Funny UST Scandal Virus Removal Tool
Automatic remover = Download this: Funny UST Scandal Avi.exe Remover
Manual:
Software used to build the virus= AutoIt V3
drop Files- killer.exe(4084 kb) in c:\windows\
lsass.exe(3920kb) in c:\documents and settings\all users\start menu\programs\startup
smss.exe(4088kb) in all root drives and in c:\windows
autorun.inf(1kb) in all root drives with a script
[autorun]
open=smss.exe
shell\Open\Command=smss.exe
shell\open\Default=1
shell\Explore\Command=smss.exe
shell\Autoplay\command=smss.exe
Funny UST Sandal.avi.exe(228kb) in all root drives
Registry Entries-HKLM\Software\Microsoft\WindowNT\CurrentVersion\Winlogon=shell(killer.exe)
HKCU\Software\Microsoft\windows\Currentversion\Run=runonce(c:\windows\smss.exe)
HOw to remove this lame virus????
-first download taskiller in http://www.rsdsoft.com/task_killer/index.php4 and install it to
your computer because you cant use taskmanager to terminate the virus(the virus automatically close taskmanager).
-run taskiller and left click it on the system tray(the one with a skull icon)
-click processes
-to close the virus, select process and click yes to the question
(process to close)
1.killer.exe
2.lsass.exe
3.smss.exe
note: close only file that have the same icon of Funny UST S*andal.avi.exe
CMD STEPS
1-now, click "start" then "run"
2-type "cmd" without quotes
3-type "cd\" without quotes
4-type "attrib -h -s smss.exe" without quotes
5-type "attrib -h -s autorun.inf" without quotes
6-type "start c:" without quotes(a new window will open)
7-select smss.exe,autorun.inf,Funny UST Scal.avi.exe and delete it
-if theres any drive or a partition type "d:" in command prompt without quotes
"d" is the drive letter then repeat the CMD STEPS number 4-7 above.......
-now type this on the command prompt "cd windows" without quotes(na naman!)
-type "attrib -h -s smss.exe" without quotes(uli)
-type "start c:\windows" without quotes(hay naku!)
-delete the file smss.exe
-now, goto c:\documents and settings\all users\startmenu\programs\startup
-delete lsass.exe
-click "start" then "run"
-type "regedit" without quotes then delete the registry entries above....
special thanks to fs6519 of TPC
Any suggestion, question or violent reaction? Feel free to leave a comment.
View Random Post
Thanks for this it really helps. (i hope your not the creator.)
ReplyDeleteThanks! napakagaling!!! natuwa ako sa virus hehe! pahirap!!!!!!!
ReplyDeleteThanks for this it really helps. (i hope your not the creator.)
ReplyDeleteAng lupit mo BORDS!
ReplyDeleteSlamat ng maraming marami. :D
NICE NAMANN,,, AYOS NA AYOS TO... PINABILIS, PINADALI ANG PAGTANGGAL NG TANGAHING VIRUS!!!!
ReplyDeletehai... dko alam kung tanga lang ako at dko naayos... pero eto ang tumulong sa akin http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
ReplyDeletecombofix... ayos na ayos :D if ever bumalik
Thanx For The Detailed Help Manual....I Just Downloaded It & Hope That It Really Helps....One Thing...Does iT Damages Any Of The Files Of My PC? 'Coz I Have Loads Of Data Backups In My HDD......
ReplyDeleteHI Sir this Ram from India. Thank u for ur valuable information. Now my messenger is working properly
ReplyDeleteWoW!! haNep!! thanK u VerY mUch!
ReplyDeleteIm sO glaD i foUnd Ur Site. It Helps Me tOo mUch!! 2 daYS Ko d TinUlugaN anG vIrus na Yan.. eTo paLA anG site NA Wer I caN cOunt On. In JusT oNE cLick. maIntaIned Na lahAt./.
ThaNk U sO muCh!!!!
GooDlUck!! MorE Power!!!
Pare sanan d ikaw ang gumawa-aldrin mquinana
ReplyDeletethat virus erased my SD card - may documentation pa ng workshop doon. I was going to burn the pictures - I left the SD card on the slot because I got called over to attend a meeting. Pagbalik ko, yun virus na lang laman ng SD card. Grrrrrrr. Salamat sa remover.
ReplyDeleteGuys, i've tired the remover, the manual procedure, and perhaps FIVE BLOODY ANTI-VIRUS!! they worked, partially, coz check out your C:\windows\system32. The LSASS.exe and SMSS.exe are still there.. Sana ma-rape ng bakla ang gumawa ng virus!!
ReplyDelete@anonymous
ReplyDeletehehe brutal ka naman. actually, lsass.exe and smss.exe are legitimate window files. so you don't have to worry about it
regarding po sa regedit. sabi po kasi ssa instruction>>> type "regedit" without quotes then delete the registry entries above.... thus it means "ALL" registry entries????? curious lang po.. di kasi me tech specialist eh...
