How to remove Funny UST Scandal avi.Exe Virus

Posted by Rohit in computer problems, how to fix, virus problems 

Tags: ,

2

Mar

Trouble:

One of our reader Kavi’s system got infected by the UST Scandal avi.exe virus, this is what he has said in the mail to troublefixers.com

 

How to remove funny ust scandel.exe without any virus removal tool? or can you
provide any Vbscript for removing this virus?

 

As far as writing a vbscript for automatic removal of this virus, we would love to but these days we are not getting enough time to do it, but in future we will try to provide free virus removal tools made by the troublefixers themselves.

Let’s see what are the UST Scandal virus symptoms and activities and how can we remove this virus both manually and automatically.


Fix:

Well we can remove this virus by a simple removal tool and through manual procedure also, lets first discuss about automatic removal tool.

Funny UST Virus Activities:

First of all this virus is not funny at all, either it may put yourself in state of embarrassment when it sends some senseless message to your friends in your yahoo messenger buddies.

It creates following files:

  • Killer.exe in c:\windows\
  • lsass.exe in c:\documents and settings\all users\start menu\programs\startup
  • xmss.exe in the root drive of all partitions and also in c:\windows
  • autorun.inf in all the partitions.
  • the main file Funny UST Scandal.avi.exe in all the partitions and
  • Funny UST Scandal.exe in c:\Windows.

Not only this, it also creates the following entries:

HKLM\Software\Microsoft\WindowNT\CurrentVersion\Winlogon\shell HKCU\Software\Microsoft\windows\Currentversion\Run\Runonce

You will find all these or some of these files if your system is infected by this virus.

Method 1: Remove the virus automatically by UST Virus removal Tool. Download it here

 

Method 2: Manual removal procedure.

1. Firstly you need to end process running by the virus, for this download process explorer.

killer.exe ,b.lsass.exe ,c.smss.exe

Note: close all those processes that have the same icon of Funny UST Sandal.avi.exe

2. Open Start >> Run and type “cmd” (without quotes) and press enter.
3. Above command will open up command prompt, type “cd\” (without quotes)
4. Type “attrib -h -s smss.exe” (without quotes)
5. Type “attrib -h -s autorun.inf” (without quotes)
6. Repeat step 4 and 5 for all the drives through command prompt (on the root folder)

7. Now open all your drives one by one by typing C: ,D: and so on in the address bar at the top, delete smss.exe,autorun.inf,Funny UST Scandal.avi.exe

8. Open command prompt again by following step 2.
9. Type “cd c:\windows” (without quotes)
10. Type “attrib -h -s smss.exe” (without quotes)and press enter. Type “delete smss.exe” and press enter also type “delete lsass.exe” and press enter.
11. Now Open Start >> Run and type regedit and press enter.
12. Locate these paths one by one in the registry.

  • HKLM\Software\Microsoft\WindowNT\CurrentVersion\Winlogon\shell
  • HKCU\Software\Microsoft\windows\Currentversion\Run\Runonce

At these paths, locate the keys which have values as (killer.exe) and (c:\windows\smss.exe). Delete these registry keys.

Done!

We hope you will be able to remove the virus by at least one of the method specified above, if not please let us know through comments.


We hope you like the post, You can get more such updates, get these fixes to computer troubles via email for free.

Useful Related Articles


Most Popular Troubles and Fixes


Get solutions to common computer problem's directly to your inbox for free

Enter your email id below

Del.icio.us

Digg

StumbleUpon

Add to

leave comment

18 Users Commented In This Post

Subscribe To This Post Comment Rss Or TrackBack URL
mygif
kavi says, March 3rd, 2008   

Respected Rohitbhai,
I’m kavi, i have sent complain about Funny virus, thank you very much for fast reply, but in your this answer i couldn’t understood below line.

