What Is the Win32 Heur Virus?

By Andante Sostenuto

Trojan viruses are malicious programs that appear benign at first. Often they require users to install them in order to run a certain task, but simultaneously allow hackers remote access into a computer. Hackers usually use keyloggers and spyware to commit data theft. At this point, they are able to record passwords, bank account numbers, credit card numbers, etc. which allows them to commit identity theft. The Win32 Heur Virus is one such trojan that damages the stability of your machine.

How It Is Acquired

There are three main ways for the Win32 Heur to infect a machine. Online P2P networks like Bearshare and Limewire put the computer at risk. Usually, the virus is packaged into a .exe file or a video codec. The second way is through the installation of free or low-cost programs; sometimes these programs are free for a reason. And the third way a computer becomes infected is by visiting an infected website that force-downloads the virus. Indicators that this is occurring are multiple pop-up windows and rapid browser redirection, preventing a real-time response and allowing the virus to sneak into the machine.

Indications of an Infection

Once the Win32 Heur has infiltrated a computer, there are several indications of its presence. Webpages load significantly slower than usual and are often frequently interrupted by browser crashes. If the virus has managed to corrupt registry files, the entire computer becomes more unstable and may periodically crash. The browser homepage and desktop wallpaper change, and pages will often redirect to sites like ripetv.com or crackle.com. Desktop and tray icons may change. During start-ups, alerts from Dr. Watson Security may appear. Unknown applications install and pop-up blockers will be disabled or modified. In general, computer usage will become much more difficult. Ignoring these signs and allowing the Win32 Heur into the registry files can result in thousands of dollars being spent to fix or replace a corrupted machine. The Win32 Heur also allows other third-party applications and trojans access into the computer, sometimes even deactivating firewalls and virus scanners, and monitors browsing activity to customize pop-ups.

Scanning

If you think you have a Win32 Heur infection, scan your computer with your virus scanner. If you do not have a virus scanner, there are several free programs online that will check specifically for the Win32 Heur, but be careful - some of these are fake. AVG Free is a reputable and free virus scanner that will detect the Win32 Heur. Websites like SpywareFixPro.com document fake antivirus scanners; before downloading a free antivirus program, check the program against that list and others.

Removal

If you have a virus scanner already installed, such as McAffee, Symantec, or Kapersky, run a scan to search out the files. Quarantine and isolate the infected files, then delete them. To manually remove the trojan, click the Start menu button and select "Search." Then search for either "win32 heur" or "heur," but do not delete any files yet; some win32 files are necessary for the running of the computer. Scan each file to be sure of infection before deletion. Some users have also reported successful removals by using System Restore to rollback the computer to a previous, uninfected state.

Preventing Future Infections

All computer owners should have a virus scanner installed and running. McAffee, Symantec, and Kapersky are popular programs, but are quite expensive. AVG Free and Windows Defender are two free alternatives. Whenever installing a program or downloading a file, scan it with the virus scanner; do not download anything, including random applications attached to emails and ActiveX controls, without first knowing what it is and who sent it.