ReplyDeleteeto lang po delete nyo:
ReplyDeleteRegistry Entries-HKLM\Software\Microsoft\WindowNT\CurrentVersion\Winlogon=shell(killer.exe)
HKCU\Software\Microsoft\windows\Currentversion\Run=runonce(c:\windows\smss.exe)
thanks for the reply sir TechPinoy... question po ulit... heheheh yung sa HKLM entry, delete lang po ba ay yung killer.exe??? same din po ba sa HK_current_user;smss.exe lang??? kasi yung nakita ko sa HKLM is explorer.exe,killer.exe.... tapos sa runonce is c:\WINDOWS\smss.exe.. thanks alot.. noob lang kasi ako...
ReplyDelete@PT
ReplyDeletedelete mo yung buong entry. ayaw ba gumana sayo nong automatic remover? para di ka na mahirapan
automatic remover??? nag manual lang po kasi ako eh... kaya di ko alam masyado.. do you have the link for the automatic remover???
ReplyDeletemy bad..... SORRY!!!! nakita ko na po... sensya na....
ReplyDeletethat's okay! hope it helps!
ReplyDeleteHello,
ReplyDeletePlease help. I can't run the automatic remover. There's an error with the file. The error says the application can't run because there's a certain file missing.
Thanks a Lot
can you post the exact wording of the error?
ReplyDeletetq 4 ur help. its help a lot -
ReplyDeletekilala ko creator, harhar
ReplyDeleteAfter doing the manual removal as well as using the quick remover, i suspect that the virus is still there...I cant open my c drive thru windows explorer...this message occurs: "C:\ application cannot be run in Win32 mode". Moreso, i still can't view all my hidden files and some other weird stuffs...I can't afford to reformat my pc at this time...can anybody help me on this!! I really need it badly!!
ReplyDeletepano po ba maalis ng 2luyan kc pag restart ko ng pc nandun parin tsaka po d ko tlga ma gets yung manual way of removing...
ReplyDeletei cant do it, the task manager appear and says, program not responding. i closed all applications and restart my pc, but then again it says, not responding. what shall i do?
ReplyDeleteplease try to ym or email me if you can, prbc_marketing@yahoo.com
Hi! I did the automatic and manual removal of the virus and successful naman xa with drive C and D kaso everytime na may maiinsert na mga usb devices may autorun.inf na naddtect yung antivirus ko. does this mean na nasa system ko pa rin yung virus? and is it true na kht ire4mat ko yung pc andun pa rin yung virus? annoying na kc eh... pls reply...i badly need your help...u guys rock btw...tnx!
ReplyDelete@bubbles20
ReplyDeletebaka ang nadedetect ng antivirus mo yung autorun galing sa flash drive hindi sa computer mo mismo. pag ganon, hindi pc mo may problema, yung flash drive ang may virus
pa scan mo yung flash drive mo sa antivirus mo, pag di kinaya ng AV mo, palit ka ng avast. yun ang gamit ko. so far so good, wala namang virus na nakakalusot
thnks for the remover.. BUt sTill i can't view my hidden files.. i check view hidden and system files but it automatically go back to "Do not show hidden and system file" plzz Help?? what should i do.. i need help on that...
ReplyDeletetnx a lot techpinoy!galing mo tlg...idol!Ü nod32 gamit q, and naddtect naman nya ung virus...alarmed lng ako kc bka pc ko yung nagsspread s mga usb...hehehe... tnx ult!
ReplyDeletetnx bro, pahirap....
ReplyDeleteang galing niyo
ReplyDeletei swear!
im officially a fan of you guys
natanggal na ung pesteng virus..
and you have a great sense of humor
so great tlga
thanks a lot
Godbless!
thanks po sa help!!!! u saved my computer!!!
ReplyDeleteok na. Thank you believe ako sayo. Pero congrats dinsa gumawa ng virus kc first time kong di nasolve ito. Kailangan ko pa ang task killer. Congats to both of you.
ReplyDeletei have a new prob! nddtect pa rin ng AV ko yung virus sa drive C days after the removal...d ata xa natatanggal permanently...shud i re4mat my pc? wud this solve the prob?yoko sana eh kc may vital files ako... yung AV ko nman trial version lang so pag expired na xa bka mas vulnerable nko sa virus... one more thing, i remember dti nung gamit ko ung taskkiller may lumabas na msg na system shutdown or something after atempting to delete the processes. nagwork b ung pgdelete or not? help plz! huhu...
ReplyDeleteThanks! it really helps.
ReplyDeleteHi
ReplyDeleteThanks a lot. My AVG Free version was no help. I used the REMOVER and followed the steps. My system is clean now. Thanks a lot once again
Gopinath S
mga tol pnu namn alisin ung spywer?my remover b kau?pasend nman.
ReplyDeleteTHANK GOODNESS!!!!!!
ReplyDeletethat virus has been causing me problems and I was soo worried that Id have to get my laptop fixed at some overkill shop.
My laptop is my life and you just saved it!
*hugs*
I'm sorry, i had to remove some comments here. i am having problem with adsense. It suddenly stop showing ads. weird thing is, only on this page. if any of you can help me, i would be grateful.