“Now open all your drives one by one by typing C: ,D: and so on in the address bar at the top, delete smss.exe,autorun.inf,Funny UST Scandal.avi.exe”

I request once again to explain all steps to remove in more lucid pattern, Funny Virus is still there in my system. I have runned that Funny removal tool also.
Waiting for your reply.
thanking you.

kavi

mygif
Rohit says, March 3rd, 2008   

@Kavi

Hi Kavi
First of all open command prompt as told in step 2 above.

This line means, on command prompt, type “c:” without quotes and press enter
A. After this type “del smss.exe” without quotes and press enter
B. After this type “del autorun.inf” without quotes and press enter
C. After this type “del scandal.avi.exe” without quotes and press enter

Now type “d:” without quotes and press enter. Now repeat step A,B and C as written above, similarly for all your hard disk partitions, i.e “e:”, “f:” etc.

mygif
ahmed says, March 9th, 2008   

how i remove pop ups from my web pags

mygif
Rohit says, March 9th, 2008   

@Ahmed

Please see the link below for solution to your problem
http://www.troublefixers.com/adware-problems-pop-ups-containing-ads-come-automatically/

mygif
Theodor says, March 13th, 2008   

The first time I tried removing this virus manually, but Command Prompt or RegEdit or even Windows Task Manager window kept closing instantly.

But, the worm-removal tool worked great!

Thanks a lot!

mygif
Sam says, April 1st, 2008   

thanks sooo much iam very thanking from worker and owver of this Site its opened my brain iam very happy and thanking again and again i wish youre all be the best of luck Ty Ty

mygif
Asif says, April 3rd, 2008   

hello

Thanks so that i was able to remove smss.exe and autorun.inf both from the system by using step 1 but was unable to remove Funny UST Scandal.avi.exe adn try to remove the other using step2 but i was unable to do so could u plz suggest

i can’t format it bcoz it is my external hard disk and data is too important

plz suggest me

thanking u and waiting for replay

mygif
Rohit says, April 3rd, 2008   

@ Asif

What problem are you exactly facing while deleting that file?

mygif
Salim says, April 4th, 2008   

Cool website. I will definately recommend this site to all my friends.

Salim

mygif
Salim says, April 4th, 2008   

Hi Rohit,

I’m running Windows 2003 Enterprise server and I’m infected by the DOTEX.32 virus which is detected but cannot be cleaned. Help!

Salim

mygif
moin says, April 9th, 2008   

awesome…..its gr8…it completely removed the virus ie funny ust scandal….thaks a lot

mygif
sharjeel says, April 26th, 2008   

Dear Rohit

First of all I would like to acclaim your knowledge about computer softwares and your generosity.

But I encountered following problems when I tried to remove Funny UST Scandal.avi from my Computer.

1 when I killed Iass.exe,Smss.exe process with the help of process explorer,a message appeared that my computer will be shutdown within 2 mins and it happened so.

2 secondly when I tried to delete Smss.exe and Killer it shows a message that File not Found

3 Methoud 1 shows a message that No virus Is Running

But Iam sure that My computer is Infected by Scandal.avi because It appears in some of my drive

Iam sure that you can solve this problem without any hesitation.Please Help me I would be thankful to you

mygif
daytripper says, June 9th, 2008   

Thanks man! this was very helpful in removing the UST virus on my sis’ laptop!

Thanks thanks!

mygif
namish says, June 9th, 2008   

thanks

mygif
whodoes says, June 26th, 2008   

anybody used method #1 ? did it work ?

mygif
Yosep says, July 3rd, 2008   

Thanks.. good explanation to remove this troublesome scandal.exe!

mygif
sahana says, July 11th, 2008   

hii rohit !!!!!!!!!!111

though i used the method given above it is killing the virus for temporary plz help me out in killing permentally

mygif
ali says, August 15th, 2008   

thnx a lot dude
i hav been pist off by this virus
thank you

Leave Your Comments Below
Hello, please leave your thought below

Please Note: Comments may need to approved by admin. so there's no need to resubmit your comments.