How to remove Funny UST Scandal avi.Exe Virus
Trouble:
One of our reader Kavi’s system got
infected by the UST Scandal avi.exe virus, this is what he has said in the mail
to troublefixers.com
“How to remove funny ust scandel.exe without any virus
removal tool? or can you
provide any Vbscript for removing this virus?“
provide any Vbscript for removing this virus?“
As far as writing a vbscript for
automatic removal of this virus, we would love to but these days we are not
getting enough time to do it, but in future we will try to provide free virus removal tools
made by the troublefixers themselves.
Let’s see what are the UST Scandal
virus symptoms and activities and how can we remove this virus both manually
and automatically.
Fix:
Well we can remove this virus by a
simple removal tool and through manual procedure also, lets first discuss about
automatic removal tool.
Funny UST Virus Activities:
First of all this virus is not funny
at all, either it may put yourself in state of embarrassment when it sends some
senseless message to your friends in your yahoo messenger buddies.
It creates following files:
- Killer.exe in c:\windows\
- lsass.exe in c:\documents and settings\all users\start menu\programs\startup
- xmss.exe in the root drive of all partitions and also in c:\windows
- autorun.inf in all the partitions.
- the main file Funny UST Scandal.avi.exe in all the partitions and
- Funny UST Scandal.exe in c:\Windows.
Not only this, it also creates the
following entries:
HKLM\Software\Microsoft\WindowNT\CurrentVersion\Winlogon\shell
HKCU\Software\Microsoft\windows\Currentversion\Run\Runonce
You will find all these or some of these files if your system is
infected by this virus.
Method 1: Remove the
virus automatically by UST Virus removal Tool. Download it here
Method 2: Manual removal procedure.
1. Firstly you need to end process
running by the
virus, for this download process
explorer.
killer.exe ,b.lsass.exe ,c.smss.exe
Note: close all those processes that
have the same icon of Funny UST Sandal.avi.exe
2. Open Start >> Run
and type “cmd” (without quotes) and press enter.
3. Above command will open up command prompt, type “cd\” (without quotes)
4. Type “attrib -h -s smss.exe” (without quotes)
5. Type “attrib -h -s autorun.inf” (without quotes)
6. Repeat step 4 and 5 for all the drives through command prompt (on the root folder)
3. Above command will open up command prompt, type “cd\” (without quotes)
4. Type “attrib -h -s smss.exe” (without quotes)
5. Type “attrib -h -s autorun.inf” (without quotes)
6. Repeat step 4 and 5 for all the drives through command prompt (on the root folder)
7. Now open all your drives one
by one by typing C: ,D: and so on in the address bar at the top, delete
smss.exe,autorun.inf,Funny UST Scandal.avi.exe
8. Open command prompt again
by following step 2.
9. Type “cd c:\windows” (without quotes)
10. Type “attrib -h -s smss.exe” (without quotes)and press enter. Type “delete smss.exe” and press enter also type “delete lsass.exe” and press enter.
11. Now Open Start >> Run and type regedit and press enter.
12. Locate these paths one by one in the registry.
9. Type “cd c:\windows” (without quotes)
10. Type “attrib -h -s smss.exe” (without quotes)and press enter. Type “delete smss.exe” and press enter also type “delete lsass.exe” and press enter.
11. Now Open Start >> Run and type regedit and press enter.
12. Locate these paths one by one in the registry.
- HKLM\Software\Microsoft\WindowNT\CurrentVersion\Winlogon\shell
- HKCU\Software\Microsoft\windows\Currentversion\Run\Runonce
At these paths, locate the keys
which have values as (killer.exe) and (c:\windows\smss.exe). Delete these
registry keys.
Done!
0 comments:
Post a Comment