Tuesday, August 14, 2007

How to fix 'Orkut is banned Virus' ??

This is a virus which mainly comes from pen drives.
Which you type www.orkut.com in address bar of browser gives the message!!

"Orkut is banned you fool, The administrators didnt write this program guess who did?? MUHAHAHA!!" with title ORKUT IS BANNED.

To Remove this virus follow these steps.

1. Press CTRL+ALT+DEL and go to the processes tab

2. Look for svchost.exe under the image name. There will be many but look for the ones which have your username under the username

3. Press DEL to kill these processes. It will give you a warning, Press Yes

4. Repeat for more svchost.exe files with your username and repeat. Do not kill svchost.exe with system, local service or network service!

5. Now open My Computer

6. In the address bar, type C:\heap41a and press enter. It is a hidden folder, and is not visible by default.

7. Delete all the files here

9. Now go to Start --> Run and type Regedit

10. Go to the menu Edit --> Find

11. Type "heap41a" here and press enter. You will get something like this "[winlogon] C:\heap41a\svchost.exe C:\heap(some number)\std.txt"

12. Select that and Press DEL. It will ask "Are you sure you wanna delete this value", click Yes

13. Now close the registry editor.

Now the virus is gone. But be sure to delete the autorun.inf file and any folder whose name ends with .exe in the pen drive.

Some reported that after this fix they were not able to see their Hidden folders and files if you have that issue try the folowing

1. Go to REGEDIT


3. set the DWORD "NoFolderOptions" to 0 or just delete it..

