Win32/Heur Virus

[Sally44]

This virus seems to have corrupted my computer and now my computer cannot run alot of programmes.

 

This happened whilst my daughter was on the computer (and we have virus protection software!!). An alert came up on the screen advising her to delete something, which she did.

 

Now I only have access to the internet. I don't even think my virus protection software can run either.

 

I cannot open microsoft windows, because it says the application does not exist! But if I go in via the control panel I can access all my documents via the back door - so I'm hoping they are all saveable.

 

Is there a programme I can download to remove this virus. And if the virus is removed will I automatically have microsoft office (and other exe. programmes) back??

[baddad]

Hi sally - the best chance you have of removing it is to use your antivirus software...

Do you know if the 'pop-up' was a warning from YOUR antivirus software... very unusual for an antivirus prog to say 'delete' as the first/only option(?). Many viruses actually install from pop-ups, and many of those pop-ups will be 'fake' virus detections - effectively a double bluff.

 

Try not to use the internet if you can 'cos you're probably downloading more stuff each time you do. If you have a second computer / laptop use THAT for finding help.

 

If you are using AVAST antivirus, it has something called 'boot time scan' which is the best way to go. Open the main panel for avast (you should have a shortcut in your taskbar) and open 'scan computer'. under 'scan now' is the option for 'boot time scan'. Click on that, then 'schedule now' and then restart the computer... avast will run after starting but before you boot into windows.

As it runs it will stop for anything it finds and give you a list of options. Try 'repair' first, but if that doesn't work choose 'move to virus vault'.

 

Many other antivirus progs include boot time scans, but you'll have to look online to find out if yours does (if not avast) and how to access it.

 

Hope that's helpful, and good luck with it.

 

Oh - if you can in safe mode save all your documents to a disc/memory stick/whatever just in case...

 

L&P

 

BD

[Sally44]

Thanks for the help.

 

I really don't have much of a clue about computer software. Car mechanics is another matter!

 

So I phoned my big brother!!! (yes they are still very useful, even when in their 50's!).

 

It turns out the virus was actually an IWA.exe virus which can take control of your computer. My virus software (AVG) had detected it and and had asked permission to isolate it (which is when my daughter was on the computer).

 

This virus somehow corrupts the win32 software (I apologise if this is not making sense - i'm relating what BB said).

 

So my brother bought with him the Windows XP exe settubgs and downloaded them to my computer again. Apparently the AVG had isolated all the exe.files to stop this virus running them and taking all my personal information. So AVG had effectively broken the link that would have allowed the virus to run programmes and download any personal information.

 

Thankfully all my files were still there, but could not be accessed without the exe files to run them.

 

Once they were re-installed we found the virus and deleted it and scanned the computer to ensure it wasn't hidden away anywhere else. Then we restored the computer to the last backup date before the virus was picked up.

 

So now everything is back to normal. Panic over. BB paid with some homemade rhubarb and ginger jam.

 

But can anyone explain to me what these people gain from releasing these viruses? What is the point.

[baddad]

Got to admit I'm somewhat confused at the 'solution' AVG seems to have offered (seems more likely the virus knocked out the executables maliciously - hence 'malware' - or that they were deleted rather than 'quarantined' (?)) but all's well that ends well. Make sure you run the virus scan again, though, to check there are no bits and bobs left slowly stitching themselves back together for another attack

 

Rhubarb and ginger jam sounds lovely! I'd bung some of that on top of a sponge pud any day of the week ...

 

Old joke, courtesy, Chuckle, P. and B, et al:

 

Farmer to neighbouring gardener: Do you want some horse manure to put on your rhubarb?

Neigbour: No thanks. We usually just have custard.

 

As for what and why, sadly, it's often as simple as 'because they can' (which is why many people were so angered by GK's 'Asperger's defence' when he was caught doing similar stuff for exactly the same reasons) but obviously it's much more lucrative than that if they can swipe personal info about bank accounts etc.

 

Don't forget to do that double check. Do it now, before you forget.

 

L&P

 

BD

[Sally44]

Yes we did scan it again and did find something that we deleted.

 

I must admit that it seemed strange that AVG had caused it. But we scanned what AVG had found, and it had identified the virus. I'm not sure if it was AVG or the virus that deleted by exe. programmes. My brother thought that AVG may have done it simply because the virus would have wanted the exe. programmes running to download all my personal stuff. Who knows - definately not me!

 

Thanks for trying to help anyway. I'd send you a pot of jam if I could.

[GaryS]

Do a backup. Keep the anti-virus up to date, and do a backup. Download the ultimate boot CD and do a backup. Make sure you know where all the disks are to rebuild your hard disks and do a backup. Buy a new hard disk at least every other year and I should mention to do a backup.

 

 

 

PS Do a backup

[Kathryn]

Send him a BIG tub of hummus by way of thankyou. Baddad adores hummus.

 

 

K x

[GaryS]

Send him a BIG tub of hummus by way of thankyou. Baddad adores hummus.

K x

 

Ah! that explains a great deal - lots of Raffinose in them chickpeas

[Mandapanda]

Hi Sally

 

It sounds to me like you experienced a fake antivirus virus! As baddad says, they break the link of the exe files maliciously.

 

I can personally recommend Superantispyware Free Edition - it does not run all the time but you can run it if your computer slows down or behaves odd, or once a week or something.

