Sunday, March 23, 2008

Killer.exe

Guys,

Just got back from bangalore. It has been 2 months away from home. Feels nice to be back. These 2 months were hard because i missed both my bike and my system.

When i got back home, i was in for a big shock. My system was yet again attacked by a virus. And this time, the virus was a nasty one. This one is called as the 'Funny UST Scandal.exe' virus. Let me tell you one thing, this virus is not funny at all.

The initial symptoms were that i was not able to open certain drives in my hard disk. I tried restarting the explorer, my system just to ensure it was not a windows error. The same situation continued after reboot. Now, i knew that the system had a virus. I thought of killing the virus process by opening task manager. I opened the task manager and saw the process called 'killer.exe' running. While i tried to kill it, the task manager was closed automatically! I was really shocked. I tried opening task manager again, but this time it wudnt even open. Then i tried to prevent the virus from starting itself during reboot. I opened msconfig. To my utter shock, it closed automatically too! The damn virus wouldnt even let me open the command prompt.

I searched the net for information regarding the virus and got some info abt it. Few sites said that the virus file resides in C:\Windows with a hidden attribute. When i tried to view hidden files from the tools menu in the explorer, it closed too!

I was really shocked. The guy who wrote the virus must have been a genius. When i tried searching for the virus cure in the net, any web page which pointed to the cure also closed automatically. I couldnt open symantec or mcafee's site.

To make things worse, the damn virus wouldnt let me install anti virus softwares too. As i said before, who ever who wrote this virus must have been a genius.

To summarize the symptoms,
1. Task Manager closes automatically
2. CMD prompt closes automatically
3. System Configuration Utility [msconfig] closes automatically
4. Anti virus installations fail
5. Websites pointing to its cure closes automatically
6. Cannot open hard disks where the virus resides.
7. Cannot open 'Folder Options' in Explorer menu.

After numerous attempts in finding cure for the virus, i finally stumbled upon http://piyushlabs.wordpress.com/smss/. This blog really helped me a lot. This blog gives complete information abt the virus and how to clean it. The cleaning process is made easy by the batch files given in the site. The author of this site, Piyush is absolutely great. His solution helped me remove the virus from my system. Thanks Piyush! Continue in your attempt in kicking out viruses [and not creating them :)]

Hope you guys dont get this virus in your system. And if you are unfortunate to get the virus, consider yourself fortunate to find the solution at http://piyushlabs.wordpress.com/smss/

Until next time.

2 comments:

Anonymous said...

dude.. u shld hav tried d safe mode most of d killer exe virii don initialise durin safe mode..
luckily u din get d W32 bot dude it took out my entire boot sector once..now hw s tat for a virus??

my reco..use mcafee stand alone scanner in boot mode..or else u shld try movin to avast.. its really rockin..

Unknown said...

Ya da, wish i had contacted you earlier. am planning to install mcafee. that one looks robust.