Posted on June 30, 2007 - by Sarath
0rkut blocking Worm Removal tool /Fix
It was fun with a windows worm named Heap41a / win32.USBworm. I hadn’t been to M$ Windows for a couple of months. When I was surfing through web, I happended to hear about an interesting worm that affects orkut.com, Mozilla fireox and youtube.com 
. I responded to this piece of news as oh..poor handicapped M$ windows !.
After two or three days one of my friends, Sidharth rang me and told that he was affected by a virus. He explained its features. It blocks orkut.com, youtube.com and mozilla fireox. It gives the message :
“Orkut IS BANNED, orkut is banned you fool The administrators didnt write this program guess who did?? r r MUHAHAHA!! “
Even though I’m a M$ Windows hater, I thought of fixing it for him since I’m always interested in this sort of hacking. I went through the web and learned about the worm.
It spreads through USB pendrives and removable storage devices. I found that there wasn’t any free fixing tool avaliable for remove the worm. There were some manual removal instructions.
Lets see what this worm does
It runs a exe file which is name MicrosoftPowerpoint.exe which is located in the USB disk. The autorun.inf runs this file when double clicked. Once this program is run you are infected. It hides all your hidden folders, runs the process in the memory, makes the worm to start with windows and pops those annoying messages. This worm doesn’t destroy any system files. It just infects other USB drives and spreads to new hosts.
Non-avaliability of a free removal tool urged me to write one of my own.
Before I write a fix I wanted to make my machine infected of the worm. and hence i was in need for the worm. I instructed sidharth to make zipped copy of the worm and he mailed to me. Cheers !
**********************************************************************************
Here is the fix for Orkut, Youtube, Fireox Blocker (Heap41a / win32.USBWorm)
This tool can be used to remove the Blocker worm as well as prevent the Worm further to get infected on the same machine.
Usage Instructions:
1) Download the fix and run on infected machine.
2) It will ask for a re login.
3) After logging again run the fix again. The worm will be removed succesully.
4) Log to www.sarathlakshman.com and comment here 
UPDATE: Here is an update howto remove worm from pen drive.
1. Remove the file autorun.inf
2. Re-insert the pendrive.
3. Format it
There is only a permanent method to avoid all sort of worms / viruses. -> Use Gnu/Linux operating system and rock your desktop !
116 Comments
We'd love to hear yours!
Leave a Comment
Here's your chance to speak.
My Book
Follow
Random Photos
Solve real-world shell scripting problems with over 110 simple but incredibly effective recipes.
Visit My Website
July 3, 2007
Permalink
Hello sarath!
Good to see ur Worm removal tool here
But I think the game is not over yet.
I got this worm in my Pc via USB Drive.
I scanned my computer with AVG Antivirus(it found nothing)
I scanned my computer with Spy Subtract(it also found nothing)
Then,I found on the internet a way to remove it from Pc.
Acc to it, just find the folder “C:\Heap1a” and delete it.
I did that using Hijack This.
It removed and PC was fine.
But inspite of removal from Pc,it stays in my Pen Drive.
I used tool provided by you also.But it just gave a message that the worm is removed but didnt remove it from the pen drive.
then i scanned PC with Norton Antivirus 2005 (It found it,but failed to delete it)
It says:
The compressed file Install.txt within H:\MicrosoftPowerPoint.exe is infected with the Trojan Horse virus
(H: drive is Pen Drive)
Please tell a way to get it removed from the pen drive also
Thanks
Ashish
mail: ashishaggarwal007@yahoo.com
Visit My Website
July 3, 2007
Permalink
Hello sarath!
Good to see ur Worm removal tool here
But I think the game is not over yet.
I got this worm in my Pc via USB Drive.
I scanned my computer with AVG Antivirus(it found nothing)
I scanned my computer with Spy Subtract(it also found nothing)
Then,I found on the internet a way to remove it from Pc.
