How to remove Win32/Heur

Win32/Heur is a stubborn Trojan which is able to self-reproduce via the local and network drive, usually it’s installed onto your computer without your permission. This infection often appear on PCs via spam emails, share network, corrupted media files, porn websites and other related illegal websites. Win32/Heur is also capable of downloading and executing additional malware in the infected machine, which results in delivering fake security pop-ups and redirecting search results of system browsers. It can even disable security programs and firewall software.



This step-by-step guide completely remove Win32/Heur!. If you  have any problem during the uninstall process, please contact  please contact our official support at http://avg.com/support for more detailed  instructions.


Follow the instructions below to remove Win32/Heur:



Solution 1:

For successful remove Win32/Heur, firstly you may also need do as following:
1. Temporarily Disable System Restore .
2. Update AVG virus definitions database.
3. After update your AVG virus database, disconnect all network connection to prevent this trojan download a malware from it's own site. Try to find hidden network connection by using AVG 2011 System Tool : Open AVG 2011 > System Tools >  Network connection > select suspicious connection (connected) > terminate connection / terminate process

4. Reboot computer in SafeMode then do AVG 2011 Whole Computer scan;


If Win32/Heur still detected, repeat step 1-3 then do this following step :


1) Kill the Win32/Heur processes: Press Alt+Ctrl+Del>choose processes in the pop-up window or Open AVG 2011 user interface > System Tools > Processes tab , locate the process of N/A, click it and then presse End process or Terminate Process (AVG 2011 system tools). (If this method doesn’t work, download a professioanl process tool to kill it, such Hijackthis or Process Explorer).

2) Delete Win32/Heur files: Click Start>Search>Choose All files and folders, enter of N/A in the file name blank.



3) Remove Win32/Heur registry keys: Click Start>Run>enter regedit in the box, click ok; locate the key of N/A and delete it.
Stop from running by disable or remove the suspicious startup program, Open AVG 2011 user interface > System Tool > Autostart > select suspicious registry key > Remove selected

(If this method doesn’t work, download a professional registry editor tool to kill it, such Hijackthis or Process Explorer).

4) Delete or quarantine the suspicious file
   use Windows Explorer --- go to local drive (example D:/) --- D:/Documents and Settings/Administrator/localsettings/temp ---- delete all temporary files



Solution 2:
Update your AVG to AVG 2011 version and got it updated then Download a malware removal like Malwarebytes’ Anti-malware (free edition) to automatically remove Win32/Heur. Since Win32/Heur can disable antivirus and firewall software, download the anti-virus software need to be done from another computer

Solution 3:
You may try AVG Rescue CD
AVG Rescue CD: http://www.avg.com/eu-en/avg-rescue-cd-download
And the manual: http://www.avg.com/eu-en/download-documentation
info : http://www.avg.com/us-en/226386

Hopefuly it help
Enjoy AVG