use-ie.pnguse-ie.png

  1. Right click the system tray and select the ‘Task Manager’ or just hit ‘Ctrl+Alt+Del’. Once the task manager is open, navigate to the ‘Processes’ tab.
  2. Under the ‘Image name’ column, look for all entries marked ‘svchost.exe’, which are running under your USERNAME ONLY (not system, local or anything else). Terminate these processes by hitting the ‘End Process’ button. Close the task manager.
  3. The next step is to delete the files itself. Open ‘My Computer’ and type ‘C:\heap41a’, then hit Enter. The folder will have the files ‘svchost.exe, script1.txt, standard.txt, reproduce.txt, and an audio file.’ Delete all the files in the folder and then delete the heap41a folder itself.
  4. Now we have to delete the registry entry as well. Go to ‘Start –> Run’ and type ‘regedit’. Once the registry opens, on the menu bar, go to ‘Edit –> Find’ and type ‘heap41a’. After searching, you should have some entries with ‘heap41a’ in them. Delete all these entries.
  5. Your PC is free of the worm.

However, you also need to get rid of the worm from the USB drive, lest it infect your computer again. Connect your drive to the computer’s USB port (disable the drive from auto playing) and delete all entries marked with ‘autorun’. They may sometimes be in a separate folder. Once these entries are gone, your USB drive is clean as well….

Worm Regards,

Kuntal

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: