After analyzing the activity of the U.Z.A O/S on my computer I wrote a little utility to help you remove this virus/trojan or whatever it is. Get the utility from here.. It works on Windows XP. I don't have time to write more.. Let me know of any issues. It worked for me somehow! Cheers!Update: The Link is Fixed now!
Make sure that you disinfect all your thumb drives. This trojan spreads through removable media. As soon as you connect an infected removable media to a PC, It'll get infected.. Therefore its important that you disinfect all the thumb drives/ removable media that is used with the PCs in your office/home. If the thumb drive has an application called 'My_personal_data' which looks like a folder (its icon is the same as a default folder icon in XP), then the pen drive/removable media is infected.
I just tried your link to remove UZA O/S... but somehow ur link is not working...
ReplyDeleteSorry! Mistakenly I put the private link there because I was in a hurry. Try to download it now. Cheers!
ReplyDeleteThank You.Shaamil... I tried your UZA_ eliminator. and it worked like easy. Thanks man. I am a IT student and am curious on how you built UZA o/s eliminator. If this is not against your policy can you give me some pointers as to how this tool came to life. You can reach me at shamoon@takaful.mv . also if you post it to this site it will be ok. cause i will be checking this site for any updates.
ReplyDeleteTHANK YOU
Shamoon
thank u
ReplyDeletehey shamoon,
ReplyDeleteBuilding it is easy though you may need to analyze the activities of the virus/Trojan under a virtual environment first to avoid any damages to your computer. Gather in depth information about its activities using a registry monitor and a file monitor. Then you can use any programming language or scripting utility or even a DOS batch file to undo the changes it made and delete its files.
Have a good day!
my pc also inffected with uza o/s. i googled for that and saw some discussions abt the virus/trojen or what ever it is. i have done what ever they said abt removing that bitch. but after doing all those things, once i restart the system, it is still there.
ReplyDeletehey thanks for it n i apriciate of this.. it works n i am happy of this once again thanks
ReplyDeleteNo problem guys, I appreciate your support. Thank you too. :)
ReplyDeleteHey Shaamil u r the best. way to go man. i also apriciate ur help. thanks and keep it up. =Naash=
ReplyDeletethank u thank u and more thank u..
ReplyDeleteur the greatest.
Shaamil... Hats off to you... Ur program cleaned my infected pen drive. But while i click scan button from ur program..no reaction....No results....??!! Anyway, my problem is solved.
ReplyDeleteI was suffering with my 12 office computers with UZA problem... Thaks a lot... So cute.!
thankx a lot man. good to know maldivians are getting to be script writers for such things. hehe, maybe one day u will get to open a symantec branch in maldives. or whichever. hehe
ReplyDeleteHai Shaamil
ReplyDeleteThis is Anwar. Still i didnt check ur sw. Just i want to is if we delete the file and if restart means it will be in th regisrty r in someotherplace. I think UOS.exe is not the source. if we delete also it will automatically generate next time rebooted. Is it possible to open the exe file using sofwares.
hey shaamil, thank you so much.. you save my day. the black desktop turned my day gloomy. now that you have cheered everyone of us up:) heart felt thank you*
ReplyDeleteHi shaamil, When your progrum is run the scan button remains greyed out... could you please help,
ReplyDeletehello.. thanks for this great util.
ReplyDeleteI was able to eliminate it from one account.. but when i loged on to the other account and tried it., the scan button is grayed out.. is there a way to remove it from this account as well.. thanks
Shahid, anonymous,
ReplyDeleteIf the scan button is grayed out that means the trojan is not present in memory (not currently running). If you have problems removing from other accounts try this modified version. I am not aware if there are other versions of this trojan. This trojan spreads through removable media such as thumb drives..
you are awesome shaamil.. this new one worked for me.. clock at the bottom looks fine and all.. however now i can press scan the next time after a reboot.. does this mean the virus is still present??
ReplyDeletethanks again
When you scan with the utility from any account with sufficient rights the u.z.a O/S is eliminated from the whole system. But since this is a quick utility it isn't dynamic. It undoes all the changes done to the system for the account in which the utility is run. In the modified version which I linked in the comment, the scan button is not disabled even if the utility could not find u.z.a O/S in memory. In the original version the scan button will be disabled if it could not find u.z.a O/S in memory. That's the only difference.
ReplyDeletethank your your UZA_ eliminator works like a charm.
