Monday 12 December 2011

USB Device Spreading Viruses

Funny UST Scandal Virus


These Viruses Are Mainly Spreading From The USB Devices Like Pendrive , Mobile Memory Cards etc...
Some of the Symptoms Of Funny UST SCandal.avi.exe
• A orange icon with image of a Foot.
• Files missing, Not able to view hidden files.
• Every time you click on My Computer opens a new instance of it.
• Task Manager automatically disappearing after few seconds, not able to view process.
• System deadly slow
• Installations not occurring.




How To Remove This Virus ?


* Follow These Steps

    1. Download and install TaskKiller. TaskKiller forcefully kills the task and hence stops virus from replicating. Run Task Killer, and a red skull icon will appear on the system tray.Left click it, and click Processes
    2. Select to kill these processes -
      • killer.exe
      • lsass.exe
      • smss.exe
    3. Now open up Command Prompt (Start>Run>command). Type each command and press Enter to run it -
      • cd\
      • attrib -h -s smss.exe
      • attrib -h -s autorun.inf
    4. Open My Computer and go to "C:\", then "C:\Windows\System32" and "C:\Windows\System".
    5. Delete the following files -
      • smss.exe
      • autorun.inf
      • Funny UST Scandal.avi.exe
    6. Now, go to C:\Documents and Settings\All users\Startmenu\Programs\Startup and delete the file lsass.exe.
    7. Open Registry Editor (Start>Run>regedit)
    8. Delete the key HKEY_LOCAL_MACHINE\Software\
      Microsoft\WindowNT\CurrentVersion\      Winlogon=shell(killer.exe
    9. Delete the key HKEY_CURRENT_USER\Software\
      Microsoft\windows\Currentversion\Run=runonce(c:\windows\smss.exe)
    10. Check For the virus in the other root partitions and remove the Funny UST Scandal.avi.exe


Another Method For Removing Funny UST Scandal Virus
You Can Remove Funny UST Scandal Virus Using The Funny UST Scandal Virus Remover



This Remover Tool Works Only If Your Computer Is Infected With Funny UST Scandal Virus. Otherwise It Displays A Message "No Funny Virus Running!!!!!"

Download link 1

Alternate link


2.

“I Dont hate Mozilla but use IE or Else” Virus

Few days back when i tried to open mozilla firefox i got a message “I Dont hate mozilla but use IE or Else”… this was my first encounter with a virus… My antiVirus couldn’t detect it… thats bad.. :(
My senior Colleague at office Mr. Mohan, he is a person who guides me in all my system related queries. Thanks Mohan. when i said him about this he went through google…. and landed on to a site “mozillaZine” where people discuss about the virus. Thankfully people had already found solution for this virus. Which had blocked my mozilla firefox but IE was accessible. even with IE i was unable to visit orkut.
Disable Autorun Feature
  1. Click Start -> Run.
  2. Type RegEdit in the Open text box, then press ENTER.
  3. In the Registry Editor, locate and click the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDRom
  1. Modify the value of the Autorun to 0 (zero) so that CD-ROMs and Audio CDs do not run and start automatically when inserted.
  2. Next navigate to the following registry subkey:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  1. Modify the value of the NoDriveTypeAutoRun entry to 0xb5 value to turn off the AutoRun feature for CD-ROMs by right-click NoDriveTypeAutoRun and then click Modify to type B5 in the Value data box. Select Hexadecimal, and then click OK.
  2. Quit Registry Editor.
  3. Restart your computer.

The steps to kill the virus :
  1. Go to Task Manager (Ctrl+Alt+Del)
  2. in that click on Process Tab
  3. Delete only the svchost.exe of your user name
  4. type c:\heap41a in you address barof your explorer and you can trace this folder
  5. Done.
Posted by at 22:32

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)