ReplyDeletethanx ha..sa gumawa ng gamot na ito...
ReplyDeleteit's really of a great help..
marjouricey ng cebu...
thanx ha..sa gumawa ng gamot na ito...
ReplyDeleteit's really of a great help..
marjouricey ng cebu...
THANK YOU, THANK YOU, THANK YOU!!!! Words cannot describe how grateful I am. That program removed the little piece of shit in like 3 seconds! Thank you! :D
ReplyDeleteThanks talaga idol! Shit kasi ung virus nakakinis tlga.. Ang lupit mo pre. Ayos na ayos na ang messenger ko.. :D
ReplyDeletehi.. slamat ha.. la na ung pesting virus na un..
ReplyDeletehehehehe.
thx! it really did wOrk!;)
ReplyDeletetnx po s pgremove nung ust scandal n un.. tnx po tlga.. more power Godblesz!!!!!!!!!
ReplyDeletethank you very much!! you saved my life!! i thought i was going to be grounded for life!! thank you!!
ReplyDeleteThanks,
ReplyDeleteIt really worked
thanks alot
i have wat this needs....
ReplyDeletelets see if it does what u say it shud...
well thanks for this ray of hope.
hi thanks for the steps
ReplyDeletei installed the task killer ended the process and the virus is gone
but the process keep showing up
i cant see my hidden files plz
plz help me
Mga pards, no need to download the software... SYSTEM RESTORE lang ayus na!!! =)
ReplyDeleteMga pards, no need to download the software... SYSTEM RESTORE lang ayus na!!! =)
ReplyDeleteFunny UST Scandal.avi.exe?! san ba nakukuha ito?! Where can I get this virus?! If ever I watched porn movies do I get this virus?!
ReplyDelete@anonymous
ReplyDeletenope. you can get it through yahoo messenger and/or flash drives
That's the only sensible reply I have seen on net. I am sure my problem will be solved.
ReplyDeleteIsa kang alamat... letch tlga ung virus na un...
ReplyDeleteis "smss.exe" a legitimate window file??? bakit most of the posts of removing that UST scandal virus said that its a virus?!
ReplyDeletepls verify...
i just want to know if that virus would still run though i didnt open it nung natapos na sya mdownload,.. please email me,.. paul.lhet@lycos.com,.. that same virus infected my pc last year kxo hindi ko alam ung gnawa nung nag-ayos nito,..
ReplyDeleteSuper Thankyou po. Sa wakas, naalis na rin xa sa system ko. XD
ReplyDeleteSana yung malalaki na ang biniktima, para siyang si goliath, kayankayanan lang ang maliliit, mapang-aping lahi!
ReplyDeleteKala nung gumawa nung virus na yun! Me araw din sya! Sana nga marape sya ng bakla! Wehehe. Evilness eh no? Bat ba? Namroblema ku dahil dyan sa virus na yan!
ReplyDeleteNga pala, i used this link to remove na that pesky virus: sobrang helpful! Download nyo lang tas irun nyo yung application tas tapos na! :) Sana makatulong to.
You deserve a lot of praise... i formatted my entire drive then also cunt get thru this virus.. but u did it in 5 mins ! ! amazin ! thanx a ton !!
ReplyDeletemine was detected by avg but i still can not open my drive C. how can i revert the effects of the virus without using system restore?
ReplyDeleteholy shit.....you guys are genius....
ReplyDeletetnx for the remover.....
that fucking virus is iritating...
tnx again......(even if you're the creator)
it is a great help really, that is so much dangerious virus. i was damn sick of this and want to kill this bastard, guys i have never seen such a dagerious threat in my life. big thanks of this site and those people who really giving us wonderful opportunities to get rid of this. GOD SPEICAL BLESS THESE PEOPLE
ReplyDeletemay prob pa rin ako sa virus na to..kaka bad trip na...na try ko na po lahat pati remover ayaw pa din.. pag nag mamanual nmn ako...pag katype ko ng attrib -h -s smss.ex - file not found nmn daw...ayaw na rin mag boot sa safemode pc ko...kahit ano safemode...tapos try ko task killer..pagka end ko ng slss.exe nag blue screen na...ayaw na magboot kahit san...try ko mag boot sa cd..may error..[press any key to boot from cd...] tpos nun may lalabas na mga codes...parang gap vault ata...help!!! ayaw ko mawala mga files ko sa work...
ReplyDeletethanks for the inkormation it really worked
ReplyDeletehi. please help me. kasi pag in-open ko yung firefox nagko close eh. kahit anong i open ko nagko close o minsan nagha hang. thanks
ReplyDeleteThis is a very nasty virus which can trick the people easily into believing that this is a safe program for their computer.
ReplyDeleteThank you for guiding us through this process! This is a big help for those suffering from this nasty virus. Unfortunately for me, I have a different problem: a laptop spill. Now I need to send my hardware in to be repaired, or simply purchase a new computer.
ReplyDelete