Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

VBS/Heur spreading to all htm, xml, pfd and some Jpg [Closed]

VBS/Heur warm

  • This topic is locked This topic is locked

#1
Crazyjackhammer

Crazyjackhammer

    New Member

  • Member
  • Pip
  • 4 posts

Hi,

 

Was hoping I can receive some support here, my IT from company directed me here.  Last week went on to a website I visit regularly and all of sudden received my anti-virus AVG pop-up stating I got a infection.  Avg removed the file and right afterwards got more pop-ups, then my browsers (firefox, chrome) was all blocked. Then I kept getting pop-up showing VBS/Huer trying to access network svchost.exe but being blocked.  I then ran a full scan, photo attached of files continuesously being attacked. Besides C drive, my 2 separate drive are also being affected. 

 

I've shut down my pc since last Sat, not sure if safemode will still activate this warm, I haven't been able to backup as I've read on sme posts that similar warm, Heur does pass through file via usb as well.  Hope I can get some help to get my pc running again. 

 

my OS is win7 64bit, 16g ram

 

If requires more info pls let me know. 

 

Thanks in advance!

Attached Thumbnails

  • IMG_8569.jpg

  • 0

Advertisements


#2
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Hi Crazyjackhammer, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction, stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
 
  • Step #1 Scan with Farbar Recovery Scan Tool
    • Please download Farbar Recovery Scan Tool by Farbar to your Desktop from the link below.
      Download link for 32 bit system
      Download link for 64 bit system
    • Right-click on the program and choose Run as administrator;
    • Put tick-mark on all boxes under Whitelist and Optional Scan;
    • Click on Scan;
    • After the scan two notepad files will be opened --
      • FRST.txt;
      • Addition.txt
    • Copy and Paste the contents of the logs in your next reply.
 
  • Required Log(s):
    • Farbar Tool Log(s)--
      • FRST.txt
      • Addition.txt
Regards,
Valinorum
  • 0

#3
Crazyjackhammer

Crazyjackhammer

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Hi Valinorum,

 

Unfortunatley I'm haveing problem with step 1, as I cannot access any browser via my pc therefore I cannot instal the file needed to run the log.  Would I be able to download from another computer and transfer via usb?  Also should I be running this in safemode?

 

Thanks!


  • 0

#4
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Make sure that you are downloading the file from a clean computer and I will prefer running the tool from Normal Mode. If you are unsuccessful, please, run it from Safe Mode.
  • 0

#5
Crazyjackhammer

Crazyjackhammer

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Noted, I will give it a shot over the weekend.  Will attached report once I've scanned it.  Thanks!


  • 0

#6
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Acknowledged. :)
  • 0

#7
Crazyjackhammer

Crazyjackhammer

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Hi Valinorum,

 

I still haven't had a chance to scan due to my travel schedule.  PLs hold this thread open until i get back to you.  Appreciate it! 


  • 0

#8
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Acknowledged again. :)
  • 0

#9
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP