Just few days ago I mentioned about this virus called changes the homepage of Internet Explorer to ‘sujin.com.np’ and does some other manipulation in the registry. Well, I encountered this so called virus aned I alsofound of its solution through various resources. To remove this virus you can follow the process below :
1. From the start menu click ‘Run’ -> type ‘Regedit’
2. Registry Editor will open
3. In the Registry Editor, go to Edit menu and press find
4. In the find dialog box type - virusremoval.vbs and press find next button
5. The search will end at some folder in the registry at the key - "userint"; doubleclick it; you will find many paths separated by commas - eg: c:windows/system32/userinit.exe,c:/windo... and so on. Among those paths you will find "C:\windows\system32\virusremoval.vbs". Delete the path. Ensure that remaining paths are unaltered so that your genuine scripts are not affected.
6. Press F3 (find next) to see if the same path exists somewhere else in your registry. If found again at some other place remove the path there also.
7. Repeat F3 until you get a message that search has finished.
6. Change your home page to your usual one. You will notice that though your home page has stopped from changing back to ‘sujin.com.np’, still your title bar is showing ‘sujin.com.np’.
7. To change this back to normal, first change your homepage, and again open the ‘Registry Editor’ and press find in edit menu and type ‘sujin.com.np’ without quotes. You will find the key - "Window Title". Double click the key and type "Windows Internet Explorer" or any other text you would like to have in the title bar. Please note that you have to change the key at two places. Press find next f3 till you receive the message that search has finished to ensure that you have changed at both the places.
Well, this is a pretty long procedure. Instead of doing all this you can just download a scanner for this virus from http://worldlink.com.np/support/download/software/Scanner.exe and run a scan and this virus will be easily removed.
43 comments:
hey i tried dis but it did not work ! wat shall i do next ????
PLez reply me ma ID : hellcrook_7@yahoo.com
Strange ... if thats a Sujin virus then it should work 100%
I myself have tried it and it worked fine for me.
Actually,this script was written by a coder from Nepal who was later caught and then he was forced to make it's anti-virus.
That's the same scanner.exe file
That download scanner works! Thanks, love you!
it works! Thank u soooo much! Happy New Year!
i couldn't find the key "userint".what shall i do?....plz tell me
i couldn't find the key "userint".plz tell me wat to do....
Can't find "userinit" string just by searjching then open the registry and go ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
select the "Winlogon" key and in the right pane you'll see the string "userinit" .... make the appropriate changes and I'm sure your problem will be solved.
Or you can simply try the scanner.
thanks razeet....i got the key "userinit" but the path "c:\windows\system32\virusremoval.vbs" can't be deleted from it....i tried it several times but it appears again and again....
You have to follow the whole process thoroughly dear...
and Did you tried the scanner.exe
and after everything is done, don't forget to delete the files in your flash drive ...I guess you double clicked it and you got the virus from it again ...
Hey its great it worked....Thanks to you..Dear
त्यो सुजिन डाकाले मलाई फुल गिदि गरेको छ मैले बाटोमा कतै भेटे भने त्यसले फूळ धोल खान्छ।
Nice one Nabin...
as you wish... kick him where it hurts the most... haha
hey really thanks the scanner worked that a** h**e thing really troubled me
>wow it really works
>thank u
i followed your procedure, but my search ended at 'ab(default)' instead of 'userint'. so i took the plunge and downloaded the scanner. worked like a charm. thanks a million, razeet, i was at my wit's end over this. you are a genius
Fantastic....
It is really work
thanks a lot
i found virusemoval.vbs in my pendrive but the antivirus s/w could not solve it,,then i went to regedit & checked but it was not found even there. Is there any possibility of the virus being there?
hey..u r a genious
it worked...
thanx buddy
In reply to "i found virusemoval.vbs in my pendrive but the antivirus s/w could not solve it,,then i went to regedit & checked but it was not found even there. Is there any possibility of the virus being there? "
Hey ... you computer still might not have been infected yet. SO, if you could just delete those file then i don't think it's going to be a big problem.
it is great!! it solved my problem!!!thanks buddy!!
greattttttt....it workeddd..i was so worried
thanks alotttt
it really works..so simple and easy..
now we can repare our systems ourselves thanx
Thank you so much! It is great of you to post the scanner up here.
Thank you so much... for the exe... i was so scared when i first notice this virus......just this exe really helped... thanks a ton
Many of my readers have complained that the .exe link is not working. In case it is so then please download it form here.
Sujin's Removal Tool
hey guys the download link it's really work thanks a lot .................love ya
Yes it works !!! Thanks for the help. I don't have words to appreciate this kind of help. Hats off to you....
Hey guys..thanks very much it works...
thanks scanner worked
Hi, i realise im affected by sujin thru a thumb drive. May i know anyway to remove it from my thumb drive? thanks in advance
formattig the thumb drive might do the trick... but before that unhide the hidden and super hidden file and folders of your computer... and again don't double click the thumb drive... there might be an autorun that triggers some other malicious action...
hope is works
you are great brother
i have tried my best to remove it but perfect answer you gave me
Thank You!!!!!!
thanks man..!!! it worked to perfection..!!
hats off to u.!
kip on da gud work.!
hey this scanner works but the sujin virus attacks again and again how can i stop this virus to attack again
pls help
Well, to prevent this virus from attacking your computer again and again you have to be careful yourself ... you have to be careful while browsing the net and usually this virus spreads thru flash drives so scan it thoroughly with the latest anti-virus software before opening the flash drive... don't just double click the flash drive, check to see if there something suspicious inside the flash drive ..
See this :
http://www.547thcrusaders.com/2008/02/a-quick-analysis-to-%E2%80%9Csujin-virus%E2%80%9D-and-its-remedies/
thanks a lot for the scanner tip..
it solved the problem..
This is the most easiest and the quickest scanner I have ever used to remove a virus from my computer....dude gr8 job
Xcellent buddy.....thx a lot...
Gr8!...soln. Thx..a lot
i want to use the slution,,but i can't even open registry ..while i give command regedit window will blink and disappear soon...pls help
If you can't open the registry editor you can just download the .exe file from the link that I have given in the comment or from the post and use it ... it will unlock your registry editor and also change the settings itself ..
Thanks a lot.Really its work.
thank you bro..
Really appriciate it.
ihw666@yahoo.com
Post a Comment