Acc to it, just find the folder “C:\Heap1a” and delete it.
I did that using Hijack This.
It removed and PC was fine.
But inspite of removal from Pc,it stays in my Pen Drive.
I used tool provided by you also.But it just gave a message that the worm is removed but didnt remove it from the pen drive.
then i scanned PC with Norton Antivirus 2005 (It found it,but failed to delete it)
It says:
The compressed file Install.txt within H:\MicrosoftPowerPoint.exe is infected with the Trojan Horse virus
(H: drive is Pen Drive)
Please tell a way to get it removed from the pen drive also
Thanks
Ashish
mail: ashishaggarwal007@yahoo.com
Just want to make sure that u got the message
Visit My Website
July 6, 2007
Permalink
Hi ashish,
To remove it from USB drive.. just manually remove autorun.inf from your pendrive.
OK. I would add a feature soon to do that in my fix.
Visit My Website
July 6, 2007
Permalink
Dear Sarath,
Really you have done a great job by finding orkut worm killer. Thanks a lot. Keep up the good work.
Best regaards,
Anil.
Visit My Website
July 11, 2007
Permalink
Hey Sharath,
thanks a lot. This is pretty cool. The guy who had a bit of fun devicing this sinister play must be grwoling at you. I really don’t know how i got this into my system. May be through a flash drive. Pls let me know if i can use the flash drive in my system without infecting it again? Can i have an aswer from you?
regards
Ramesh
Visit My Website
July 13, 2007
Permalink
Not able to find autorun.inf in the removal storage. but when right click it show the option for ‘autorun’ if i again click on this it will replicate.
please tell me what to do? for removing from the external storage (USB Stick)
Regards
VPK
Visit My Website
July 13, 2007
Permalink
Hi Sarath,
Thanx a lot for ur but…but still I am facing one problem…I can access my yahoo mail on mozilla but I cannot see the contents of the mail…however when I open yahoo mail on IE, I am easily able to all the mail content…the problem is occuring only when I access yahoo mail on mozilla…do u have any solution to it?
Help will be highly appriciated
Visit My Website
July 14, 2007
Permalink
it works well after running the tool. thanks, satish
Visit My Website
July 16, 2007
Permalink
You’ve done a gr8 job. thanx.
Visit My Website
July 16, 2007
Permalink
hi yaar
i dont know u but u r a great technician i must say
i just got the worm from the pen drive of my friend
and was feeling helpless…..
i made a search on google and den i found you..
i am doing engg. from rajasthan univ. in alwar
in INFORMATION TECH.
so sup….if u r in orkut i would like to add u as my friend
so do let me know on my email
thanx a lot u did a great job.
Visit My Website
July 17, 2007
Permalink
Hi Sarath:
Thx for your web service giving the possible solution to fix up the bug. It was a pain in neck while operating Mozilla….
U do diserve a lot of thanks and credit….
Regards,
Sap
Visit My Website
July 20, 2007
Permalink
hi i got the solution .. how to remove from usb also…
Visit My Website
July 20, 2007
Permalink
Hi sarath,
Gr8 job……saved me!!! I have same funny pop-ups when i used mozilla ………is there any fix for that….
Thanks in Advance!!!
Visit My Website
August 11, 2007
Permalink
Hi Sarath! thanks for the tool… But please help me to get rid of it from my pen drive… Its an Intex drive if that helps….
Visit My Website
August 12, 2007
Permalink
I killed the worms but yet i cant browse Youtube. Any solution?
Visit My Website
August 12, 2007
Permalink
thanks man… thanks a lot for this ..
another favour,my friend has hacked my orkut account,i have challenged him tat i will get my account back by account.. pls help me..
Visit My Website
August 15, 2007
Permalink
Hello Sarath!!!
I´m from Brazil. Thanks for you.
You does a good job. You are the best.
Visit My Website
August 17, 2007
Permalink
hello,
last night da same virus infected my laptop.i open process explorer n i found to unknow file svchost.exe thn i got da location heap41a but it was hidden n cant open da folder.thn i hav searched for that folder with include hidden & system file thn i got heap41a folder and same way i searched in my pen drive i removed autorun.inf search for all files n pen drive n i removed microsoftpowerpoint.exe n my pendrive has been healed from tat virus. n need to format da pen drive haaan.
electronic projects
Visit My Website
August 18, 2007
Permalink
Hi, thanks fgor the advice.
i removed from my system and pen drive and mobile removable disk.
thanks
Visit My Website
August 23, 2007
Permalink
hiii……thanx a lot for this removal tool…
our entire lab is infected by this.
thanx again.
Visit My Website
August 23, 2007
Permalink
Hey Sarath,
Amazing Work…
Cheers to you
Visit My Website
August 24, 2007
Permalink
Dear Sarath….
pls help me..i cant file the autorun.inf anywhere…
pls anyone…i really appreciated ur help
Visit My Website
August 24, 2007
Permalink
Dude u r genius unlike others and u understand .
Thats I will communicate with only u.
For those nopt able to delete inf from Pendrives, format the drives.
Now sharath, tell me whether u took into account the scripts it adds to registry
u will find the scrips in the C:\heap41a folder that can be manually accesd by typing in the address bar.
Now tell me whether ur tool restors the default values in reg.
Also the virus runs under a process called svchost.exe that is not system but u cannot distinguish it as u can not see names in process manager
So u need Hijack this
So ur tool must be ending the processes MSpowerpoint and svchost
Now a copy of the autorun.inf is placed in all the folders we navigate and the script is therefore loaded again and again as we open any folder so therefore reguistry is not resored
This causes:
-to run the virus propcess again as windows starts even if we disable
-to add the malicious keys to be added again in registry even if expert like me deletes them by finding the values in MUI cache and Heap and powerpoint name sttrings
Visit My Website
August 24, 2007
Permalink
Hi Sarath,
You have done a spendid job on the orkut Virus. It worked just fine on my systeme and pen drive. Like they say in that Coke ad… Thoosi great ho..
Keep the good work up and may you tribe multiply.
Thanks and God Bless.
Visit My Website
August 26, 2007
Permalink
sorry again..
is it really working for pendrive when all i need to do is just format it?
because i couldn’t find any autorun.inf in my pendrive.
thanks
Visit My Website
August 27, 2007
Permalink
Hi,
you have done a great job………..thanx for all the help
Visit My Website
August 30, 2007
Permalink
Hi ,
Your program is very seccessfull to remove the virus and very thanks to do this job. Wishing you a great future.
I am from Dubai and working here as computer hardware engineer.
Visit My Website
August 31, 2007
Permalink
hi man
Now here is the serious problem. “orkut is banned”
and more over my taskmanager also banned. when i open task manager it says “task manager has been disabled by your administrator”. and i used your orkut worm fix tool before it worked first but task manager was accessible . Now your tool just shows that ” worm has been removed” but no the same problem still accurs.. please find a solution..
(sorry about my english, its not that good)
thanks
Visit My Website
September 1, 2007
Permalink
Hi!
I had the same nagging virus and I used your fix. It has actually fixed the goddamned thing. Thanks a lot.
But now I have another problem. Whenever I double click on my pen drive in My Computer, it says “Access Denied”.
On scanning with Kaspersky I found a little something called “autorun.inf” which is not present on my friend’s healthy pen drive. I am in a fix. I have formatted my pen drive N number of times and it keeps coming back. Probably, the computer is infected. What do I do? Please help….
Thanks
Visit My Website
September 2, 2007
Permalink
Hi Sarath,
Had a prob with AHKHeap. Removed from PC, could not remove from pen drive. Did not even show up in explorer. Ran the CMD command in Start=>RUN, and dir too did not show the file. Tried dir/AH, saw the damned microsoftPowerPoint.exe!
Tried deleting it, nothing worked.
Finally, I went to e: (in dos) and did the following;
ATTRIB -a -h -r -s MicrosoftPowerPoint.exe
It seems to work.
Visit My Website
September 3, 2007
Permalink
HI Sarath thnks a lot i got it fixed
Visit My Website
September 3, 2007
Permalink
Hi,
Working good but not in all the time. First time i scanned it was deleted and next time its showing the same virus is infected. Do something for complete fixing.
Visit My Website
September 6, 2007
Permalink
This is awesome. Thanks a lot!!
One problem though. This worm also disabled my Task Manager. Also the “Folder Options” icon in the control panel is removed. Anyway to restore these?
Visit My Website
September 8, 2007
Permalink
Hi i got this virus microsoftpowerpoint.exe in my Pc and my Kingston pendrive, it has slowed my pen drive and everything i copy in it gets corrupted and several folder are automatically created with same name similar to 0000.00.
what should i do to clean the pen drive and the PC.
Visit My Website
September 9, 2007
Permalink
[...] Do the steps look creepy for you to try? Ok, here’s another solution made by sarathlakshman. Download this file, unzip it, run the program and press the remove button. Done! [...]
Visit My Website
September 10, 2007
Permalink
u r da man !!!!!
usb worm has been killed !!
t q v m !!
Visit My Website
September 10, 2007
Permalink
thanks..a lot i had removed..that worm by ur tool..
and also i found that power point folder ..that was hidden..i had seen .that in that..its coding was also thr..with a svchost file..
i deleted that..and get free frm that…..
thanks…..once again
Visit My Website
September 11, 2007
Permalink
tHANX A LOT MANNNNNNN………..U R A REAL GOOD MAN
I WOULD LIK 2 B U R FRND…..PLZ CONTACT ME @
nirmalms_007@yahoo.com or visit this Orkut page
http://www.orkut.com/Profile.aspx?uid=16962346226749797173
Visit My Website
September 11, 2007
Permalink
Types Of Computer Viruses
I couldn’t understand some parts of this article, but it sounds interesting
Visit My Website
September 12, 2007
Permalink
The Ashish’s tip at the top and your tool are just fine. I kicked that lame ass virus out of my pc and pen-drive.
Thanks !
Visit My Website
September 13, 2007
Permalink
Dear,
Sarath, Thanks a lot….
“YOU” donot know what you have done for me .
I am suffering from this problem since 2 month.
At last i find your fix. And if works. Thanks Thanks..
Visit My Website
September 17, 2007
Permalink
Thanks a ton mate…cheers to u….
Visit My Website
September 19, 2007
Permalink
Computer Security Tips
I couldn’t understand some parts of this article, but it sounds interesting
Visit My Website
September 23, 2007
Permalink
Hi,
I am unable to dlete autorun.inf from my pen drive. Tried ‘del’ through command prompt also. But still did not work. I have formatted the PEN Drive. But the file remains. Can you suggest me what to do ?
Ganesh
Visit My Website
September 23, 2007
Permalink
HI,
In my system it is the problem showing always on right side of the tool bar……. suggest me..
; IMPORTANT INFO ABOUT GETTING STARTED: Lines that start with a
; semicolon, such as this one, are comments. They are not executed.
; This script has a special filename and path because it is automatically
; launched when you run the program directly. Also, any text file whose
; name ends in .ahk is associated with the program, which means that it
; can be launched simply by double-clicking it. You can have as many .ahk
; files as you want, located in any folder. You can also run more than
; one ahk file simultaneously and each will get its own tray icon.
; Please read the QUICK-START TUTORIAL near the top of the help file.
; It explains how to perform common automation tasks such as sending
; keystrokes and mouse clicks. It also explains how to use hotkeys.
; SAMPLE HOTKEYS: Below are two sample hotkeys. The first is Win+Z and it
; launches a web site in the default browser. The second is Control+Alt+N
; and it launches a new Notepad window (or activates an existing one). To
; try out these hotkeys, run AutoHotkey again, which will load this file.
#z::Run http://www.autohotkey.com
^!n::
IfWinExist Untitled – Notepad
WinActivate
else
Run Notepad
return
; Note: From now on whenever you run AutoHotkey directly, this script
; will be loaded. So feel free to customize it to suit your needs.
…………………………………………………….
title of the page:C:/heap41a\script1.txt – autokey v1.0.46.08
Script lines most recently executed (oldest first). Press [F5] to refresh. The seconds elapsed between a line and the one after it is in parentheses to the right (if not 0). The bottommost line’s elapsed time is the number of seconds since it executed.
020: Return (8.73)
Press [F5] to refresh.
Visit My Website
September 24, 2007
Permalink
Hi,
after i have tried every antivirus as a remedy for this worm,
i have just come to know about u form my friend, i downloaded ur file and the problem in my system has gone.
Thanx a lot for your great effort.
Visit My Website
September 25, 2007
Permalink
Anti Virus Software
I couldn’t understand some parts of this article, but it sounds interesting
Visit My Website
September 25, 2007
Permalink
Its a safe practice to press and hold the Shift button before inserting any usb drives to avoid the autorun feature from being activated. For newbies, hold the shift button until any LED lights on the usb drive stops flashing. Then open My Computer and right click your drive which should be the last alphabet anyway. Use the open menu and check for any auto.inf files (it might be hidden)and delete it. Mind you, these files if any, have no business in the USB drive in the first place!
Visit My Website
October 1, 2007
Permalink
Hi
sharath
How to orkut ban?
suresh
Visit My Website
October 3, 2007
Permalink
hey man.. thanks for the tool.. anyway, what happens when my pc shuts down automaticly?? like in the middle of something, it just shuts down… no warning, no countdown nothing.. need help.. mail me please..
Visit My Website
October 4, 2007
Permalink
sharath,
Wow,
what a man !
what a man !!
what a man !!!
u r . It helped me.
Thanks & Great Work
Keep Doing !
Visit My Website
October 5, 2007
Permalink
sarath, thanks!
you did a great job.
congratulations.
Visit My Website
October 6, 2007
Permalink
Hi, How r u?
Can you send some useful links to me…
Can you send me some public proxy ip address & the port no.
thx
Akbar
Visit My Website
October 6, 2007
Permalink
Sarath,
I have tried it,but the problem has not solved.Please reply me.My ID is sobhan_klnv@yahoo.com
Visit My Website
October 7, 2007
Permalink
Hi,
u really are intelligent maN
solved the problem which was bugging me .
I even was going for a format.
Thanx for the soln
Best of luck
Visit My Website
October 9, 2007
Permalink
hiya.. does any one know how to stop this worm from entering the system in the first place…
‘Coz it gets very annoying to do the rigma roll each and every time..and am a frequent user of my pen drive.
Visit My Website
October 9, 2007
Permalink
Thanks for the solution. Keep up the good work!
Visit My Website
October 12, 2007
Permalink
Computer Network Security
I couldn’t understand some parts of this article, but it sounds interesting
Visit My Website
October 13, 2007
Permalink
the file is removed????
link is dead…pls give a proper link
Visit My Website
October 18, 2007
Permalink
Hi Sarath,
I m glad that i can get into orkut due to your solution. My pendrive got this file autorun.inf
from my friend’s laptop and is removed now but, created such a problem. Thanks man for such a help. Cheers!:)
Visit My Website
October 18, 2007
Permalink
Virus Removal and Computer Security
Sorry, it just sounds like a crazy idea for me
Visit My Website
October 25, 2007
Permalink
amazing thing!
thank you soo much!!
m now back to orkutting!
cheers!
and hehe, take a bow
Visit My Website
October 31, 2007
Permalink
hello
i downloaded the worm-fix.exe, but after clicking the remove button some relogging window came, but to see more instruction i canceled the operation, but when pressed the remove button, its saying removed sucessfully but a run time
60 , and current thread will exit message is comming, plz lnform me hw to fix the problem?
achintya
Visit My Website
November 2, 2007
Permalink
HI brother
Dats really great job. U have done……..
