Recently I came across a new worm(virus) in my friend’s system. When I started firefox, I got a message I DNT HATE MOZILLA BUT USE IE OR ELSE… as pop up window with USE INTERNET EXPLORER U DOPE as window title. At first, I thought this is fun and surprised to see that there are people against to mozilla, after a while felt like crack this shit. Not only this, this guy also against to Orkut it seems, when ever I open orkut.com i get another pop up window with the message Orkut is banned you fool, The administrators didnt write this program guess who did?? MUHAHAHA!! and title as ORKUT IS BANNED. It seems this is a spyware attached to one of the free software downloads which is the routine habit of my roomie.
Any ways, I finally able to remove this guy out of my friend’s system. Just follow the below steps for windows users. I don’t think this would exist for Linux or other OS any way.
1. open your task manager by right click on toolbar and selecting the Task Manager.
2. find all the SVCHOST.exe processes with username as your login name.
3. select those processes, press Del key to kill those. When you get another pop up window message with Yes or No, select yes.
4. Now, go to start –> Run open the path C:heap41a and delete all the files. This is a hidden folder and not visible by default.
5. Now go to Start –> Run and type Regedit.
6. Go to the menu Edit –> Find. Type “heap41a” here and press enter.
7. You will get something like this “[winlogon] C:heap41asvchost.exe C:heap(some number)std.txt”.
8. Select that and Press DEL. It will ask “Are you sure you wanna delete this value”, click Yes.
9. Now close the registry editor. That’s it, you did it.
Finally, though this type of worms are not new, but specific to firefox or mozilla is some wards weired. I heard my friend saying that some of anti-virus companies survive by release viruses themselves. The same way, I donno some of IE fans (if exists :)) may indulge these kind of things.
Any how, this head ache is out now. Letz go with our busy way….