Firefox affects virus from pen drive

Virus from Pen Drive:

My friend had given me a pen drive. I remembered it while browsing net on Firefox. When I put that in my PC and double clicked, it didn’t open. I knew at once: I had activated a virus. But I didn’t have any idea about the kind of virus that might have come to my PC, until I switched back to Firefox. Immediately a message box was displayed: “I DONT HATE MOZILLA BUT USE IE OR ELSE… with title as USE INTERNET EXPLORER U DOPE. ” I just remembered the experiences of my friends. I tried to locate the virus by running the Task Manager. But there were no suspicious entries there. I had to bow the owner of the virus. I used Internet Explorer to search about it.

Instructions :

1. Press CTRL+ALT+DEL and go to the processes tab.
2. Look for svchost.exe under the image name. There will be many but look for the ones which have your username under the username.
3. Press DEL to kill these files. It will give you a warning, Press Yes
4. Repeat for more svchost.exe files with your username and repeat. Do not kill    svchost.exe with system, local service or network service!.
5. Now open My Computer
6. In the address bar, type C:\heap41a and press enter. It is a hidden folder, and is not visible by default.
7. Delete all the files here
8. Now go to Start –> Run and type Regedit
9. Go to the menu Edit –> Find
10. Type “heap41a” here and press enter. You will get something like this “[winlogon] C:\heap41a\svchost.exe C:\heap(some number)\std.txt”
11. Select that and Press DEL. It will ask “Are you sure you wanna delete this value”, click Yes
12. Now close the registry editor.

Now the virus is gone. But be sure to delete the autorun.inf file and any folder whose name ends with .exe in the pen drive.

UPDATE
It seems that they have named this malware as w32.USBWorm and according my friend, Avast is able to detect and remove it. I hope the other antivirus software will also be able to remove it soon.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s