Remove ‘Here you have…’ Virus Infection
What is the ‘Here you have…’ virus and how you can protect your computer?
‘Here you have…’ is a new virus which uses e-mail for its initial propagation and spreads rapidly through mapped drives, remote machines, and removable media and shared drives. The virus can attack Windows file shares and removable thumb drives. It also spreads through e-mail by gathering e-mail addresses and contacts. The virus arrives as an e-mail with the subject line ‘Here you have…’ and invites you to click on a link to a PDF file. When the link is followed it downloads the malicious file, W32.Imsolk.B@mm, which infects your PC. One version of the email says, “Hello: This is The Document I told you about, you can find it here” and it includes a link to a PDF. It is named after the subject of the infected e-mail that comes as ‘Here you have…’. The virus can attack if no security is provided to the local user’s address book. The spam filter might fail to detect the threat because it comes from a legitimate source.
The following points will help you to know more about the ‘Here you have…’ virus and computer security steps that need to be taken:
- How the ‘Here you have…’ virus affects PCs?
- How to prevent the virus attack?
- What should you do if the ‘Here you have…’ virus infects your PC?
How the ‘Here you have…’ virus affects PCs?
The URL in the e-mail takes the user to an executable file with the extension .scr and not to a PDF file. Infected computers spread the virus messages since the domain is no longer live. The virus installs and replicates as CSRSS.EXE in the Windows directory and tries to spread itself by sending e-mails to addresses found in the contacts list. The virus steals information like passwords from browsers and other apps in your computer. Once the virus copies itself to another computer, if a user even opens the folder that contains the threat on this new machine, this will launch the threat and cause it to spread.
How to prevent the virus attack?
The ‘Here you have…’ virus has affected the servers of large organizations such as NASA, Comcast, ABC/Disney, and Google. The virus forces the e-mail servers and antivirus software installed on computers to shut down completely. The networked computers and USB drives are infected while clicking the link. To prevent this type of virus infections, do not click any e-mail with the subject ‘Here you have…’ Ensure that your antivirus or antimalware software is up to date and perform a full system scan of your computer. Always run antivirus, firewall and antispyware and keep it up to date.
What should you do if the ‘Here you have…’ virus infects your PC?
If the virus has infected your system, you need to temporarily disable the network connection. You need to also disable network sharing and/or disconnect infected computers from the local network and Internet to prevent the spreading of the virus. Then change file associations in ‘Control Panel’ to remove the Adobe Reader from an automatic association. Select the ‘Task Manager’ and end the AcroRd32 process. After confirming that the virus has stopped sending messages, reconnect network connection and update antivirus. Disable AutoPlay to prevent the automatic launching of executable files on network and turn off autorun.inf files to prevent attacks.
iYogi’s Annual Unlimited Subscription Plan
iYogi is the fastest growing online and remote tech support provider in the direct-to-consumers and small businesses sector. Our highly skilled and experienced tech experts available, 24x7x365 can provide the best issue resolution and customer satisfaction. Our award winning and low priced Annual Subscription covers the following services:
- Comprehensive support for the detection and removal of the ‘Here you have…’ virus
- Diagnostic & repair for your technologies
- Troubleshoot software errors
- Update drivers and security to protect against online threats
- Connect to Internet, devices and peripherals
- Optimize your computer’s speed and performance.