A rogue on heat - VirusHeat
February 8th, 2008 by AndyAtHullFirst time in a long time that we have directly posted about a rogue. In fact it was over a month ago.
Today we will be highlighting a rogue called VirusHeat. And as you can figure from the screenshot below. This one is a variant/clone/sister of VirusProtect, VirusProtectPro and many more. No surprises there.
The details on who are behind it are no different either. Estdomains Inc and Ukrtelegroup Ltd are listed on the whois. And the URL to the infected site is:
www(dot)virusheat(dot)com
Avoid going to the site, unless you really know what you are doing.
Of course, once you have this flashing at you at 100 mph you want to know how you can remove it? Well, we have an automated removal guide in place HERE. But you can also get step by step guidance with a helper in our forum.
Have you been infected with this? Or have you got a question? Chat about this in details here for any questions.
Filed under Rogue Programs, Security Related |
February 11th, 2008 at 1:02 am
Do I still need to download AVG even if I have mcAfee already downloaded on my computer?
February 11th, 2008 at 2:42 pm
The reason we suggest AVG Anti-Spyware is because that detects and cleans any left overs. Plus potentional other malware
I would guess by McAfee, you mean your anti-virus program. Well AVG AS is not an anti-virus program but anti-malware. Big difference.
Our guide will disable AVG AS so it does not conflict with your primary av program. But in the interest of the infection the guide is about, yes, use AVG AS as part of the removal process. You can always uninstall it afterwards.
Regards, Andy
February 11th, 2008 at 6:18 pm
Thank you AndyAtHull for your help and responding to my message.
February 11th, 2008 at 9:39 pm
can you please give me that addy again closed out the screen thinking you were responding to my message and it would of interfered with your responce. SORRY
February 11th, 2008 at 10:03 pm
Do you mean to the removal guide for VirusHeat? Then here:
http://forum.securitycadets.com/index.php?showtopic=5445
That guide has all the relevent links
Andy
February 14th, 2008 at 12:24 am
Hi Andy no I mean the web sight you gave me to get the smithfraud.exe at because I cannot find it when I put my comp. in safe mode. I have windows xp service pack 2 I dont know if thats the reason or not.
February 14th, 2008 at 12:26 am
Ok, well you can find a link on our downloads page:
http://www.securitycadets.com/download/
It will list the tool there. But if you still cannot find that click on the link below:
http://downloads.securitycadets.com/SmitfraudFix.exe
We mirror the tool.
Andy
February 17th, 2008 at 8:02 pm
Hello Andy I dont see the smitfraudfix.exe on my desk top when I start the comp. in safe mode. What should I do?
February 17th, 2008 at 9:52 pm
Hello,
Ok the next step would be, if you haven’t already, is to post this in the HJT forum.
A blog commenting system won’t be a perfect communication solution for this problem.
http://forum.securitycadets.com/index.php?showforum=2
A helper should be with you asap.
Andy
February 20th, 2008 at 2:46 am
Thank you Andy, I need to go out of town for a few days. Just thought I would let you know.
February 26th, 2008 at 6:15 pm
Hello Andy I am back home again and want to Thank you for having patience with me.
March 14th, 2008 at 7:01 pm
These comments were helpful. I have been infected with the virus and am using your self help guide to try to get rid of it. It has led to a whole bunch more unwanted sites including
illegal porn!