Files missing?
My Computer not opening?
Programs not opening?
Installations not occurring?
Task Manager not opening?
System deadly slow?
If your case can be matched with the conditions given above, in all probability, you’ve got the Autoit.BD worm, better known by a file it deposits in your C:\ drive, Funny UST Scandal.avi.exe. Pretty annoying. Almost nothing you can do. Only NOD32 v3 with updates can detect this trouble maker worm. Kaspersky can detect, but cannot remove. AVG, Norton, Avast! - all don’t even detect the virus.
Wait! Don’t format your system yet! Its a pretty simple virus to remove, and won’t take more than 10 minutes. It is recommended that you start up in Safe Mode before you do the following steps to remove the virus -
[scroll down for a file which automates all this]
- Download and install TaskKiller (326 KB freeware). We’re doing this because we need to remove a few tasks running, and Windows Task Manager (Alt + Ctrl + Del) gets killed by the virus
- Run Task Killer, and a red skull icon will appear on the system tray
- Left click it, and click Processes
- Select to kill these processes -
- killer.exe
- lsass.exe
- smss.exe
- Now open up Command Prompt (Start>Run>command). Type each command and press Enter to run it -
- cd\
- attrib -h -s smss.exe
- attrib -h -s autorun.inf
[NOTE : Type each command exactly as its given here]
- Open My Computer and go to C:\ or whichever partition in which you’ve installed Windows.
- Delete the following files -
- smss.exe
- autorun.inf
- Funny UST Scandal.avi.exe
- Go to Command Prompt again. Run this command -
- attrib -h -s smss.exe
- Go to C:\Windows or wherever else you’ve installed Windows, and delete the file smss.exe.
- Now, go to C:\Documents and Settings\All users\Startmenu\Programs\Startup and delete the file lsass.exe.
- Open Registry Editor (Start>Run>regedit)
- Delete the key HKEY_LOCAL_MACHINE\Software\
Microsoft\WindowNT\CurrentVersion\Winlogon=shell(killer.exe - Delete the key HKEY_CURRENT_USER\Software\
Microsoft\windows\Currentversion\Run=runonce(c:\windows\smss.exe) - You’re done!
OR, you can just download a remover file : Download Autoit.BD remover
- After downloading, unzip, and run the exe file.
- Then, do the steps 11, 12 and 13 as mentioned above.
- You’re done
Thanks to fs6519 for recommending these steps, and making the remover file.
I hope that this post was useful. Cheers
[tags]autoit.bd, worm, funny UST scandal, fs6519, removal, worm removal, virus removal, installation stopping, task manager not opening, smss.exe, Funny UST Scandal.avi.exe [/tags]
January 16th, 2008 at 12:01 pm
request for remove the virous name funny UST scandal.avi.exe
thanks
vinod rawat
January 16th, 2008 at 4:25 pm
Thats what I’ve given above…
Good luck
January 18th, 2008 at 1:24 pm
[…] Autoit.BD worm removal - Funny UST Scandal.avi.exe […]
January 20th, 2008 at 12:14 am
hi
Thankx for the soultion, it has helped…………..
January 20th, 2008 at 10:55 am
My pleasure Angad
January 20th, 2008 at 5:24 pm
Funny ust Scandal avi.exe
Removing funny ust scandal avi.exe virus without any antivirus just installing fresh copy of windows. This is done by jitender kumar , MIET engineering college meerut, meerut , UP ,
For any problem regarding this virus contact me
Jitender kumar
MIET engineering college, meerut
UP, INDIA
—- :: EDITED BY ADMIN TO WEED OUT POSSIBLY DANGEROUS ACTIONS :: —-
January 21st, 2008 at 1:21 pm
Jitender, sorry, thats a very crooked way, and a lot of things may go wrong while doing that. Its better to follow the way listed above, which is easy, and wont take too much time.
January 24th, 2008 at 7:28 pm
< < EDITED BY ADMIN FOR HAVING MALICIOUS CONTENT >>
January 27th, 2008 at 6:13 pm
< < EDITED YET AGAIN BY ADMIN >>
JITENDER, PLEASE STOP SPAMMING MY BLOG!
January 28th, 2008 at 8:33 pm
Please STOP spamming Jitender and Shuvra!!!
January 29th, 2008 at 3:00 am
can u plz tell a solution for New Folder (i dont know exact name of the virus, but it creates new folders, folder options are missing, regedit is disabled) virus
January 29th, 2008 at 7:43 pm
Thanx a lot buddy
January 30th, 2008 at 2:03 pm
Most welcome Nish
@seeee4 : I think thats the Heap41a virus.
http://www.bloggingindia.net/2007/09/15/the-orkut-mozilla-hater-virus-w32usbworm-complete-removal/
December 16th, 2009 at 2:28 am
Thanks! I have been searching for this info all day now. My computer is not running like used to and I need to figure out how to fix it quickly. I have bookmarked your post so others can find it to on digg.
December 24th, 2009 at 8:04 am
Kicking off 2010’s mixed martial arts is the brilliant UFC 108. It’s bound going to be a great event with the main match being Evans vs Silva going head to head. You can watch santos vs yvel fight video for FREE in full HD without paying that grotty $55.95 PPV cost.
December 30th, 2009 at 8:12 am
Easily, the post is actually the greatest topic on the best registry cleaner in 2009. I harmonize with your conclusions and will eagerly look forward to your forthcoming updates. Just saying thanks will not just be enough, for the extraordinary lucidity in your writing. I will instantly grab your rss feed to stay privy of any updates.