Heur Trojan Removal

By John Geisel

The Heur Trojan (or Trojan horse) refers to a computer virus that infects your computer system by means of a trusted program. The malicious file can then compromise the security of your computer by allowing another person unauthorized access to your files from a remote location. Trojan horse infections are typically difficult to remove because most reactivate upon restarting your computer.

Symptoms

Slow Internet browsing, a different browser homepage, Windows instability, modified desktop wallpaper and fake Dr. Watson security alerts are all symptoms of a Heur Trojan infection. You can verify that your computer is infected by installing anti-virus software. Perform a complete system scan, and it will indicate the presence of this virus by displaying “Generic.Trojan.Heur”, or some variation of those words.

Removal

The Heur Trojan is a polymorphic virus consisting of multiple files, which means it is constantly changing to avoid detection and removal. This also means that no two copies of the malicious files are exactly the same, and can sometimes make removal difficult.The first step to combating this infection is to install AVG’s free anti-virus program. Download it (see Resources for a link) from the AVG homepage and install it, then click “Update now” to ensure you are using the latest AVG virus definitions. Select the “Computer Scanner” tab and then click on the “Scan Whole Computer” button. The time it takes to scan your entire system depends on how fast your computer is, and how much data is stored on your hard drive. After scanning, the anti-virus software will display a list of files that are infected; these files comprise the Heur Trojan virus. Select the option to “Move to Vault,” and the files will be quarantined and prevented from executing. Reboot your computer and again perform an entire system scan with AVG’s anti-virus program. If the second scan shows no signs of infection, then the Heur Trojan was successfully removed. If the Heur Trojan is still present, you will have to attempt to remove it using a more specialized type of anti-virus software.ParetoLogic is a software company that has written an anti-virus program titled “XoftSpySE.” While this software is not free, it is much more effective at removing polymorphic infections such as the Heur Trojan. Download XoftSpySE from their homepage (see Resources for a link) and install the program. Run the program and from the main menu check the box next to “Full Scan,” and click the “Start Scan” button. After the program has finished scanning your entire computer, simply click the “Clean” button to remove any malicious files. Reboot your computer and once again perform a complete scan to verify that the Heur Trojan was completely removed.