Thanks a lot.
Keep it UP!!!! for da shake of Orkut user..and computer lerner’s
pla can u send me da programming of dat tool u made I’ll be thankful for dat..
Visit My Website
November 4, 2007
Permalink
Hi,
Great work brother!! none of the big named companies have left the removal tool for this.
Good Job
Visit My Website
November 5, 2007
Permalink
sarath,
Thanks a lot.
USB worm has been killed !!
Keep doing your hard job.
But there R many……… to request you
Visit My Website
November 8, 2007
Permalink
Your’re a life saver buddy .. i did the virus removing manually but your software did it faster and it kinda confirmed the virus was gone .. Thanxz
I like your work
tc
Visit My Website
November 13, 2007
Permalink
hai sarath
i have only one word to say ” Kidilan” great job man
Visit My Website
November 13, 2007
Permalink
hello sarath
I had a problem with my memory stick. Somehow it had a folder MUSIC which was not copied by me but it is shown in the Stick. When I attempt to delete it is coming again and again. I identified that it is a AUTORUN.inf file. I am unable to use this stick now. Pls pass a solution to my mail ID.
regards
shankar sb
Visit My Website
November 24, 2007
Permalink
Cheap Custom Built Computers
I couldn’t understand some parts of this article, but it sounds interesting
Visit My Website
December 4, 2007
Permalink
Hi Sarath,
Good tool, I tried deleting this heap41a from safe mode and from reovery console, but still i had access denied, i was just curious, to if you had deleted the folder with system account, as the svchost.exe would not get deleted or is it the folder thats, that’s not allowing to get access.
I was also intrested in know which open soruce is best for home use to browse internet?
your help is appreciated,
Thanks
Sudhir.
Visit My Website
December 5, 2007
Permalink
hi
well u’ve done a great job but m still having problem opening my pendrive…when ever i right click on h:icon it prompts……..”this drive is not accessble or is unreadable”
Plz help
n plz tell me if i cn use the pen drive again
Visit My Website
December 6, 2007
Permalink
Free Software Downloads
I couldn’t understand some parts of this article, but it sounds interesting
Visit My Website
December 7, 2007
Permalink
Cheap and Free Computer Software
Sorry, it just sounds like a crazy idea for me
Visit My Website
December 7, 2007
Permalink
Sarath,
Great removal tool. One thing, if you could integrate into the tool, would be to clean out the user’s temporary file folder. I have seen this worm settle in there and, after a cleaning, re-emerge because it was caught in the Temp folder. Just a suggestion if it’s not that difficult. Again, thanks for the tool!
Visit My Website
December 18, 2007
Permalink
Thanks Sarath. Great fix.
Visit My Website
December 29, 2007
Permalink
thanx dear
Visit My Website
January 4, 2008
Permalink
HEY HOW THE THE HELL DID YU DESIGN THIS SOFTWARE, IS IT YOU WHO DEVELOPED THIS FCKING VIRUS DON’T LIE. NON OF THE BIG ANTI VIRUS APPLICATION DOES NOT DETECT THIS AND YOU DEVELOPED THE REMOVER
Visit My Website
January 8, 2008
Permalink
Tom,
Nice useless, defamatory post. You should post that on Symantec and McAfee.
The “big antivirus applications” do feeble attempts to clean/protect computers anyhow. I can’t tell you how many computers I see in the shop I work in that come in with Norton, McAfee, F-Secure, etc. that are badly infected with malware. Besides, those “big companies” don’t exactly scan for less destructive forms of malware or detect their signatures. They’re looking more for stronger, destructive virus signatures.
