well filipinos are intelligent, they are able to make a very annoying virus called FUNNY UST
SCANDAL.AVI.EXE. the virus attach itself to your ID and then spread it to other ID. It mainly
affects YAHOO MESSENGER, but at some point, MSN MESSENGER, depending on what messenger ID the
virus had infected.
it also infects flash drive if not paid attention IMMEDIATELY (eg. USB, mp4, even your cellphone
mmc)
no anti virus can heal it as of now, because as you can see the virus is still shining, as in
BRAND NEW (latest in the philippines)
SOLUTION:
all you have to do is KNOW WHEN you had RUN the funny ust scandal FILE
Example: NOV.9, 2007 you had run the virus
then click:
START
ALL PROGRAMS
ACCESSORIES
SYSTEM TOOLS
SYSTEM RESTORE
click the CALENDAR DATE where you know that your PC is working properly (the day the virus file
has not yet been installed)
Example: NOV.3, 2007 click it
youll find out that it's like you had turned back the time (all the files that you installed that
day (which is NOV.9) are gone.
IMPORTANT: don't ever use the infected ID again! or you'll have dejavu...",
sorry for the engish carabao im a filipino...i hope this will help...im very very sorry.
3 weeks ago
50% 2 Votes Report It Is this what you are searching for?Rating: Good Answer Rating: Bad Answer
-----------------------------
ok for the benefits of all......
here it is.
using "DOS Command"
E:\>attrib E:\Autorun.inf -s -h
E:\>attrib
A E:\Shit Remover.zip
A E:\my2.zip
A E:\Transfering of Workstream application to Station.ppt
A E:\project.doc
A H E:\WMPInfo.xml
A E:\uui.AVI
E:\Autorun.inf -> hiding mode
A E:\virus1.bmp
A E:\virus2.bmp
E:\>dir
Volume in drive E is USB DATA
Volume Serial Number is C08D-59CD
Directory of E:\
01/03/2007 07:05 AM
01/04/2007 10:44 AM
01/24/2006 03:35 PM 149,249 Shit Remover.zip
01/06/2007 03:38 PM
01/11/2007 09:20 AM
01/20/2007 12:01 AM
03/23/2007 06:30 PM 565,635 my2.zip
03/01/2007 11:15 AM 652,288 Transfering of Workstream application to Station.ppt
03/29/2007 01:51 PM 469,504 project.doc
01/01/2002 10:10 AM 6,227,408 uui.AVI
04/09/2007 09:30 PM 115 Autorun.inf
04/13/2007 04:54 PM 2,359,350 virus1.bmp
04/13/2007 04:55 PM 2,359,350 virus2.bmp
8 File(s) 12,782,899 bytes
5 Dir(s) 326,410,240 bytes free
E:\>del Autorun.inf
E:\>dir
Volume in drive E is USB DATA
Volume Serial Number is C08D-59CD
Directory of E:\
01/03/2007 07:05 AM
01/04/2007 10:44 AM
01/24/2006 03:35 PM 149,249 Shit Remover.zip
01/06/2007 03:38 PM
01/11/2007 09:20 AM
01/20/2007 12:01 AM
03/23/2007 06:30 PM 565,635 my2.zip
03/01/2007 11:15 AM 652,288 Transfering of Workstream application to Station.ppt
03/29/2007 01:51 PM 469,504 project.doc
01/01/2002 10:10 AM 6,227,408 uui.AVI
04/13/2007 04:54 PM 2,359,350 virus1.bmp
04/13/2007 04:55 PM 2,359,350 virus2.bmp
7 File(s) 12,782,784 bytes
5 Dir(s) 326,418,432 bytes free
E:\>attrib
A E:\Shit Remover.zip
A E:\my2.zip
A E:\Transfering of Workstream application to Station.ppt
A E:\project.doc
A H E:\WMPInfo.xml
A E:\uui.AVI
A E:\virus1.bmp
A E:\virus2.bmp
----------------------------
http://www.sophos.com/virusinfo/analyses/w32sillyfdcy.html
My own Fix:
Boot on Safe Mode on every profile
Important:
*Dont ever ever double click(even accidental, or redo boot safemode) on all DRIVES
*View Hidden files Tools-Folder Options-View Tab Select Show Hidden Files and Folders & uncheck
Hide protected operating system files(recommended)
*Donot double click .exe files with command or html icon
1. Remove registry entry
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Winlogon
2.VERY IMPORTANT Remove Invalid entries on msconfig look @ StartUP ONLY found WINLOGON
c:\
3.delete Files use Start-search
*Autorun.inf
*Recycler.exe
*
*services.exe(donot del c:\
*Gwen(ISU) Scandal.exe (Make sure you search all harddrives)
*Sex Video.exe (Make sure you search all harddrives)
*Winlogon.exe (donot del c:\
4.
5. Thank me lol, rather that reformat your pc
--
Saturday, April 5, 2008
How to remove the virus FUNNY UST SCANDAL.AVI.EXE.
Posted by Deepak Ravindran at 1:14 AM
Labels: FUNNY UST SCANDAL.AVI.EXE
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment