Virusheat
From Wikipedia, the free encyclopedia
| Common name | VirusHeat |
|---|---|
| Technical name | VirusHeat |
| Aliases | Virus Heat, VirusHeat 3.9 |
| Family | SmitFraud |
| Classification | Rogue software |
| Type | Microsoft Windows |
| Isolation | First isolation date not known. |
| Point of Origin | Russian Federation - www.virusheat.com |
VirusHeat is known as a rogue anti-spyware program. VirusHeat tricks users into buying a full version of the VirusHeat program through repeated false alert messages or popups. It launched on February 8, 2008
Contents |
[edit] Vendor Description
“VirusHeat is the latest and the most technologically advanced application on the Internet for detection and removal of potentially undesired items. VirusHeat simply guarantees removal of all spyware and related harmful infections from your PC with supported live service.”
[edit] Infection
VirusHeat is usually downloaded through a trojan (usually the Zlob trojan) that's bundled in a fake Video codec. Once installed, VirusHeat will run a scan report with exaggerated spyware results which confuse the user into believing that their computer has spyware. After the scan is complete, a warning message will pop up with a link that redirects the user to VirusHeat's homepage where he/she is prompted to buy the VirusHeat software.
[edit] Symptoms
VirusHeat displays false warning messages and exaggerated scan reports to mislead the user. VirusHeat repeatedly annoys the user with pop up warnings that prompt the user to purchase a full version of the program. VirusHeat may attempt to change the user's IE homepage to go to VirusHeat's homepage (virusheat.com). VirusHeat may automatically launch on startup. Virusheat has also been updated to version 4.4 but it is nothing different than virusheat 3.9
VirusHeat installs the following: Processes
- VirusHeat 3.9
- VirusHeat 3.9.exe
DLLs
- eeioq.dll
- iinqyl.dll
- wuuawkz.dll
Directories
- C:\Program Files\VirusHeat
Registry Keys
- HKEY_CLASSES_ROOT\clsid\{5b55c4e3-c179-ba0b-b4fd-f2db862d6202}
[edit] Known Variants
VirusHeat behaves similar to other known Rogue software. VirusProtectPro is a variant of VirusHeat.
[edit] Removal
 |
Please help improve this section by expanding it. Further information might be found on the talk page or at requests for expansion. |
Various anti-spyware removal tools have been known to remove VirusHeat. The latest definition file must be utilized in most anti-spyware programs to completely remove VirusHeat and any associated files.
[edit] References
- Symantec.com - VirusHeat is a misleading application that may give exaggerated reports of threats on the computer
- research.sunbelt-software.com - VirusHeat is a rogue security program known for scaremongering, high-pressure advertising practices
- virusheat.com Web Safety Ratings from McAfee SiteAdvisor
[edit] See also
- Malware
- Spyware
- Adware
- Rogue software
- Wikipedia's Spyware removal category
