan is below:

"C:\Program Files\ASUS\Splendid\ACOVS.exe";"Virus found Win32/Heur";"Infected"
"C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe";"Virus found Win32/Heur";"Infected"
"C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe";"Virus found Win32/Heur";"Infected"
"C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe";"Virus found Win32/Heur";"Infected"
"C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe";"Virus found Win32/Heur";"Infected"
"C:\Program Files\Remote\SimHID.exe";"Virus found Win32/Heur";"Infected"
"C:\Program Files\Remote\SimHID.exe";"Virus found Win32/Heur";"Infected"
"C:\Program Files\Remote\SimHID.exe (1256)";"Virus found Win32/Heur";"Infected"
"C:\Program Files\Windows Media Player\wmpnetwk.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
"C:\Windows\ehome\ehrecvr.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
"C:\Windows\ehome\Mcx2Prov.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
"C:\Windows\System32\diskpart.exe";"Virus found Win32/Heur";"Object is white-listed (critical/system file that should not be removed)"
"C:\Windows\System32\elevator.exe";"Virus found Win32/Heur";"Infected"
"C:\Windows\System32\Locator.exe";"Virus found Win32/Heur";"Object is white-listed (critical/system file that should not be removed)"
"C:\Windows\winsxs\x86_microsoft-windows-ehome-services-ehrecvr_31bf3856ad364e35_6.0.6001.18000_none_bd697e04219e5a29\ehrecvr.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
"C:\Windows\winsxs\x86_microsoft-windows-m..lepc-mobilitycenter_31bf3856ad364e35_6.0.6001.18000_none_5a99f4da0b4319f4\mblctr.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
"C:\Windows\winsxs\x86_microsoft-windows-m..resentationsettings_31bf3856ad364e35_6.0.6001.18000_none_6d275aaa036a1d6f\PresentationSettings.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
"C:\Windows\winsxs\x86_microsoft-windows-notepad_31bf3856ad364e35_6.0.6001.18000_none_6f1a8d7b6fffbb73\notepad.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
"C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
"C:\Windows\winsxs\x86_microsoft-windows-rpc-locator_31bf3856ad364e35_6.0.6000.16386_none_ccfdd130eface46c\Locator.exe";"Virus found Win32/Heur";"Moved to Virus Vault"
"C:\Windows\winsxs\x86_microsoft-windows-s..inboxgames-freecell_31bf3856ad364e35_6.0.6001.18000_none_5871c59a9cdacbf3\FreeCell.exe";"Virus found Win32/Heur";"Infected"
"C:\Windows\winsxs\x86_microsoft-windows-s..inboxgames-shanghai_31bf3856ad364e35_6.0.6001.18000_none_c0a3fbb5ef29fe27\Mahjong.exe";"Virus found Win32/Heur";"Infected"
"C:\Windows\winsxs\x86_microsoft-windows-s..nboxgames-solitaire_31bf3856ad364e35_6.0.6001.18000_none_751d5a58fbacf66d\Solitaire.exe";"Virus found Win32/Heur";"Infected"
"C:\Windows\winsxs\x86_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.0.6001.18000_none_a2611d5c392f48a1\MineSweeper.exe";"Virus found Win32/Heur";"Infected"
"C:\Windows\winsxs\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6001.18000_none_0386cbd2ce93a16e\wmpnetwk.exe";"Virus found Win32/Heur";"Moved to Virus Vault"

AVG cant seem to fix them every time i go to heal or delete my computer just locks up.

I have done the 8 steps and my logs are attached.

Any help would be great

Cheers,
Leeroy

View attachment 51920

View attachment 51921

View attachment 51922

 

[Leeroy87]

So after doing the 8 steps i still have the same issues, the trojan seems to have taken over alot of my .exe files.

Please does any one have any help with this????

Cheers,
Leeroy.

 

[Leeroy87]

Can any one please help ou with this at all please????

 

[Tmagic650]

Turn off System Restore and rerun the scans. If the scans return clean, turn back on System Restore. I also suggest ditching AVG8 for the time being and download and run free Avast antivirus

 

[Leeroy87]

Thanks magic,

Will do and let you know.

Cheers,
Leeroy

 

[Leeroy87]

ok so the computer wont let me install avast, every time i go to run the setup file it keeps telling me " there was an error while completing the setup process"

I will just have to stick with AVG for the time being i guess

 

[Zyldar]

There's nothing wrong with using avg free 8.5. But, make sure that you properly remove your old anti-virus software completely.

Using Hijackthis, check the following & remove them:
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

You should remove and re-install AVG 8.5.. Uninstall it from the conrtrol panel using the icon "programs & features".

Reboot after uninstalling. Your system appears to be clean, but you should run malwarebytes, spybot s&d & anti-virus scans on a regular basis.

Download AVG 8.5 from: http://download.cnet.com/AVG-Anti-Virus/3000-2239_4-10385707.html

Hope that helps.
Zyldar

 

[Leeroy87]

Sorry i dont know how to use hijack this to do Using Hijackthis,

check the following & remove them:
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

 

[Hijacked007]

Here is my contribution

https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

That link is where to find instructions on how to use Hijack as well as the 8 steps

GL

 

[Hijacked007]

http://www.bleepingcomputer.com/forums/topic34773.html

also has Hijackthis instructions

 

[Bobbye]

This thread is 2 months old! Suggest you check date before posting.