29 May 2007
W32.USBWorm spreads through USB drives. Prevents user from using Firefox, shows message which reads, "I DNT HATE MOZILLA BUT USE IE OR ELSE..." The message header reads, "USE INTERNET EXPLORER YOU DOPE." Firefox is then closed by force. Also blocks "Orkut" and "YouTube" sites.
Format the usb drive first (your data may loose) which carries the virus
Update : No need to frmat the USB Pen Drive, delete the autorun.inf file and any folder whose name ends with .exe in the pen drive.
Press Alt+Ctrl+Del --> you can see 'Task Manager' --> click on Process tab --> Locate 'SVCHOST.EXE' (will see many SVCHOST.EXE, but select the one having 'User Name' same as your Windows login name). --> Click End Process button
Now proceed the following
Open Task Manager by holding Ctrl + Alt + Del and click on the process tab.
- Ignore the warning messages and stop the SVC.Host for the system's user name.
- Navigate to C:/Heap41a and delete the contents of the folder. Smile.
Start Menu>Run>regedit press enter key
Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
CheckedValue reset it back to 1 from 2. ( to do that right click CheckedValue>modify>value data >
Beware of using USB Pen drive especially in the browsing center. Found some browsing centers in Bangalore too.
go to C:\heap41a and delete this folder, If the folder called test.exe delete that too from your desktop.
Clear all the key entries from this registry
HKEY_LOCAL_MACHINE,SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ with entry called heap41a
i dont hate mozilla
Update : Don't Unintall FireFox, some people are experiencing issues with OS after uninstalling Fire Fox after infecting the virus. Instead of removing the virus, if you uninstall the system will refuse to boot in normal / safe mode
For further reference check out here
Warning : Try out this at your own risk