BEWARE OF VIRUSHEAT!!! (Trojan Horse app)

VirusHeat (VirusHeat/Virus Heat 3.9, or VirusHeat/Virus Heat 4.3) is usually downloaded through a trojan (usually the Zlob trojan) that's bundled in a fake Video codec.Once installed, VirusHeat will run a scan report with exaggerated spyware results which confuse the user into believing that their computer has spyware. After the scan is complete, a warning message will pop up with a link that redirects the user to VirusHeat's homepage where he/she is prompted to buy the VirusHeat software.

VirusHeat displays false warning messages and exaggerated scan reports to mislead the user. VirusHeat repeatedly annoys the user with pop up warnings that prompt the user to purchase a full version of the program. VirusHeat may attempt to change the user's IE homepage to go to VirusHeat's homepage (virusheat.com). VirusHeat may automatically launch on startup.


VirusHeat installs the following:

Processes

* VirusHeat 3.9
* VirusHeat 3.9.exe

DLLs

* eeioq.dll
* iinqyl.dll
* wuuawkz.dll

Directories

* C:\Program Files\VirusHeat

Registry Keys

* HKEY_CLASSES_ROOT\clsid\{5b55c4e3-c179-ba0b-b4fd-f2db862d6202}

VirusHeat behaves similar to other known Rogue software. VirusProtectPro is a variant of VirusHeat.

Various anti-spyware removal tools have been known to remove VirusHeat. The latest definition file must be utilized in most anti-spyware programs to completely remove VirusHeat and any associated files. SmitFraudFix is a commonly used tool for removal of VirusHeat and other malware infections.