VirusHeal

Description:	Rogue Security Program
Risk Level:	High
Date of First Occurence:	Tuesday, April 15, 2008
Software Developer:	(unknown)
Brief Info:	Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "VirusHeal"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\VirusHeal 3.8\VirusHeal 3.8.exe MD5: 74918CC17FB9E0142A66C848FC1AE15F Size:2256896 MD5: 3FD00B9BF3BE8B3FE39FE205EFD259D4 Size:2256896 %PROGRAMFILES%\VirusHeal 4.1\VirusHeal 4.1.exe MD5: 394C49B86832FB9A641A3F232DD68DB3 Size:2256896 %PROGRAMFILES%\VirusHeal 4.1\msvcr71.dll MD5: 86F1895AE8C5E8B17D99ECE768A70732 Size:348160 %PROGRAMFILES%\VirusHeal 4.1\msvcp71.dll MD5: 561FA2ABB31DFA8FAB762145F81667C2 Size:499712 %PROGRAMFILES%\VirusHeal 4.1\uninst.exe MD5: 31B005D389C8B55ABE3B3756D735B1CD Size:41175 %PROGRAMFILES%\VirusHeal 4.2\VirusHeal 4.2.exe MD5: 0A9C805DC9F1E736DBEE853D2251E206 Size:2224128 %PROGRAMFILES%\VirusHeal 3.9\VirusHeal 3.9.exe MD5: F199EB53AE2AE730DE65AD5A563F9D3C Size:2256896
Detected Files with variable Filenames: MD5: CADCF9D41B3FEED25AA5D12814FAD5C1 Size: 2256896 %PROGRAMFILES%\VirusHeal 4.0\VirusHeal 4.0.exe %PROGRAMFILES%\VirusHeal 4.0\virusheal 4.0.exe.ren

Detecting items list:

Files by Name %ProgramFiles%\VirusHeal *\VirusHeal *.exe %ProgramFiles%\VirusHeal *\antispy.vh %ProgramFiles%\VirusHeal *\blacklist.txt %ProgramFiles%\VirusHeal *\uninst.exe %ProgramFiles%\VirusHeal *\VirusHeal *.url %ProgramFiles%\VirusHeal *\Lang\English.ini %START_PROGRAMS%\VirusHeal *\VirusHeal ?.*.lnk %START_PROGRAMS%\VirusHeal *\VirusHeal * Website.lnk %START_PROGRAMS%\VirusHeal *\Uninstall VirusHeal ?.*.lnk %APPDATA%\Microsoft\Internet Explorer\Quick Launch\VirusHeal ?.*.lnk %DESKTOP%\VirusHeal ?.*.lnk %START_MENU%\VirusHeal ?.*.lnk
Files by Directories %ProgramFiles%\VirusHeal ?.? %START_PROGRAMS%\VirusHeal ?.?
Files by CLSID or Name CLSID=FA222968-C5BA-FA9F-6458-C63131328081
Registry Keys HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VirusHeal ?.?.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeal ?.? HKLM\SOFTWARE\VirusHeal ?.?
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=VirusHeal ?.?

« Go to Software Database

Pesquise na nossa Base de Dados de Software

A base de dados Software

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias antigas de malware »