When you are trying to open orkut on your PC , Is it giving you a popup message " Orkut is banned you fool , the administrators didn’t write the program .. guess who ?? Muhahahah … " . Irritated by this ?? Some of my reader has got this problem and he sent me a message asking for help . Here is the solution :
About the virus :
The name of the virus is W32/AHKHeap , It basically creates a folder with the name heap41a in C drive that will be disguised as system folder with hidden attributes enabled and copies all its contents in that heap41a folder.The running process that is responsible for this is svchost.exe and it will be spawned under user name.The virus will even make a entry into your registry so that it can run every time the system is started . This spreads mostly through pen drives .
How to get Rid of this :
Most of the anti-virus leave this virus unnoticed. I personally tried 3-4 anti-virus on this. None of them detected it. So you have to remove it manually .
-
Go to your task manager by pressing ctrl + alt + del .In that go to processes tab.
-
In that look for svchost.exe . You might find more than one of them . In that look for those who have user name as your login name of computer and end those processes .
-
Now open My Computer In the address bar, type C:\heap41a and hit enter. It is a hidden folder, and is not visible by default.Delete all the files in this folder .
-
Now go to Start –> Run and type Regedit , Go to the menu Edit –> FindType “heap41a” here and press enter. You will get something like this “[winlogon] C:\heap41a\svchost.exe C:\heap(some number)\std.txt” Select that and Press DEL. It will ask “Are you sure you want to delete this value”, click Yes. Now close the registry editor and you are done .
Note:
Before inserting any kind of pen drive in your computer , just delete the autorun.inf file in it and delete any .exe files that exist in it .
OH, finally figured out why minecraft hasn’t been working for me and why all my worlds got deleted… STUPID ANTI-VIRUS YOU SLUT
thanks
@aditya
Many people faced this problem. It is one famous virus.
Well, this message appears on pretty much every computer in my college. I always though it was the network admin who disabled this. Thanks for the info. Useful article.