While this is classified as a “worm”, truly, IMHO, it’s not. It’s a self-replicating piece of malware, so while, technically, it *IS* a virus by its very definition, it’s relatively harmless, rather an annoyance kind of along the lines of the old W97 Marker worms that used macros to infect Office 97 documents way back when.
Visit My Website
January 14, 2008
Permalink
Hello sarath
Thanks so much for this tool
Works VERY Well on my infected machines
Visit My Website
January 15, 2008
Permalink
Done.
Congrat sarath
threat is over for the time being.
thank you
Visit My Website
February 4, 2008
Permalink
Hello Sarath
Thanks a lot!
I’m so glad your tool helped me to get rid of it!
Visit My Website
February 5, 2008
Permalink
Greetings Sarath,
I need help to get rid of “Hacked by Moozilla” Virus.
I you have a cure for it. Thank You.
Visit My Website
February 14, 2008
Permalink
sir,
this is amazing tool, i cannect exect before using this
Visit My Website
February 27, 2008
Permalink
Thanks a lot, seems to have helped me too!
Visit My Website
March 15, 2008
Permalink
My daughter came home with her Laptop infected by that worm which blocks access to Orkut. First I tried installing Firefox. That worm would not allow me do that. Then I saw mention of your Worm-fix. I downloaded it and now it works fine. Many thanks.
The other thing that the worm (or maybe some other virus) has done to her Laptop is that Ctrl+Alt+Del, Task Manager, Regedit etc all has been disabled. Trying to find a solution that now.
Thanks again.
Visit My Website
March 23, 2008
Permalink
dear sarath,
first thing first…a BIG thank you for creating this fix that let me surf orkut again on my system … i had not been able to open orkut since last two months…and today i bumped into ur blog and it helped me…..
i endorse ur open source movement….and embracing Linux would be great thing…..
Visit My Website
March 30, 2008
Permalink
i successfully removed the heap41a virus, but still i am not able to see the hidden files. i want a permanent solution for this, how to see the hidden files, can u help me
ur help will be highly appriciated
regards
Ramesh
Visit My Website
April 9, 2008
Permalink
hey. i opened the removal tool n it clicked on remove.it says worm removed successfully, but i still find the same thing happening when i try to open orkut or youtube.
Visit My Website
April 9, 2008
Permalink
thanx a ton pal!! great job done!! keep it up.
Visit My Website
April 10, 2008
Permalink
hi sarath !
i tried the worm fixer , but its not working . i am not able to open orkut .wheever i try the orkut.com ; there comes orkut.com/block.aspx n the page closes.
even i click on the link from gmail the page opens n closes in fraction of second.
pl. help
regards
amit
Visit My Website
April 15, 2008
Permalink
Hi Sarath,
Tired your fix….worked just fine.
Visit My Website
April 17, 2008
Permalink
thanks
for the removal tool
around 10 people are infected by this virus in our colony
Visit My Website
April 21, 2008
Permalink
Thanks a lot for the tool man!
Usually I won’t need it (I don’t use Windows, and can do it without a tool anyway), but today it helped me (remotely) remove virus from my friend’s computer.
Visit My Website
April 26, 2008
Permalink
Dear sarath u r great very help full for me many cousetemer were asking this problem but now i fixed they r fully satisfied u did a great job thanks a lot friend
Visit My Website
May 13, 2008
Permalink
Dear Friend am having the same orkut virus prob in my pc.i searched the net and tried to remove the worm.but i could not open the task manager.then i tried a method to open task manger(goin to application templates,system,ctl+alt+dtl and disable the remove tsk mgr/) still task manager is nt opening for me…so i type c:/heap41a in run and was able to delete all files includin mp3 vrythn excep svchost.exe
n in some sites its written to open run n type regedit but that is also nt wokrin in my case as it is nt opening for mr.now the worm is still there without muhahah voice n withou virus code.but nobody has told a case of task mangr disabled after doin the method n my regedit alo disabled?am really tensd…as there is no net connection to ma pc .so i cnt download ny antivirus also.please gimme a good solution..
