ad

Your Ad Here
indore, m.p, India
hiiiiiiiiiiii tys is subodh em frm IES IPS A ,indore BE 1st year

welcome

latest

Wednesday, August 20, 2008

Worm removal - Funny UST Scandal.avi.exe

Worm removal - Funny UST Scandal.avi.exe
Labels: Windows XP

One of the viruses which i have tackled off late is Funny UST SCandal.avi.exe

Some of the Symptoms Of Funny UST SCandal.avi.exe are

* A orange icon with image of a Foot.
* Files missing, Not able to view hidden files.
* Every time you click on My Computer opens a new instance of it.
* Task Manager automatically disappearing after few seconds, not able to view process.
* System deadly slow
* Installations not occurring.

If your case can be matched with the conditions given above, in all probability, you’ve got the Autoit.BD worm, better known by Funny UST Scandal.avi.exe. AVG, Norton, Avast! - all don’t detect the virus.
This Virus replicates itself on the various disk partitions. So even if you have deleted it from C:\ or formated your PC it will still persist in some other partition leaving you in the same dilemma again. So one of the best ways to tackle this is.....

Steps to Follow in order to remove it

1. Download and install TaskKiller. TaskKiller forcefully kills the task and hence stops virus from replicating. Run Task Killer, and a red skull icon will appear on the system tray.Left click it, and click Processes
2. Select to kill these processes -
* killer.exe
* lsass.exe
* smss.exe
3. Now open up Command Prompt (Start>Run>command). Type each command and press Enter to run it -
* cd\
* attrib -h -s smss.exe
* attrib -h -s autorun.inf
4. Open My Computer and go to "C:\", then "C:\Windows\System32" and "C:\Windows\System".
5. Delete the following files -
* smss.exe
* autorun.inf
* Funny UST Scandal.avi.exe
6. Now, go to C:\Documents and Settings\All users\Startmenu\Programs\Startup and delete the file lsass.exe.
7. Open Registry Editor (Start>Run>regedit)
8. Delete the key HKEY_LOCAL_MACHINE\Software\
Microsoft\WindowNT\CurrentVersion\Winlogon=shell(killer.exe
9. Delete the key HKEY_CURRENT_USER\Software\
Microsoft\windows\Currentversion\Run=runonce(c:\windows\smss.exe)
10. Check For the virus in the other root partitions and remove the Funny UST Scandal.avi.exe
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)