ReplyDeleteThanks shhamil! IT works fine now.... It leaves a green screen after scan is run and the virus ges cleared. One thing i noticed that after tha even after plugging in an infected pendrive, when it is double clicked the system gets the virus in the memory: the uos.exe file in the system directory and also the in the taskmanager it is running , also the visloader is also there but it never affects the system, the wallpaper never changes to the the horrible black scree... Has it devoloped an immunity to the virus I mean with you tool remaining as a TSR.... also I wonder if you would care to tell me from in an infected system from which folder does the virus actually load itself during the startup...I mean the UOS.exe in the taskmanager thanks ...hoping to get an answer from you...as i am too inquisitive
ReplyDeletehello Shahid,
ReplyDeleteUZA_Eliminator tool does not remain resident in memory nor it leaves any traces in registry. If uos.exe is running then you are infected.. Its a common behavior among trojans and viruses that they doesn't do anything bad for sometime. The payload is activated by a trigger, sometimes it is the number of infections or a specified date etc.. Eliminate the trojan as soon as possible. Most trojans load from the registry. Some of them attach themselves to executables, so that whenever you run the infected executable the malicious code is also executed.
Have a good day.
Thanks for the info. shaamil, Will do that. Thats great work form you.
ReplyDeletethnx dude
ReplyDeleteCheeers! This is a Great and Useful Work shaamil, you have great programing skills..( I still cant understand a reason why this crazy Douche Bag who created this U.Z.A didnt try to make his own OS, instead of pretending to brand something else which he didnt and cause others trouble. Lamer!! )
ReplyDelete:) thanks a lot. you´re a whiz.
ReplyDeleteThe virus is a malware..its hard for scanners to find them and normally the removing tools are made by the one that actualy created the malware..since they cant take the credit for the malware infecting your pc they go around making a cleaner to take the credit :) my bet is that our little friend Shaamil is the author of this malicious code..
ReplyDeleteHey dude.
ReplyDeletei used the cool utility u created to eliminate UZA O/S, but after 2 days my comp is dead. Yeah, i mean dead
- can't start/boot
- can't use "Safemode"
- cant use Recovery Consol
- cant re-install XP or formatt
whats wrong with my pc!!! Any useful comment is well appriciated.
Dear Shaamil
ReplyDeleteMy system was infected with U.Z.A operating system virus. Your tool has worked fine and I got rid of that virus. Thank you very much. I was going mad and searching all over the web to find iout the solution and thank God I found your blog.
hmusthaq@dhivehinet.net.mv
Awesome tool, Shaamil! removed the UZA o/s from my comp in a jifty. Really appreciate your help, thanks a million!
ReplyDeleteAnyway I've found the My_personal_data folder that contains the virus on my removable disk. But how do I remove it?
Thanks again!
My_personal_data just delete that don't double click it
ReplyDeletethanks man
ReplyDeleteHey thank you !!!
ReplyDeletemay b this guy is spreading a trojan saying it will remove the infection.
ReplyDeleteThanks Shammil....... U had solve my problem. I apperiate it. today i can sleep tight without any worry. U the best.
ReplyDeletehey blogmate...realliii thanks loads for dis!!!
ReplyDeleteu solve my biggest problem here..
thanks
ur helpin soo many ppl dis way its soo nice of u
:D thanks a whole bunch again!!
hey buddy thnx .. this elkimator workd on my pc u've done a great job dude. tc
ReplyDeleteIs there anything else I need to do after running the eliminator tool? Such as reinstalling anti-virus software, etc?
ReplyDeletehey shamil ur great!!!thanks sooooooo much....btw is shiu ur gf?? -9009-
ReplyDeletehey i used ur eliminator & i thot everythin was fine until 2day i tried to open the taskmanager i never tried it until today after i used eliminator.. i cant open taskmanager it closes wen its open.. even the regedit... so wot might b the probe.. is it some other virus??.. can u pls help :S
ReplyDeleteThank You.Shaamil... I tried your UZA_ eliminator. and it worked like easy. Thanks man. You can reach me at zakiooluct@yahoo. i will be checking this site for any updates.
ReplyDeleteTHANK YOU
zaki
Hi SHAAMIL...Thanks for your great...killer program.....It's help me much more...
ReplyDeletethanks a lot, you're a life saver
ReplyDeleteYOU'RE A GENIUS SHAAMIL... KEEP LIVING... THE'LL BE MORE FROM WHERE IT CAME FROM... THANX DUDE.
ReplyDeleteShaamil, thanks for your innovation. I have been suffering from seeing UZA on my desktop for so long. My usb got infected. My colleagues' laptops got infected. Now the nasty thing is removed. Anyway, don't tell me you created UZA.
ReplyDeleteHey man,
ReplyDeleteThanks so much for coming up with the program and methods to remove it.
Thank you so much.^.^
ReplyDeleteThank You.Shaamil
ReplyDeletehi i was not able toremove this UZA virus pls help me,i've got UZA Eliminator but "scan" button is grey in color,so what can i do?
ReplyDeletePls help! why i cannot link to the uza eliminator? HOw can i get the uza eliminator?
ReplyDeletehi shaamil
ReplyDeleteyour link still didnt work for me.
how? can u help me?
thanks.
hey friends.. here is the mirro of that tool
ReplyDeletehttp://axenith.info/WP/wp-content/uploads/2007/10/uza_eliminator_x2.exe
thanx to shaamil.