ORKUT IS BANNED YOU FOOL! i DONT HATE MOZILLA EITHER

I was asked by my friend that he is the only user in his computer, his account is having administrative rights, but he is not able to open Orkut, and it says Orkut is banned. Another friend had told that he is not able to use Mozilla Firefox and it asks him to use Internet Explorer. I just told it must be some virus, but really didn't care much about that. But none of the antivirus software could detect or remove this malware. So as any good guy would suggest, I told him to get a virus scan done and even a scan for spy wares!

My friend had given me a pen drive. I remembered it while browsing net on Firefox. When I put that in my PC and double clicked, it didn't open. I knew at once: I had activated a virus. But I didn't have any idea about the kind of virus that might have come to my PC, until I switched back to Firefox. Normally, I deal with such viruses like this: I show all the hidden files and folders then manually and permanently delete the entries which bother me.. Take out the pendrive and then scan it agian!! But this time it didnt work! So now when I wanted to browse the net immediately a message box was displayed: I DNT HATE MOZILLA BUT USE IE OR ELSE... with title as USE INTERNET EXPLORER U DOPE. I just remembered the experiences of my friends. I tried to locate the virus by running the Task Manager. But there were no suspicious entries there. I had to bow the owner of the virus. I used Internet Explorer to search about it. The first entry in Google took me to the Mozilla Forum page, and after going through some pages, I came to know that the same virus also displayed another message when you opened Orkut.

Orkut is banned you fool, The administrators didnt write this program guess who did?? MUHAHAHA!!
with title ORKUT IS BANNED.
Well, a similar message was displayed for YouTube also. So I went through all the posts, and finally found a solution on the web!!


  1. Press CTRL+ALT+DEL and go to the processes tab
  2. Look for svchost.exe under the image name. There will be many but look for the ones which have your username under the username. There will be many which have system, local service, and network service mentioned!
  3. Press DEL to kill these files. It will give you a warning, Press Yes
  4. Repeat for more svchost.exe files with your username and repeat.
  5. Now open My Computer
  6. In the address bar, type C:\heap41a and press enter. It is a hidden folder, and is not visible by default.
  7. Delete all the files here. Preferably se Shift + Delete
  8. Now go to Start --> Run and type Regedit
  9. Go to the menu Edit --> Find
  10. Type "heap41a" here and press enter. You will get something like this "[winlogon] C:\heap41a\svchost.exe C:\heap(some number)\std.txt"
  11. Select that and Press DEL. It will ask "Are you sure you want to delete this value?", click Yes
  12. Now close the registry editor.
It seems that they have named this malware as w32.USBWorm and according my friend, Avast is able to detect and remove it. I hope the other antivirus software will also be able to remove it soon.

.
.

Alec Smart said: "Orkut is banned you fool, I wonder why"
Mamoon: "Hey the virus uses facebook himself Alex"
comments