Monday, August 4, 2008

W32.USB Worm

It spreads through Pen,USB,Thump disk thats why the name.

It shows messages like

"I DNT HATE MOZILLA BUT USE IE OR ELSE..."

"USE INTERNET EXPLORER U DOPE"

"Orkut is banned you fool, The administrators didnt write this program guess who did?? MUHAHAHA!!"

Use the following procedure for removal.

1. Go to the processes tab in task bar using Ctrl+Alt+Delete

2. Look for svchost.exe under the image name with username as current logged user.

3. Kill those files using delete key or right click and chose 'End Process'. It will give you a warning, Press Yes.

4. Do not kill svchost.exe with system, local service or network service.

5. Now open My Computer

6. In C Drive locate C:\heap41a and delete, it's hidden folder.

7. Now go to Start --> Run and type Regedit

8 Go to the menu Edit --> Find

9. Type "heap41a" here and press enter. You will get something like this "[winlogon] C:\heap41a\svchost.exe C:\heap(some number)\std.txt"

10. Select that and Press DEL. It will ask "Are you sure you wanna delete this value", click Yes

11. Now close the registry editor.

Now the virus is gone. But be sure to delete the autorun.inf file and any folder whose name ends with .exe in the pen drive.


No comments:

Subscribe free via email

Enter your email address:

Delivered by FeedBurner

...