Just few days ago I mentioned about this virus called changes the homepage of Internet Explorer to ‘sujin.com.np’ and does some other manipulation in the registry. Well, I encountered this so called virus aned I alsofound of its solution through various resources. To remove this virus you can follow the process below :
1. From the start menu click ‘Run’ -> type ‘Regedit’
2. Registry Editor will open
3. In the Registry Editor, go to Edit menu and press find
4. In the find dialog box type - virusremoval.vbs and press find next button
5. The search will end at some folder in the registry at the key - "userint"; doubleclick it; you will find many paths separated by commas - eg: c:windows/system32/userinit.exe,c:/windo... and so on. Among those paths you will find "C:\windows\system32\virusremoval.vbs". Delete the path. Ensure that remaining paths are unaltered so that your genuine scripts are not affected.
6. Press F3 (find next) to see if the same path exists somewhere else in your registry. If found again at some other place remove the path there also.
7. Repeat F3 until you get a message that search has finished.
6. Change your home page to your usual one. You will notice that though your home page has stopped from changing back to ‘sujin.com.np’, still your title bar is showing ‘sujin.com.np’.
7. To change this back to normal, first change your homepage, and again open the ‘Registry Editor’ and press find in edit menu and type ‘sujin.com.np’ without quotes. You will find the key - "Window Title". Double click the key and type "Windows Internet Explorer" or any other text you would like to have in the title bar. Please note that you have to change the key at two places. Press find next f3 till you receive the message that search has finished to ensure that you have changed at both the places.
Well, this is a pretty long procedure. Instead of doing all this you can just download a scanner for this virus from http://worldlink.com.np/support/download/software/Scanner.exe and run a scan and this virus will be easily removed.
21 comments:
hey i tried dis but it did not work ! wat shall i do next ????
PLez reply me ma ID : hellcrook_7@yahoo.com
Strange ... if thats a Sujin virus then it should work 100%
I myself have tried it and it worked fine for me.
Actually,this script was written by a coder from Nepal who was later caught and then he was forced to make it's anti-virus.
That's the same scanner.exe file
That download scanner works! Thanks, love you!
it works! Thank u soooo much! Happy New Year!
i couldn't find the key "userint".what shall i do?....plz tell me
i couldn't find the key "userint".plz tell me wat to do....
Can't find "userinit" string just by searjching then open the registry and go ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
select the "Winlogon" key and in the right pane you'll see the string "userinit" .... make the appropriate changes and I'm sure your problem will be solved.
Or you can simply try the scanner.
thanks razeet....i got the key "userinit" but the path "c:\windows\system32\virusremoval.vbs" can't be deleted from it....i tried it several times but it appears again and again....
You have to follow the whole process thoroughly dear...
and Did you tried the scanner.exe
and after everything is done, don't forget to delete the files in your flash drive ...I guess you double clicked it and you got the virus from it again ...
Hey its great it worked....Thanks to you..Dear
त्यो सुजिन डाकाले मलाई फुल गिदि गरेको छ मैले बाटोमा कतै भेटे भने त्यसले फूळ धोल खान्छ।
Nice one Nabin...
as you wish... kick him where it hurts the most... haha
hey really thanks the scanner worked that a** h**e thing really troubled me
>wow it really works
>thank u
i followed your procedure, but my search ended at 'ab(default)' instead of 'userint'. so i took the plunge and downloaded the scanner. worked like a charm. thanks a million, razeet, i was at my wit's end over this. you are a genius
Fantastic....
It is really work
thanks a lot
i found virusemoval.vbs in my pendrive but the antivirus s/w could not solve it,,then i went to regedit & checked but it was not found even there. Is there any possibility of the virus being there?
hey..u r a genious
it worked...
thanx buddy
In reply to "i found virusemoval.vbs in my pendrive but the antivirus s/w could not solve it,,then i went to regedit & checked but it was not found even there. Is there any possibility of the virus being there? "
Hey ... you computer still might not have been infected yet. SO, if you could just delete those file then i don't think it's going to be a big problem.
it is great!! it solved my problem!!!thanks buddy!!
greattttttt....it workeddd..i was so worried
thanks alotttt
Post a Comment