The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.
Solved
How do you remove the Win/32Heur virus?
Posted on 2011-03-11
I have AVG virus protection and on start up I keep getting a Threat Detected warning. It says File name:
c:Program Files (x86)TOSHIBA Games\Bejeweled 2 Deluxe\wtmui_zh-cn\bejewel
virus found Win32/Heur
Detected on open.
I have three options, Move to Vault, Go to File and Ignore. I moved it to Vault and it keeps popping up. This is on my laptop, separate from this computer with no internet right now.
I have AVG and Malware by Anti-Malware installed.
How do I get rid of this one?
Thanks,
Art
c:Program Files (x86)TOSHIBA Games\Bejeweled 2 Deluxe\wtmui_zh-cn\bejewel
virus found Win32/Heur
Detected on open.
I have three options, Move to Vault, Go to File and Ignore. I moved it to Vault and it keeps popping up. This is on my laptop, separate from this computer with no internet right now.
I have AVG and Malware by Anti-Malware installed.
How do I get rid of this one?
Thanks,
Art
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
5
-
5
11 Comments
Win32 Heur means Heuristic, it means your AV software detected a possible new virus, if you want, upload it to virustotal and let other AVs scan it. But if no infection detected on your system files, it means only that file is possible source of alert, simply delete that file.
I've seen several references to "Bejeweled" files lately and I think this is a "False Positive".
I have the whole series of games loaded on a couple of computers for my grandsons and am not getting any alerts.
AVG may be over-aggressive on this - and the folks at Bejeweled may have accidently written code that is too similiar to some known malware characteristics.
If you want to download and run a scan from "Malwarebytes" - just as a double-check - it will only take a few minutes...and a lot of peace of mind.
Download, install, and run
Malwarebytes (MBAM) (http://www.malwarebytes.org/mbam.php)
When downloading, save to your "Desktop" and use the "Save As" function (Internet Explorer) to rename the file.
The instructions are included right in that link.
I have the whole series of games loaded on a couple of computers for my grandsons and am not getting any alerts.
AVG may be over-aggressive on this - and the folks at Bejeweled may have accidently written code that is too similiar to some known malware characteristics.
If you want to download and run a scan from "Malwarebytes" - just as a double-check - it will only take a few minutes...and a lot of peace of mind.
Download, install, and run
Malwarebytes (MBAM) (http://www.malwarebytes.org/mbam.php)
When downloading, save to your "Desktop" and use the "Save As" function (Internet Explorer) to rename the file.
The instructions are included right in that link.
ok.
That computer doesn't have internet right now but will this evening.
When you say upload to virustotal, what do you mean, please.
Art
That computer doesn't have internet right now but will this evening.
When you say upload to virustotal, what do you mean, please.
Art
If you need an MBAM update (w/ no Internet connect) download the update file to a USB stick and 'execute' it on the affected computer:
http://data.mbamupdates.com/tools/mbam-rules.exe
http://data.mbamupdates.com/tools/mbam-rules.exe
If you want that file scanned (I prefer http://virusscan.jotti.org/en), you can either copy the file to your USB stick or wait until it is on-line.
Go to http://virusscan.jotti.org/en and click on the "Browse" link - that will open up a "Windows Explorer" kind of window and you can just navigate to wherever the file is located and "double-left-click" on it.
I will be evaluated by a variety of tools from Jotti and you will get your results.
Go to http://virusscan.jotti.org/en and click on the "Browse" link - that will open up a "Windows Explorer" kind of window and you can just navigate to wherever the file is located and "double-left-click" on it.
I will be evaluated by a variety of tools from Jotti and you will get your results.
Scan if finished. Nothing detected. I don't need the Bejeweled I could just delete the file, I guess. I just re-started the computer and it didn't show this time
Hi Art,
I just realized 'who' the asker was.
You probably should delete that file - I 'say' that I installed those games for my grandsons, but I have been known to waste a few hours beating on those things...addictive!
Deleting it will remove the tempation.
Vic
I just realized 'who' the asker was.
You probably should delete that file - I 'say' that I installed those games for my grandsons, but I have been known to waste a few hours beating on those things...addictive!
Deleting it will remove the tempation.
Vic
<WINK>
I rebooted a few times and it did not show up after I (again) quarantined it in AVG and ran Malwarebytes. I'll remove it and all the temptation that comes with it!
Thanks again!
I rebooted a few times and it did not show up after I (again) quarantined it in AVG and ran Malwarebytes. I'll remove it and all the temptation that comes with it!
Thanks again!
Art - a little EE trick that may help.
Whenever you have a similar question, look right below the last post (in any question) and click on the "ask a related question" link...then post your question.
A special notification will be sent to all the Experts who participated in your old question.
It sometimes helps when the Experts are already familiar with the Asker and up-to-speed on prior situations.
Whenever you have a similar question, look right below the last post (in any question) and click on the "ask a related question" link...then post your question.
A special notification will be sent to all the Experts who participated in your old question.
It sometimes helps when the Experts are already familiar with the Asker and up-to-speed on prior situations.
Featured Post
MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
There are many reasons malware will stay around and continue to grow as a business. The biggest reason is the expanding customer base. More than 40% of people who are infected with ransomware, pay the ransom. That makes ransomware a multi-million…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
- Anti-Virus Apps
- Ransomware
- The Email Laundry
- Email Servers
- Cybersecurity
- Microsoft Access, *malware
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email
Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses
Course of the Month4 days, 8 hours left to enroll
661 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.