promotion image of download ymail app
Promoted

get rid of torjan horse sheur3 virus on computer?

Oh dear....new computer and i have just gotten notice from AVG that I have 16 Trojan Horse SHeur3.CJZW viruses on my computer.

Great. The result is: infected. And when I try to move it to the vault option it says it is unable. I have tried all the suggestions and still am not able to repair or remove or heal it. Any suggestions on removal or how bad it is? The only thing I have noticed so far is that in google it redirects me when I click a result. Such a headache.....

thanks in advance

Update:

any idea if i do a system restore will it erase the virus or no. And could now all my files have the virus in them??

6 Answers

Relevance
  • Tamim
    Lv 7
    9 years ago
    Favorite Answer

    Additional Details

    System restore will not remove trojans or viruses.

    -------------------------------------------------------------------------------------------------------------------------------------------

    To detect and remove this threat and other malicious software that may be installed in your computer follow the steps carefully. Ask a computer-savvy friend to assist you if you lack experience in this area.

    +First download the latest versions of the following on +another, clean machine+ and burn to CD or copy to a USB memory stick+

    Malwarebytes: http://www.malwarebytes.org/mbam.php

    ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix...

    FixNCR.reg http://download.bleepingcomputer.com/reg/FixNCR.re...

    RKill http://www.bleepingcomputer.com/download/anti-viru... this page has a variety of different filenames to download to fool the virus, which will try to block RKill from running. Remember the filename of the version you downloaded.

    CCleaner (cleans out caches) http://www.ccleaner.com

    Avast! Home: http://www.avast.com/eng/download-avast-home.html

    Download these to your desktop and before running them, then change the names of the malwarebyte and combofix files to

    Malwarebytes: mblah.scr

    ComboFix: comfix.exe

    Follow these steps in order Don't skip ahead.

    Now, start the machine in Safe Mode with networking (hit the F8 function key as the machine boots up, and choose Safe mode)

    Turn off System Restore on your machine, but only until you get this fixed - many of these trojans get copied into the System Restore files, which anti-virus programs aren't allowed to touch and the viruses could reinstall themselves from there. My Computer > Properties > System Restore.

    The malware actively blocks programs and tools, so before you can start cleaning, you need to get the malware entries out of the registry, and stop the malware's current processes from running.

    Double-click FixNCR.reg to run it to clean the registry

    Now double click the RKill file (whatever name you downloaded it as) to run it. Wait for it, it could take a while. If the fake antivirus program throws a warning on the screen and blocks RKill, leave the warning up on the screen and run RKill again.

    Do not reboot your computer If you reboot it will just load the malware in again.

    Then run CCleaner (it'll make scanning faster because it will delete a bunch of temp files and save you from having to scan those.) If the virus blocks CCleaner from running, proceed to the next step.

    Then run Malwarebytes (mblah), and clean everything it says.

    Then run ComboFix (comfix), and clean everything it says. If it tells you to reboot your machine during the process, do so immediately.

    Then install and run Avast - tell Avast to do a boot-scan - click on "schedule boot-scan" - and restart the computer

    Let it start and do the Avast boot scan

    Then turn System Restore back on.

    Now install the antivirus program of your choice to do continuous scanning, and make sure you keep it up to date

    Always keep your Windows, web browser and Java software up to date - frequent patches are released to plug security holes.

    Regards,

    Tamim

    • Commenter avatarLogin to reply the answers
  • 9 years ago

    Sounds like you have a problem....try this. Go to start-->search and type in the name of the virus, in this case SHEUR3.CJZW. If it comes up with any files DELETE them, DO NOT open them! This could spread the virus further, if you were to open them. If that doesn't work right click on AVG and click "open AVG user interface". When your in there click history--> scan results. (located in the toolbar on the top of the interface.) Now double click the most recent scan and see if it has any files listed for that virus. If it doesn't, go through your other scans too. If it only has the virus listed, you may just have to take the computer to Best Buy, they will wipe your hard drive clean for you. Make sure if you do that you back everything up on a flash drive....if it doesn't have the virus. Good luck, and I hope this helped!

    • Commenter avatarLogin to reply the answers
  • 9 years ago

    Julie,

    Please download 'iExplore.exe', which is a renamed copy of 'RKill':

    http://www.bleepingcomputer.com/download/anti-viru...

    [If the file does not download, paste the following, >without the brackets<, in the address bar of your browser:

    [http://www.bleepingcomputer.com/download/anti-viru...

    Save the file to the Desktop

    XP double-click the downloaded file to run the program.

    Vista/Windows 7 users, right-click the file, and select: Run As Administrator

    Ignore any messages, and allow the file to run until the command window closes.

    If you have problems running RKill, download any of the other renamed versions of RKill from its download page.

    Without a reboot, download 'Malwarebytes’ Anti-Malware' (black button with green and white icon) :

    http://download.cnet.com/Malwarebytes-Anti-Malware...

    Save to the Desktop

    XP double-click the downloaded file to run the program.

    Vista/Windows 7 users, right-click the file, and select: Run As Administrator

    Follow the prompts to install the program.

    Run Malwarfebytes’ AntiMalware and update the program.

    Once updated, select 'Perform Full Scan' and click the 'Scan' button.

    When the scan finishes, click OK in the message box, and you will see the results of the scan.

    Click the 'Remove Selected' button to get rid of the malware.

    When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.

    Please post the >Malwarebytes log< in your reply.<< so we can see where we are at, and plan any additional removal strategy, if necessary.

    Note: If the infection does not let you download files to the infected computer, or you have no Internet connection, download the files/programs requested below to a clean computer and then transfer them to Desktop of the infected computer. You can use a USB flash drive, or other removable media (CD/DVD, external drive).

    • Commenter avatarLogin to reply the answers
  • incera
    Lv 4
    4 years ago

    No, you will could layout your complicated force and do a sparkling set up. Reinstalling residing house windows Vista would help as some Trojans are hidden interior the Win32 records so after reinstalling residing house windows Vista, removing the residing house windows.previous would help. yet i decide to recommend you do a sparkling set up as in case you do no longer there's a ninety% hazard that the Trojan remains there... yet shouldn't your anti-virus be waiting to eliminate it?

    • Commenter avatarLogin to reply the answers
  • How do you think about the answers? You can sign in to vote the answer.
  • 9 years ago

    Hi there!

    Ok what you need to do is run the system restore and see if the trojan has gone if not run windows in safe mode and try running your antivirus ;)

    Source(s): I.T TECHNICIAN
    • Commenter avatarLogin to reply the answers
  • Steve
    Lv 4
    9 years ago

    if your computer is new try resetting it back to factory setting

    • Commenter avatarLogin to reply the answers
Still have questions? Get your answers by asking now.