Win32 Heur Virus. THIS is the problem...

  AngeTheHippy 20:05 09 Sep 2009

Evening Chaps,
Today, when using Malwarebytes,(didn't find anything) I thought I'd look in the Virus vault on AVG. Amongst quite a few warnings, there was reference to Win32 Heur Virus. I deleted everything, turned off system restore and re started in safemode. Did a full AVG and Malwarebytes scans. Nothing detected.

I Googled 'Win32 Heur Virus' and amongst other things it can do is interfere with wallpaper, possibly screen savers and other things. Earlier this week, I started a thread on here re. screensaver behaving strangely - it was freezing the laptop. I **think** this is the reason - this Heur virus.

Although both AVG and Malwarebytes are detecting nothing, is there another type of scanner I can use to absolutely MAKE SURE that nothing is remaining please??

a-very-fed-up AngeTheHippy xx

ps...Coincidentally, one of my older neighbours phoned me in a panic earlier - she has a repeating pop up from an outfit called PersonalAntivirus - yellow shield in the sys tray - it's a HOAX but it certainly altered her PC, when I Googled PersonalAntivirus, it brought up a load of links, all from different websites - HOWEVER clicking EVERYONE took me to the same website!! Almost got rid of that little nasty anyway.

  AngeTheHippy 21:33 09 Sep 2009

when AVG'ing in safemode, there were a numbers of files reported 'not tested' EG:

c:\pagefile.sys locked file not tested
c:\boot\bcd locked file not tested
c:\users\me-appdata\local\microsoft\windows\usrclass.dat.log 1 - locked file not tested

I've not come across this behaviour before, and suspect this is all part of this damned win32 huer virus.

Any help please?



  Geeksy 21:36 09 Sep 2009


I use Bullguard AV click here , You can use it on a 2month trial but have to pay for it after(ebay is about £8/£10).

Not too sure about your virus but I had a laptop in with the same problem.

I installed winpatrol click here and in the start-up tab i disabled the program from running at start up, I then installed error expert click here and used the forced unintall feature to get rid of it. After that I ran bullgaurd and did a full scan.


  Fruit Bat /\0/\ 21:47 09 Sep 2009

"thought I'd look in the Virus vault on AVG."

That means AVG found it and removed i from your system into the vault where it can do no harm and where it cannot reach other files,hence malwarebytes not finding it AVG had already dealt with it.

Try unlocking with Unlocker click here and rescan those files

  AngeTheHippy 21:57 09 Sep 2009

good to hear from you. Thank you, I wish it was that simple!! Been scouting around, and found the following on the AVG users forum::

"There isn't a general fix because this malware attacks all of the executable files that it can... so each situation is unique. So without a list of the files that were infected, you know which files to replace which is a must know subject in order to repair the situation.

This is another of those situations that a backup of the drive is required in order to correct the situation since you don't know what files may have been affected".

This was a moderator that wrote this, the Laptop it's referring to is running Vista the same as me. I'm not at ALL confident with Vista workings... 8-(


  AngeTheHippy 09:14 10 Sep 2009

Fruit Bat /\0/\ - I don't think it's the same thing at all - it was whilst I was AVGing in safe mode - the AVG scan was showing various files as locked and not scanned.


This thread is now locked and can not be replied to.

Elsewhere on IDG sites

iMac Pro review

25 book design and illustration tips

iMac Pro review

Idées cadeaux pour geeks et tech addicts