Just few days ago I mentioned about this virus called changes the homepage of Internet Explorer to ‘sujin.com.np’ and does some other manipulation in the registry. Well, I encountered this so called virus aned I alsofound of its solution through various resources. To remove this virus you can follow the process below :
1. From the start menu click ‘Run’ -> type ‘Regedit’
2. Registry Editor will open
3. In the Registry Editor, go to Edit menu and press find
4. In the find dialog box type - virusremoval.vbs and press find next button
5. The search will end at some folder in the registry at the key - "userint"; doubleclick it; you will find many paths separated by commas - eg: c:windows/system32/userinit.exe,c:/windo... and so on. Among those paths you will find "C:\windows\system32\virusremoval.vbs". Delete the path. Ensure that remaining paths are unaltered so that your genuine scripts are not affected.
6. Press F3 (find next) to see if the same path exists somewhere else in your registry. If found again at some other place remove the path there also.
7. Repeat F3 until you get a message that search has finished.
6. Change your home page to your usual one. You will notice that though your home page has stopped from changing back to ‘sujin.com.np’, still your title bar is showing ‘sujin.com.np’.
7. To change this back to normal, first change your homepage, and again open the ‘Registry Editor’ and press find in edit menu and type ‘sujin.com.np’ without quotes. You will find the key - "Window Title". Double click the key and type "Windows Internet Explorer" or any other text you would like to have in the title bar. Please note that you have to change the key at two places. Press find next f3 till you receive the message that search has finished to ensure that you have changed at both the places.
Well, this is a pretty long procedure. Instead of doing all this you can just download a scanner for this virus from http://worldlink.com.np/support/download/software/Scanner.exe and run a scan and this virus will be easily removed.
2 comments:
hey i tried dis but it did not work ! wat shall i do next ????
PLez reply me ma ID : hellcrook_7@yahoo.com
Strange ... if thats a Sujin virus then it should work 100%
I myself have tried it and it worked fine for me.
Actually,this script was written by a coder from Nepal who was later caught and then he was forced to make it's anti-virus.
That's the same scanner.exe file
Post a Comment