I learnt about this worm few days ago when it first infected my father's laptop and has recently infected this PC too. This worm pissed me off for a number of reasons. First, it blocked me from using my favorite browser, Firefox. Fair enough, it must be an IE fan who can not accept the fact that Firefox is taking popularity off of Internet Explorer BUT blocking me from enjoying Youtube videos is something that cannot be tolerated. If you got the following message, then you too has the same problem.
I Dnt Hate Mozilla But Use IE Or Else... with title as Use Internet Explorer U Dope.
I'm quite convenient of sorting this out manually primarily because it doesn't require me to change to Avast just for the sake of removing this worm (wow, this worm circumvents my AVG anti virus). Ok, here is the steps needed to remove it completely from your computer.
First solution
- Press CTRL+ALT+DEL to open Windows task Manager.
- Go to the processes tab and look for svchost.exe under the "image name". There will be many but look for the ones which have your username under the "username".
- Press DEL to kill these files. It will give you a warning, simply press Yes
- Repeat for other svchost.exe files with your username. Note: Do not kill svchost.exe under system, local service or network service.
- Type C:\heap41a in Start Menu > run.. and press enter. You need to do this because it is a hidden folder.
- Delete all files inside this folder.
- Again go to Start Menu > Run and type in Regedit
- Go to the menu Edit > Find
- Type "heap41a" here and press enter. You will get something like this "[winlogon] C:\heap41a\svchost.exe C:\heap(some number)\std.txt"
- Select that and Press DEL. It will ask "Are you sure you wanna delete this value", click Yes
- Now close the registry editor and you are done.
Make sure to delete the autorun.inf file and any unrecognized file ends with .exe in your pen drive otherwise it will replicate itself again.
Second solution
Do the steps look creepy for you to try? Ok, here's another solution made by sarathlakshman. Download this file, unzip it, run the program and press the remove button. Done! :)
via MgHarish
Technorati Tags: win32.USBworm, computer worm, Heap41a
Thanks Eches..now i know how to remove it permanently..
Thank .. thanks a lot for the solution.
It save my PC finally.
Hi eches…
thanks a lot for your suggestion….
it really worked for me.
thanks buddy..
swaroop
Glad to hear that it works :)
well guys.. i found a very simple way.. to delete the worm
go to run.. type c:\heap41a
or in my computer address bar type c:\heap41a
make a new folder in the same folder
simply cut all the files and paste it in the new folder…
restart your system and its gone..
run some worm utility later to clean it up completely
Pingback: Eches » Blog Archive » Deep Freeze: Keep all malicious viruses/worms at bay
the procedure is good thanks buddy
Thanks a lot, kudos to you people
THANKS A LOT IT WORKED FOR ME
THANKSSSSSSSSS!!!!!!!
Thanks alot for the solution……..
thanks a lot
Thanks a lot..I get to go to IMEEM.com again!!!
I downloaded as per the instructions but still it did not allow me to open the orkut.still i have the heap41a virus left on my system.
Thanks a ton it resolve my problem.
Thanks a Million this work really started peeing me off terribly. But thanks to your help I think it is gone now. Thank you again.
VERY THANX TO U………
Thanks a lot . its worked fine
Glad to hear that :)
SUper it is working in fantastic manner.
thanks for this solution.
Your service will be good to this world.
Keep up this good work.
Living for others is a great thing.
hi dear,
i think u r genious than the one who write the fix
i downloaded two solution fixes but they dont work for me
then i try your bug but cannot found heap… file.but i identify that in some systems it has the name win32.usbworm any i am really thankfull to you mate
expecting more informations from you
Thanks guys. I’m glad they work for you :)
Pingback: How to remove fake Antivirus 2008
Pingback: How to remove fake Antivirus 2008
thanks a lot………..
Thanks mate, you saved my day. It really worked for me.
Thanks a million.
when ever i try to start task manager i get message “SORRY” from SAM .. i tried to find the folder you informed heap41a but cannot find it they way you infomr … inform what should be done now
great!
Parabens pelo fantastico trabalho desenvolvido em favor dos usuarios da WWW. Que recompensas mil possam ser colhidas por essa equipe de verdadeiros cientistas sociais que nao medem esforcos para construir um mundo melhor. Deus abencoe e capacite a cada dia mais e recompense todo esse trabalho sensacional. Um abracao do Brasil.
Pingback: Prevent Autorun.inf Infection with Panda USB AutoRun Vaccine
thanks a lot dude.
your suggestion was simple,procedural and adequate.
i would have deleted so many other files for the fear of this file.
thanks.
Pingback: Prevent Autorun.inf Infection with Panda USB AutoRun Vaccine | Stumbled
Thanks, wonderful , its working well.
Thank u again for the help…..
Regards,
Shanavas
thanks for the tip and remover software
really helpfull
Thank’s, it was bugging me ;)
ohh!! thanx alot..your solution was so wonderful..thanx again
Thanks buddy…procedure was simply good and it helped me a lot