Removing Funny UST Scandal.avi.exe virus

VIRUS INFO

Software used to build the virus= AutoIt V3

Dropped Files
killer.exe(4084 kb) in c:\windows\
lsass.exe(3920kb) in c:\documents and settings\all users\start menu\programs\startupsmss.exe(4088kb) in all root drives and in c:\windows
autorun.inf(1kb) in all root drives with a script

[autorun]
open=smss.exe
shell\Open\Command=smss.exe
shell\open\Default=1
shell\Explore\Command=smss.exe
shell\Autoplay\command=smss.exe

Funny UST Scandal.avi.exe(228kb) in all root drives

Registry Entries
HKLM\Software\Microsoft\WindowNT\CurrentVersion\Winlogon=shell(killer.exe)
HKCU\Software\Microsoft\windows\Currentversion\Run=runonce(c:\windows\smss.exe)

Manual Removal

1. First download Task Killer and install it to your computer because you can’t use Task Manager to terminate the virus (the virus automatically closes Task Manager).
2. Run Task Killer and left click it on the system tray(the one with a skull icon)
3. Click processes
4. To close the virus, select the processes(killer.exe, lsass.exe, smss.exe) and click yes.

Note: Close only file that have the same icon of Funny UST Scandal.avi.exe

CMD Steps
1. Now, click "start" then "run"
2. Type "cmd" without quotes
3. Type "cd\" without quotes
4. Type "attrib -h -s smss.exe" without quotes
5. Type "attrib -h -s autorun.inf" without quotes
6. Type "start c:" without quotes (a new window will open) 7
. Select smss.exe, autorun.inf, Funny UST Scandal.avi.exe and delete it

If there’s any other drive or a partition type "d:" in command prompt without quotes "d" is the drive letter then repeat the steps 4 - 7 above.......
Now type this on the command prompt "cd windows" without quotes.
Type "attrib -h -s smss.exe" (without quotes)
Type "start c:\windows" (without quotes)
Delete the file smss.exe
Now, go to c:\documents and settings\all users\startmenu\programs\startup
Delete lsass.exe
Click "start" then "run"
Type "regedit" without quotes then delete the registry entries above.

Download Removal Tool