Thursday, June 11, 2009

Remove heap41a virus

How to Remove heap41a virus

  1. Press CTRL+ALT+DEL to open task manager

  2. Go to the processes tab and look for svchost.exe under the "image name". There will be many but look for the ones which have your username under the "username".

  3. Press DEL to kill these files. It will give you a warning, simply press Yes

  4. Repeat for other svchost.exe files with your username. Note: Do not kill svchost.exe under system, local service or network service.

  5. Type C:\heap41a in Start Menu > run.. and press enter. You need to do this because it is a hidden folder.

  6. Delete all files inside this folder.

  7. Again go to Start Menu > Run and type in Regedit

  8. Go to the menu Edit > Find

  9. Type "heap41a" here and press enter. You will get something like this "[winlogon] C:\heap41a\svchost.exe C:\heap(some number)\std.txt"

  10. Select that and Press DEL. It will ask "Are you sure you wanna delete this value", click Yes

  11. Now close the registry editor and you are done.

Make sure to delete the autorun.inf file and any unrecognized file ends with .exe in your pen drives and other external hard drives otherwise it will replicate itself again.

No comments:

Post a Comment