microsoft.public.windowsxp.security_admin

"Alfred" wrote:

> I've had a major virus invasion, advertised on the desktop by a company in
> Latvia, : xxx://www.virusheat.com/?aff=1012.
> I chose to use Windows Defender to fix the problem, but these nice people on
> the Baltic sea saw fit to place a flashing warning icon on my task bar, an
> icon I can't remove, and on opening the web, a baloon starts with a warning
> that a serious virus has invaded and needs to be removed by VirusHeat, on
> paying the prescribed fee of $ 49.95 ! I can not remove the unwanted icon and
> ask for help.
>
> Frustrated Australian

Hi Al,
Please read the info here on these links then proceed with the instruction
of the removal of the Virus/App:
How To Remove Virusheat (removal Instructions)
http://www.bleepingcomputer.com/forums/topic130080.html
http://www.symantec.com/security_response/writeup.jsp?docid=2008-021111-1926-99&tabid=3
http://www.spywareremove.com/removeVirusHeat.html
http://ca.com/us/securityadvisor/pest/pest.aspx?id=453124583

For more cleaning steps Try this:
Go through these Cleaning steps:
1... Click start >> Control Panel >> Double Click Network and Internet
Connections >> Double click Internet Options, on the IE Properties window
you will see these Options:
General | Security | Privacy | Content | Connections | Programs
| Advanced .

Click on General Tab (1st Tab on the left) and you will see a Button called
[ Clear History ..] click on it to clear your History caches, then click on
[Delete Files..] to delete Internet Files created over the time, click on [
Delete Cookies...] to delete your cookies left by visiting websites.

Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
= Then try to Disable the Add-Ons on your Browser somehow installed on your
browser, On how to disable the Add-ons follow this:
Click on Programs Tab and then click the Manage Add-Ons Button there Disable
the None/Not Verified Plug-ins/Add-ons ( you need to Renable them one-by-one
later and see which is the culprit .
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
RootkitRevealer v1.71
By Bryce Cogswell and Mark Russinovich
http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx

Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (off-line scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html

Lots of tools to download and disinfect your machine (off-line scanner):
http://www.bitdefender.co.uk/site/Downloads/browseFreeRemovalTool/

After the scan run disk clean-up on your drive
Download the Hijackthis and send the report to one of
many
forums for analysis and troubleshooting:
When all else fails, HijackThis v2.0.2
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php) is
the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware. Post
your log to:
http://www.spywareinfo.com/~merijn/downloads.html
http://aumha.net/viewforum.php?f=30,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7
http://www.bleepingcomputer.com/tutorials/tutorial42.html
http://www.bleepingcomputer.com/forums/
Or other appropriate
forums for expert analysis, not here.
Let us know your progress.
nass
----
http://www.nasstec.co.uk