I dnt hate Mozilla but use IE or else…. Worm

Dec 5, 2007
Updated • Dec 8, 2014

I dnt hate Mozilla but use IE or else... is what I got when I tried to start Firefox sometime back. Just as the window opened, a box with this message popped up and then disappeared, taking my Firefox window along with it.

Internet Explorer seemed to work until I tried opening YouTube. Then, I got the following message before IE shut down as well.

‘Youtube is banned you fool, The administrators didn’t write this program guess who did?? MUHAHAHA!!’

I couldn’t for the life of me figure out how this had happened so I decided to search and see if this problem had cropped up somewhere else.

Turns out, it’s pretty common. These messages are courtesy of the W32.USB worm. This worm copies itself to removable drives as Microsoft Power Point.exe and will infect your PC when you connect the infected drive to it. The infection is via a hidden Autorun.inf file.

Luckily, it’s fairly easy to get your browsers back to normal. Just follow the following steps.

  1. Right click the system tray and select the ‘Task Manager’ or just hit ‘Ctrl+Alt+Del’. Once the task manager is open, navigate to the ‘Processes’ tab.
  2. Under the ‘Image name’ column, look for all entries marked ‘svchost.exe’, which are running under your USERNAME ONLY (not system, local or anything else). Terminate these processes by hitting the ‘End Process’ button. Close the task manager.
  3. The next step is to delete the files itself. Open ‘My Computer’ and type ‘C:\heap41a’, then hit Enter. The folder will have the files ‘svchost.exe, script1.txt, standard.txt, reproduce.txt, and an audio file.’ Delete all the files in the folder and then delete the heap41a folder itself.
  4. Now we have to delete the registry entry as well. Go to ‘Start --> Run’ and type ‘regedit’. Once the registry opens, on the menu bar, go to ‘Edit --> Find’ and type ‘heap41a’. After searching, you should have some entries with ‘heap41a’ in them. Delete all these entries.
  5. Your PC is free of the worm.

However, you also need to get rid of the worm from the USB drive, lest it infect your computer again. Connect your drive to the computer’s USB port (disable the drive from auto playing) and delete all entries marked with ‘autorun’. They may sometimes be in a separate folder. Once these entries are gone, your USB drive is clean as well.

I dnt hate Mozilla but use IE or else…. Worm
Article Name
I dnt hate Mozilla but use IE or else…. Worm
The guide provides information about a new Worm that users may encounter while using Windows. It includes removal instructions.

Previous Post: «
Next Post: «


  1. Bel said on August 25, 2012 at 4:56 pm

    Thank you!I from Brazil

  2. Damin said on August 5, 2008 at 5:24 am

    thank you, thank you, thank you. my firefox is free again thank you.

  3. Sam Guna said on June 11, 2008 at 5:58 pm

    Thanks a lot for the clear cut instructions….now i am with MOZILLA again :-)

  4. Paranj K said on April 21, 2008 at 5:00 pm

    Thanks a lot man. I love Mozilla



  5. krushna said on January 16, 2008 at 10:37 am

    nece solution , Thanks man krushna

  6. Cheryl said on December 7, 2007 at 6:09 pm

    Just to clarify, its not ‘my’ machine. I’m pretty much a guest on it. When I have enough funds to buy my own computer, then I can do what I want. Oh, and the USB ‘picked’ up the virus from the local copy shop.

  7. Dante said on December 7, 2007 at 2:54 am

    It’s always “someone” else in the house. That’s why I set up Users, with restricted rights. And if they want more rights, they can buy and maintain their own machine.

  8. Lorissa said on December 7, 2007 at 2:14 am

    That’s a pretty weak excuse Cheryl. If it’s your system, then it’s your responsibility to make sure it’s safe and protected at all times.

  9. Cheryl said on December 6, 2007 at 2:42 pm

    I use AVG Free as my anti-virus software and its pretty effective. I also use Ad-aware.

    P.S.: I wasn’t responsible for the virus getting into my system in the first place. Someone else in my house had the privilege of doing it. However, I was the one to clean it up.

  10. Lorissa said on December 6, 2007 at 10:50 am

    Martin – that article may have been posted by Cheryl, but it says:

    Why I decided to uninstall my Antivirus software
    Posted by Martin in Security

  11. Rod said on December 6, 2007 at 6:35 am

    I just disable the autorun for all drives. So no or little risk of accidentally getting infected. Then I just delete any unknown files on my USB device.

  12. Steve said on December 5, 2007 at 8:40 pm

    one slight cautionary addendum to your article, if like me you use the free Portable Apps Suite on any USB sticks be careful about deleting all instances of autorun, since Portable Apps Suite uses an autorun.inf this would in fact stop the suite from working the way it should.

  13. Martin said on December 5, 2007 at 8:09 pm

    Rob that article was posted by Cheryl, not me ;)

  14. Rob said on December 5, 2007 at 5:08 pm


    Maybe you got to rethink about your post the other day about the lack of need for an AV.

    I use AVG Free and seems to work better than Symantec and faster too.

  15. Roman ShaRP said on December 5, 2007 at 4:28 pm

    What AV, monitor(s), firewall do you use?

  16. Cheryl said on December 5, 2007 at 4:26 pm


    I do monitor my system and thankfully have never had any problems. This was the first time something like this had happened to me.

  17. Roman ShaRP said on December 5, 2007 at 4:18 pm

    So monitor your system – there are plenty of AV and monitor products, many of them are free.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.