1. Infection

2. Symptoms

3. Known variants

4. Removal

5. See also

6. References

7. External links

VirusHeat is malware that disguises itself as a legitimate anti-virus program. It is part of the Smitfraud family. VirusHeat tricks users into buying the full version of the program through repeated false alerts and popups, purporting to alert the user that there is a system error or they are infected, and must buy the full version to remove. It was launched on February 8, 2008.

Infection

VirusHeat is usually downloaded through a trojan, usually the Zlob trojan, that is bundled in fake Video codecs. It may also be downloaded from the malware's website. Once installed, VirusHeat will run a scan and report exaggerated results that the user's computer is infected. When the scan is complete, a warning message will pop up linking to VirusHeat's homepage where the user is prompted to buy the software.

Symptoms

VirusHeat displays false warning messages (e.g. intimating that you had downloaded e.g. an XXX video) followed by a realistic Virus removal pop up which launches to their web-site whether you select "Yes" or "No" button: Then uses exaggerated scan reports to mislead the user. VirusHeat repeatedly annoys the user with pop up warnings that prompt the user to purchase a full version of the program. VirusHeat may attempt to change the user's IE homepage to go to VirusHeat's homepage. VirusHeat may automatically launch on startup.

VirusHeat installs the following:

• VirusHeat 3.9
• VirusHeat 3.9.exe

• eeioq.dll
• iinqyl.dll
• wuuawkz.dll

• C:\\Program Files\\VirusHeat

• HKEY_CLASSES_ROOT\\clsid\\{5b55c4e3-c179-ba0b-b4fd-f2db862d6202}

Known variants

VirusHeat behaves similar to other known rogue security software. SpywareQuake, VirusBurst, AntiVirGear, VirusProtect, VirusProtectPro are variants of VirusHeat.

Removal

Various anti-spyware removal tools are known to remove VirusHeat. The latest definition file must be utilized in most anti-spyware programs to completely remove VirusHeat and any associated files.

See also

• Malware
• Spyware
• Adware
• Rogue Security Software
• Wikipedia's Spyware removal category

References

• Symantec.com - VirusHeat is a misleading application that may give exaggerated reports of threats on the computer
• research.sunbelt-software.com - VirusHeat is a rogue security program known for scaremongering, high-pressure advertising practices
• virusheat.com Web Safety Ratings from McAfee SiteAdvisor

External links

• Bleepingcomputer.com VirusHeat Removal Instructions
• VirusHeat SecurityLab
• Removal Guide for VirusHeat
• Remove VirusHeat. Malware Removal Instructions.
• Good Advice and Resource on VirusHeat

• List of Roman Catholic religious communities in Oregon
• List of Roman Catholic seminaries
• List of Roman client kings
• List of roman client kings
• List of Roman client Queens
• List of roman client queens
• List of Roman client queens
• List of Roman client rulers
• List of Roman de Silence characters
• List of roman de silence characters
• List of Roman empresses
• List of Roman families
• List of Roman fertility deities
• List of Roman governors of Achaea
• List of Roman governors of Africa
• List of Roman governors of Arabia Petraea
• List of Roman governors of Cappadocia
• List of Roman governors of Crete et Cyrernaica
• List of Roman governors of Dacia Traiana
• List of Roman governors of Dalmatia
• List of Roman governors of Galatia
• List of Roman governors of Gallia Narbonensis
• List of Roman governors of Germania Superior
• List of Roman governors of Hispania Baetica
• List of Roman governors of Lusitania