Moved this to Malware Discussion > Home User Assistance.
As you don't mention what anti-virus you have installed I'll assume it's a McAfee home product.
Try scanning with Stinger and Malwarebytes Free both linked in that last link in my signature below.
Note that no antivirus is 100% guaranteed to protect you. You have to be extra careful and make sure everything on your computer is totally up to date.
This seems to affect Firefox more than other browsers. is your browser Firefox?
Hi mods, yes it is Firefox,but also effecting Explorer. Can't do system restore,even in safe mode. Been on chat with Norton 2.5 hours with them telling me it aint a virus,only to say oh yes it is. then to say they will get their virus team to ring me if i pay 100 dollars to resolve the virus. Angry isn't in it because I have 4 licenses for family and we all have 6 months updates /membership left. When I asked why can't they be made aware of the virus/worm and issue a fix in next update or forthcoming updates. i WAS TOLD THEY WILL IF I PAY FOR IT!?!?. So in other words,everyone who has Norton, pays for membership, gets 6 months virus free surfing if your lucky, then if you get a virus, they want you to pay for their virus team to fix it, to then issue it in a release....so in other words everyone who has norton 360 is paying for their own updates....Norton I know is a swear word with McAfee.
I have seen the above http mentioned in virus threats on McAfee with a dat fix 6568 I think, so if I buy McAfee I am wondering will your anti virus will fix it, if so then all 4 family members swapping for life to McAfee..I do hope someone out there can help this family. Thanks guys
Virus Profile: JS/Autorun.worm.aacz
Risk Assessment: Home Low | Corporate Low Date Discovered: 21/09/2012 Date Added: 21/09/2012 Origin: Unknown Length: varies Type: Virus Subtype: Worm DAT Required: 6568 Removal Instructions
Use current engine and DAT files for detection and removal.
Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).
This is what McAfee say about it. I am slightly different in so much the http is http not hxx and the is no [removed]
All antivirus companies charge for professional virus removal, so don't be shocked by that. McAfee has a similar service. No antivirus is guaranteed and often with infections that are already known, new variants may appear which aren't known, It's a constant uphill battle, but wise surfing and keeping ones system totally up to date, especially all the browsers, and their add-ons including Java, helps a lot. Plus I find it's useful to keep around one or two extra anti-malware applications.
The last link in my signature has some suggestions.
It seems that Mcafee detects it and can fix it, according to that Virus Profile document. The McAfee DAT version changes often : we're well past 6568 now, and the latest one should still deal with this worm unless it's significantly changed (in which case it will have a different identifier).
I looked to see if the free Stinger download tool would be appropriate, but that only deals with a subset of infections and this one isn't in the list.
The "hxxp" in the McAfee document is an example of obfuscation. It's so you don't end up with a clickable link to anywhere suspect.
If McAfee does clear this you should look to see where it's come from so you don't get re-infected. USB drives and peer-to-peer connections are two of the main culprits.