HOW TO Security

“Orkut is banned” Virus removal tool

This is one of the oldest and widespread virus. One of the most annoying viruses still slowly spreading through USB devices, it won’t let u open Orkut or Youtube. Browser will close in secs with an annoying message like this – “Orkut is banned you fool, The administrators didnt write this program guess who did?? MUHAHAHA!!”. This worm spreads through mainly removable drives (eg. Thumbdrive, flashdrive, external HDD, mp3 players) and it Installs itself in the Registry, Leaving non-infected files on computer. Now you don’t have to waste hours manually trying to fix this messing with your registry, deleting infected files from hidden folder, etc…. Here is a one step solution for removing this virus from your system.

About the virus :
The name of the virus is W32/AHKHeap , It basically creates a folder with the name heap41a in C:drive that will be disguised as system folder with hidden attributes enabled and copies all its contents in that heap41a folder. The running process that is responsible for this is svchost.exe and it will be spawned under user name.The virus will even make a entry into your registry so that it can run every time the system is started.
The following files are created by the virus  W32/AHKHeap:
<Temp>\MicrosoftPowerPoint\2.mp3 – can be safely removed
<Temp>\MicrosoftPowerPoint\drivelist.t… – can be safely removed
<Temp>\MicrosoftPowerPoint\Icon.ico – can be safely removed
<Temp>\MicrosoftPowerPoint\Install.txt – detected as W32/AHKHeap-A
<Temp>\MicrosoftPowerPoint\pathlist.tx… – can be safely removed
<Temp>\MicrosoftPowerPoint\svchost.exe – can be safely removed
C:\heap41a\2.mp3 – can be safely removed
C:\heap41a\drivelist.txt – can be safely removed
C:\heap41a\Icon.ico – can be safely removed
C:\heap41a\reproduce.txt – detected as W32/AHKHeap-A
C:\heap41a\script1.txt – detected as W32/AHKHeap-A
C:\heap41a\std.txt – detected as W32/AHKHeap-A
C:\heap41a\svchost.exe – can be safely removed
C:\heap41a\offspring\autorun.inf – detected as W32/AHKHeap-A
Removing this virus manually might take time and frustrating so here is the simplest way to remove the virus with just One Click.  I came across this patch on a site called www.sarathlakshman.info a quick and easy solution for the mess.
Just download this 213KB patch, click “REMOVE”, Restart PC and you are done. No more Funny messages or web browser crash.
Download the patch here
Precaution:
Before Opening any kind of pen drive on your pc delete the  autorun.inf file in it and delete any .exe files that exist in it through DOS

About the author

Vikram

Vikram is a Digital Media Strategy Consultant who helps small business owners grow their
business. He is passionate about blogging, digital marketing, and emerging technologies.

1 Comment

Click here to post a comment

Categories