I learnt about this worm few days ago when it first infected my father's laptop and has recently infected this PC too. This worm pissed me off for a number of reasons. First, it blocked me from using my favorite browser, Firefox. Fair enough, it must be an IE fan who can not accept the fact that Firefox is taking popularity off of Internet Explorer BUT blocking me from enjoying Youtube videos is something that cannot be tolerated. If you got the following message, then you too has the same problem.
I Dnt Hate Mozilla But Use IE Or Else... with title as Use Internet Explorer U Dope.
I'm quite convenient of sorting this out manually primarily because it doesn't require me to change to Avast just for the sake of removing this worm (wow, this worm circumvents my AVG anti virus). Ok, here is the steps needed to remove it completely from your computer.
First solution
- Press CTRL+ALT+DEL to open Windows task Manager.
- Go to the processes tab and look for svchost.exe under the "image name". There will be many but look for the ones which have your username under the "username".
- Press DEL to kill these files. It will give you a warning, simply press Yes
- Repeat for other svchost.exe files with your username. Note: Do not kill svchost.exe under system, local service or network service.
- Type C:\heap41a in Start Menu > run.. and press enter. You need to do this because it is a hidden folder.
- Delete all files inside this folder.
- Again go to Start Menu > Run and type in Regedit
- Go to the menu Edit > Find
- Type "heap41a" here and press enter. You will get something like this "[winlogon] C:\heap41a\svchost.exe C:\heap(some number)\std.txt"
- Select that and Press DEL. It will ask "Are you sure you wanna delete this value", click Yes
- Now close the registry editor and you are done.
Make sure to delete the autorun.inf file and any unrecognized file ends with .exe in your pen drive otherwise it will replicate itself again.
Second solution
Do the steps look creepy for you to try? Ok, here's another solution made by sarathlakshman. Download this file, unzip it, run the program and press the remove button. Done! :)
via MgHarish
Technorati Tags: win32.USBworm, computer worm, Heap41a
Sep 11, 2007 at 05:07:54
Thanks Eches..now i know how to remove it permanently..
Sep 13, 2007 at 09:14:50
Thank .. thanks a lot for the solution.
It save my PC finally.
Sep 24, 2007 at 11:32:37
Hi eches…
thanks a lot for your suggestion….
it really worked for me.
thanks buddy..
swaroop
Sep 24, 2007 at 18:54:53
Glad to hear that it works :)
Oct 30, 2007 at 02:34:02
well guys.. i found a very simple way.. to delete the worm
go to run.. type c:\heap41a
or in my computer address bar type c:\heap41a
make a new folder in the same folder
simply cut all the files and paste it in the new folder…
restart your system and its gone..
run some worm utility later to clean it up completely
Nov 11, 2007 at 02:33:47
the procedure is good thanks buddy
Nov 20, 2007 at 20:59:16
Thanks a lot, kudos to you people
Dec 30, 2007 at 14:46:29
THANKS A LOT IT WORKED FOR ME
THANKSSSSSSSSS!!!!!!!
Jan 7, 2008 at 12:34:46
Thanks alot for the solution……..
Jan 21, 2008 at 23:28:19
thanks a lot
Feb 21, 2008 at 12:33:30
Thanks a lot..I get to go to IMEEM.com again!!!
Mar 14, 2008 at 19:56:48
I downloaded as per the instructions but still it did not allow me to open the orkut.still i have the heap41a virus left on my system.
May 29, 2008 at 01:35:31
Thanks a ton it resolve my problem.
Jun 17, 2008 at 19:24:51
Thanks a Million this work really started peeing me off terribly. But thanks to your help I think it is gone now. Thank you again.
Jun 21, 2008 at 20:17:52
VERY THANX TO U………
Jul 29, 2008 at 14:29:04
Thanks a lot . its worked fine
Jul 29, 2008 at 21:35:38
Glad to hear that :)
Aug 3, 2008 at 12:34:04
SUper it is working in fantastic manner.
thanks for this solution.
Your service will be good to this world.
Keep up this good work.
Living for others is a great thing.
Aug 4, 2008 at 22:20:49
hi dear,
i think u r genious than the one who write the fix
i downloaded two solution fixes but they dont work for me
then i try your bug but cannot found heap… file.but i identify that in some systems it has the name win32.usbworm any i am really thankfull to you mate
expecting more informations from you
Aug 5, 2008 at 02:58:58
Thanks guys. I’m glad they work for you :)
Aug 31, 2008 at 13:21:18
thanks a lot………..
Oct 30, 2008 at 23:38:58
Thanks mate, you saved my day. It really worked for me.
Thanks a million.
Dec 5, 2008 at 16:47:56
when ever i try to start task manager i get message “SORRY” from SAM .. i tried to find the folder you informed heap41a but cannot find it they way you infomr … inform what should be done now
Feb 4, 2009 at 17:02:37
great!
Feb 27, 2009 at 09:35:21
Parabens pelo fantastico trabalho desenvolvido em favor dos usuarios da WWW. Que recompensas mil possam ser colhidas por essa equipe de verdadeiros cientistas sociais que nao medem esforcos para construir um mundo melhor. Deus abencoe e capacite a cada dia mais e recompense todo esse trabalho sensacional. Um abracao do Brasil.
Mar 28, 2009 at 01:25:18
thanks a lot dude.
your suggestion was simple,procedural and adequate.
i would have deleted so many other files for the fear of this file.
thanks.
Apr 13, 2009 at 13:41:14
Thanks, wonderful , its working well.
Thank u again for the help…..
Regards,
Shanavas
Jun 22, 2009 at 21:54:34
thanks for the tip and remover software
really helpfull
Aug 21, 2009 at 14:56:46
ohh!! thanx alot..your solution was so wonderful..thanx again
Oct 29, 2009 at 16:17:40
Thanks buddy…procedure was simply good and it helped me a lot