Visit My Website
May 20, 2008
Permalink
How to remove this type of virose
Script lines most recently executed (oldest first). Press [F5] to refresh. The seconds elapsed between a line and the one after it is in parentheses to the right (if not 0). The bottommost line’s elapsed time is the number of seconds since it executed.
020: Return (45752.47)
Press [F5] to refresh.
Visit My Website
May 24, 2008
Permalink
Thank you Mr. Sarath . I am an I.T. student form Kolkata. I thought that I could get a lot more information and help on getting around with such other virus attacks and on how to code such programs . I need ur help and hope that u will help me definitely … waiting for ur reply !
Visit My Website
May 26, 2008
Permalink
hi sarath
the tool you designed is great. but i don’t know how to clean my pendrive(transcend jetflash v30 512mb).
Please tell me how
thanx,
Abhi
Visit My Website
June 8, 2008
Permalink
Internet Security
If your looking for even more information on PC security then I would head over here as they have plenty of stuff on identity theft, antivirus software etc.
Visit My Website
July 27, 2008
Permalink
Hi Sharat,
Great Work yaar..
Congrats…
Visit My Website
August 5, 2008
Permalink
Good job.
Thank you very much
Visit My Website
August 15, 2008
Permalink
i tried this tool. it gave the message “virus removed succesfully. thank you”. but when i tried to open orkut i found that the worm was still there!!!!!!! please help me urgently!11111111
Visit My Website
August 29, 2008
Permalink
grat work dude…..keep d great work goin…thanx
Visit My Website
September 19, 2008
Permalink
Just wanted to say hellol
Visit My Website
September 20, 2008
Permalink
hi saarthak,
how does it works yaar?
pls send some thing extra
Visit My Website
September 26, 2008
Permalink
hey sarath lakshman, thanx lot buddy. it is excellent. i thought i would have 2 format my pc but u saved my time. thanks once agin. too good. Keep it up.
Visit My Website
October 9, 2008
Permalink
Hi,
Thanks a lot man. This is so effective.
Great work.
Visit My Website
October 18, 2008
Permalink
Hey sarath
thanx alot, but dude i cant get a way to remove it from the pendrive
just let me know how to do it
Visit My Website
October 18, 2008
Permalink
Hi sarath, i think a newer orkut blocking worm is there… my friends pc was infected with that n cant remove with ur software..can u pls help me…
Visit My Website
October 30, 2008
Permalink
thank you
Visit My Website
November 1, 2008
Permalink
hi sarath the removal tool works well, thanks for the effect
gr888
Visit My Website
January 4, 2009
Permalink
hi frnd ,
i have some probs in opening the hotmail website. well it is happening since 3 days it says error on page . and 2 nd probs is that there is some virus named newfolder its size is 602 kb , i tried to delete it but doesnt get deleted it is also present in my pendrive ,i tried deleting it but no chance . plz guide me frnd.
Visit My Website
September 19, 2009
Permalink
Congrats, from where could i get its source code ?
Visit My Website
November 12, 2009
Permalink
There is only a permanent method to avoid all sort of worms / viruses. -> Use Gnu/Linux operating system and rock your desktop !
No just login to Windows as limited user not as admin. In Windows, default account type is Admin. In Linux, it’s user without root access. Iy you login as limited user, you can save your system from affecting most of the viruses. I think the author also know it. So please don’t blog such wrong comments. Thease days, the no of linux viruses are growing. Just google for more info.
Visit My Website
April 3, 2010
Permalink
Hi, thanks for the kind words, and yes, feel free to post this on your blog. It’s always nice to get conversation and links from others interested in the same things.Very special!