Its not a common virus. I have seen only one machine infected with it so far. But its really funny how far some people go to trouble others.
Well its a virus. 'Win32.USB Worm' or a variant also know as 'W32/AHK Heap' or just 'Heat41a'.
Other than blocking Firefox, it also blocks access to Orkut and YouTube. It mainly spreads through removable drivers, and targets 'svchost.exe' and PowerPoint.
To remove this scan your computer with a good antivirus (I will recommend ESET, Kaspersky or Norton). If the antivirus is not able to remove it then we have to do it by a registry tweak.
First - As usuall backup your registry.
Second- Open TaskManager(Ctr+Alt+Del) and end 'svchose.exe' process running under your username.
Third - Open Run and type 'regedit'. It will open registry editor.
Fourth- Search for entry 'heap41' and delete all entries. (keep pressing F3 to go to next entry)
Fifth- Enable 'View hidden files'. Search for hidden folder 'heap41a' and delete it. You will find this folder in C:\heap41a (presuming you have windows installed in C drive)
Reboot.
No comments:
Post a Comment