- Virusheat
Computer virus
Fullname = VirusHeat
Common name = VirusHeat
Family = SmitFraud
Technical name = VirusHeat
Aliases = Virus Heat, VirusHeat 3.9
Classification =Rogue software
Type =Microsoft Windows
Origin = Russian Federation - www.virusheat.comVirusHeat is known as a rogue anti-
spyware program. VirusHeat tricks users into buying a full version of the VirusHeat program through repeated false alert messages orpopups . It launched on February 8, 2008Vendor Description
“VirusHeat is the latest and the most technologically advanced application on the Internet for detection and removal of potentially undesired items. VirusHeat simply guarantees removal of all spyware and related harmful infections from your PC with supported live service.”
Infection
VirusHeat is usually downloaded through a trojan (usually the
Zlob trojan ) that's bundled in a fakeVideo codec . Once installed, VirusHeat will run a scan report with exaggerated spyware results which confuse the user into believing that their computer has spyware. After the scan is complete, a warning message will pop up with a link that redirects the user to VirusHeat's homepage where he/she is prompted to buy the VirusHeat software.ymptoms
VirusHeat displays false warning messages and exaggerated scan reports to mislead the user. VirusHeat repeatedly annoys the user with pop up warnings that prompt the user to purchase a full version of the program. VirusHeat may attempt to change the user's IE homepage to go to VirusHeat's homepage (virusheat.com). VirusHeat may automatically launch on startup. Virusheat has also been updated to version 4.4 but it is nothing different than virusheat 3.9
VirusHeat installs the following:Processes
*VirusHeat 3.9
*VirusHeat 3.9.exeDLLs
*eeioq.dll
*iinqyl.dll
*wuuawkz.dllDirectories
*C:Program FilesVirusHeatRegistry Keys
*HKEY_CLASSES_ROOTclsid{5b55c4e3-c179-ba0b-b4fd-f2db862d6202}Known Variants
VirusHeat behaves similar to other known
Rogue software .VirusProtectPro is a variant of VirusHeat.Removal
Various
anti-spyware removal tools have been known to remove VirusHeat. The latest definition file must be utilized in most anti-spyware programs to completely remove VirusHeat and any associated files.References
* [http://www.symantec.com/security_response/writeup.jsp?docid=2008-021111-1926-99 Symantec.com - VirusHeat is a misleading application that may give exaggerated reports of threats on the computer]
* [http://research.sunbelt-software.com/threatdisplay.aspx?name=VirusHeat&threatid=203189 research.sunbelt-software.com - VirusHeat is a rogue security program known for scaremongering, high-pressure advertising practices]
* [http://www.siteadvisor.com/sites/virusheat.com virusheat.com Web Safety Ratings from McAfee SiteAdvisor]ee also
*
Malware
*Spyware
*Adware
*Rogue software
* Wikipedia'sExternal links
* [http://www.bleepingcomputer.com/forums/topic130080.html Bleepingcomputer.com VirusHeat Removal Instructions]
* [http://en.securitylab.ru/viruses/312994.php VirusHeat SecurityLab]
* [http://www.spyware-techie.com/virusheat-removal-guide Non-Techie Removal Guide for VirusHeat]
* [http://www.2-spyware.com/remove-virusheat.html 2-spyware.com automated and manual removal solutions for VirusHeat]
* [http://www.pcthreat.com/parasitebyid-6678en.html PcThreat.com Remove VirusHeat. Instructions and a special tool.]
Wikimedia Foundation. 2010.