 

Also Malwarebytes Antimalware, again I think you have to ask this to run.

 

These 2 progs will very likely pick up stuff your normal antivirus programme doesn't.

 

If you get a pop up about antivirus the best thing to do is immediately turn the computer off - before the virus can download anything. If the computer will let you you can also do system restore (under Start - Accessories - System Tools - System Restore).

[GaryS]

As I've posted elsewhere : I'd always use Spybot Search & Destroy (http://www.safer-networking.org/) this has a small residentprogram that "immunises" from malicious programs other than viruses. It doesn't catch everything but does let you know when something tries to mess around with the computer registry (Windows's internal configuration list). S&D along with Malwarebytes and a decent (?Avast) anti-virus program will keep your system healthy. A pathological aversion to programs (other than the ones you have installed AND intentionally running) that report you have a problem is always a useful obsession especially ones with garish windows warning of impending doom. Oh and by the way - do a backup

[baddad]

Send him a BIG tub of hummus by way of thankyou. Baddad adores hummus.

 

 

K x

 

Ssssssssssssssssssssssssssssssssssssssss... Nassssssssssssssssssty Hummussesssssssssssssssssssss........

 

Annoyingly (and inexplicably), Ben likes it, so always wants to buy those 'triple' pots they keep near to the salady bits in tescos!

I've tried applying the 'taste at least three times' rule, and he was quite pleased with me ( ) for persevering and discovering a 'Moroccan' style that didn't make me gag, but tbh it all still tastes pretty much like wallpaper paste /snot... just mildly garlic tasting wallpaper paste / snot.

 

Complete aside - we were out rambling a couple of weeks ago (FAL-DA-REE... FAL-DA-RAAA) in prep for Ben's scouting ex-per-disshun and I saw some luvverly wild garlic growing in the hedgerow. Ben and I of course tasted/picked a bunch, but when we offered a stem to Ben's fussy BF he backed away as if we were offering him a poo on a stick...

 

Complete aside 2 - When ben and his mates set off for the ex-per-disshun proper I sent them on their merry way with a merry burst of the aforementioned merry 'Hiking Song' at full decibels. The other parents, scoutmasters, kids etc seemed to enjoy it immensely, but Ben just shook his head and muttered 'oh, god' then fixed me with a look not dissimilar to the one directed by Medusa towards advancing Argonauts. Kids eh?

 

Oh. He is officially taller than me now too. Not by much, but he smiles smugly whenever anyone mentions it. Perhaps it's the hummus? I keep telling him some people stop growing at thirteen, but suspect in reality he's got a bit to go yet, the gangling great galumph. Thankfully, he's from the 'chunky' mould, otherwise what with the specs and all he could finish up looking like this:

 

linkyplinkything

 

Oh 2. Gary S - raffinose - I think they're the proteins in beans etc that produce all the farting, no? [perhaps they should be called 'holdyournose'?] If you are an expert on nether-weather and trouser-turbulence Ben would be very interested in an explanation for why his own emissions tend to smell cheesy when he follows a dairy-free diet? It's more edam than danish blue, if that's any help. He gets rather annoyed, because even among a group of friends he can't let one go and blame anyone else, because the 'signature scent' is unmistakable!

 

L&P

 

BD

[GaryS]

Raffinose : close, it's a complex sugar and yes responsible for hot air from beans (which was my rather poor inuendo - I thought you rewally did like hummus!). Err.. Cheesy dunno, depends on majority foodstuff, fruit?. If vegatable, tends to be more sulphide production (bad egg) but if it really is a problem then a quick dose of probiotic to sort out any potential gut flora imbalance (there are some soya probiotics like GoodBelly if he's OK with those). Some medications cause problems too.

[baddad]

Raffinose : close, it's a complex sugar and yes responsible for hot air from beans (which was my rather poor inuendo - I thought you rewally did like hummus!). Err.. Cheesy dunno, depends on majority foodstuff, fruit?. If vegatable, tends to be more sulphide production (bad egg) but if it really is a problem then a quick dose of probiotic to sort out any potential gut flora imbalance (there are some soya probiotics like GoodBelly if he's OK with those). Some medications cause problems too.

 

 

I'm sorry - I don't really buy into the whole probiotics culture (no pun intended)... I know some people swear by it, and I certainly don't want to challenge anyone that does, but for my money it's a hype industry based on the succesful generalisation of something that may be relevant to a very small minority.

As for veg and eggy pumps - his BF floats the most appalling egg based air biscuits you could imagine, but wouldn't touch a green veg if his life depended on it! We suspect that at some point while sleeping a rat ran up his gonger and died there...

 

[GaryS]

I'm with you on the probiotic "culture" , but there is some science in it. We injest so few bugs these days and our gut flora have a hard time adjusting with our processed sugar, high protein diet. Throw in a dairy reduction and it's hard work for the necessary bugs. I just use an occasional yoghurt but admit to swilling down a yakult or two after antibiotics. I also love greek yogurt over grapes but the sins of diabetics are fairly boring to most.

[Kathryn]

How did a thread about a computer virus turn into one about flatulence??

 

Probably my fault.

 

K x

Edited May 9, 2011 by Kathryn

[GaryS]

Nope mine sorry.