If you have been downloading programs via peer to peer methods like torrents, opening email attachments from unknown sources, or opening corrupted media files there is a possibility that you have been infected with the win32 heur virus. This infection will often appear to the user as an anti-virus pop up that is demanding payment to remove infections, when the reality is that the only infection on the system is the win32 heur program itself.
If you have been infected with this program then do not worry, and certainly do not make any payments to the program, as you will find the easiest ways to remove the program as well as ways to avoid this issue from arising again.
The first way to remove the win32 heur is to manually get rid of the infection. This is typically reserved for advanced users, as it requires modifications to the registry. As the infection runs continuously on your system the first thing to do is to end the program completely, and the easiest way to do is through the task manager. To access the task manager simply press alt cntrl and del at the same time. Once the task manager window opens you will want to the process that is labelled Win32/Heur.exe. Once you have stopped the process the virus will be shut down, and now you can cut it out of your system.
Now you will need to open your registry editor and remove the file that is named: HKEY_LOCAL_MACHINE\\Software\\Win32/Heur. This has no removed the registry entry which will reduce the activities of the program; however the infection has not been removed yet. To do this you will want to do a complete system scan for any files that have the word Heur within it. Now you will want to restart your machine and see if the fake anti-virus is still present.
Now that you know the hard way to remove Win32 heur we can take a look at the easier way to remove the program. To do this you will need to download the latest version of your anti-virus software’s database and run a full system scan. Once this scan is completed you will want to see if the infection has been identified. If it has been found you will want to try to remove it and depending on the results your journey to remove the infection might be over or just starting.
If the program was not removed you will need to get a different program to do a system scan, which can be another anti-virus or anti-spyware program. Many times the infection can prevent your security programs ability to identify the infection, which is why it is often recommended to get an anti-malware or anti-spyware program to run along with your anti-virus. There are many free programs available on the market today, so you can always try running them to see if they can find the infection, and if they are not able to you can take a look at either purchasing additional software or taking the system into a computer technician.
The Win32 Heur infection can be a very annoying program to deal with so the best remedy is prevention. It is best to only download files, and open files, from trusted sources and people so it is not recommended to download files from torrent or mass hosting locations. These files are often the targets to spread malicious infections due to the size of their distribution. Another action that is recommended is scanning all email attachments prior to opening them, regardless of the sender.