Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
I got the W32/Suij.c virus and I can't shake it
   
BullGuard Antivirus Forum > Virus Removal > Removal Tools > I got the W32/Suij.c virus and I can't shake it  
Forum Quick Jump
 
New Topic Post reply to : I got the W32/Suij.c virus and I can't shake it Printable version of : I got the W32/Suij.c virus and I can't shake it
[ << Previous Thread | Next Thread >> ]

Barry
New Member


Date Joined Apr 2004
Total Posts : 1
  		   Posted 4-28-2004 8:22 (GMT +1)    Quote: I got the W32/Suij.c virus and I can't shake itAlert an admin about: I got the W32/Suij.c virus and I can't shake it
 Anyone know how I can remove this. i have not found any removal utility for it. Appreciate your help. Thanks.
Back to Top
 

Petria
Junior Member


Date Joined Mar 2004
Total Posts : 90
  		   Posted 4-29-2004 7:18 (GMT +1)    Quote: I got the W32/Suij.c virus and I can't shake itAlert an admin about: I got the W32/Suij.c virus and I can't shake it
This is not a Bullguard definition of viruses.. so I advise you to try Bullguard and see if after a full scan the problem is solved.

If not just contact Bullguard support and they will help you with either a removal tool or helpful suggestions...
Back to Top
 

Renee
New Member


Date Joined Jun 2004
Total Posts : 4
  		   Posted 7-1-2004 7:55 (GMT +1)    Quote: I got the W32/Suij.c virus and I can't shake itAlert an admin about: I got the W32/Suij.c virus and I can't shake it
I also have the w32/suij.c virus and am also having a hard time getting rid of it. I have tryed a fer virus scans and they can not disinfect the file. If  you hear of anything that works please let me know. Thanx
Back to Top
 

SClyde
New Member


Date Joined Jun 2004
Total Posts : 20
  		   Posted 7-29-2004 1:09 (GMT +1)    Quote: I got the W32/Suij.c virus and I can't shake itAlert an admin about: I got the W32/Suij.c virus and I can't shake it
O GOD.. YOU GUYS FOUND A DIAMOND IN THE DIRT THAT AINT BEEN FOUND! AS OF THIS POST, no minor/major ANTIVIRUS company has a product to delete W32/Suij.c ! This virus has barely been caught less than 300 times! GIVE ME THE URL TO WHERE I CAN DOWNLOAD IT AND THEN I'LL RUN IT ON MY P.C., see its symptons, and play around with it... 
 
I haven't tested this Virus hands on yet(nor can i find it as hard as i try), so You Probably don't want to use  these instructions. 
 
 
But I'm almost positive this would be how to delete it.
 
W32/Suij.c virus hides in
C:\Device\harddisk\volume1
\Program files\commonfiles\updmgr\updmgr.exe
or
C:\Program Files\Common Files\updmgr\updmgr.exe
and can't be deleted...
 
NOW WHATS REALLY NEAT ABOUT THIS 'VIRUS' IS THAT WELL, USUALLY
Common Files\updmgr\updmgr.exe IS SUPPOSE TO BE  KEENVALUE ADWARE/SPYWARE
distributed by eU.. But I guess they are stepping up their game and now using viruses.
 
Now In this particular case, to delete W32/Suij.c virus,
use this particular online virus scanner ->
and if for some reason its still there...
Next, Turn off system restore / Restart in Safe mode
 
Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type REGEDIT , CLICK OK
Browse to the key:
'HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run'
In the right panel, delete the value called 'updmgr'
Exit the registry editor.
Start Windows Explorer and delete:
%ProgramsDir%\Common Files\updmgr\
And if found delete
rvupdmgr.exe
simgr.exe
fsg.exe or fsg_4104.exe or any fsg...exe files
Note: %ProgramsDir% is a variable (?). By default, this is C:\Program Files.
Restart your computer to default mode
CHECK IF ITS STILL THERE, if it is proceed to
open a DOS command prompt window (from Start->Programs->Accessories) and enter the following commands:
cd "%WinDir%\System"
regsvr32 /u "\Program Files\Incredifind\BHO\BHO.dll"
regsvr32 /u "\Program Files\PowerSearch\Toolbar\pwrs0rbi.dll"
Next, for either variant, open the registry (click 'Start', choose 'Run' and enter 'regedit') and find the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. Remove the 'KeenValue' entry. Also Delete
HKEY_CURRENT_USER\Software\Visicom Media\PWRS0RBI
HKEY_LOCAL_MACHINE\SOFTWARE\eUniverse
HKEY_LOCAL_MACHINE\SOFTWARE\KeenValue
Delete the 'KeenValue' and 'PowerSearch' keys from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall can be deleted if you still have them.)
Next, restart your computer and you should be able to delete the 'KeenValue' folder inside the Program Files\Common Files folder. For the Incredifind variant you can also delete the Program Files folders 'PowerSearch', 'Incredifind' and 'Dynamic Toolbar\PWRS0RBI'.


Back to Top
 
New Topic Post reply to : I got the W32/Suij.c virus and I can't shake it Printable version of : I got the W32/Suij.c virus and I can't shake it
 
Forum Information
Currently it is Saturday, November 22, 2008 3:41 PM (GMT +1)
There are a total of 64.053 posts in 15.836 threads.
In the last 3 days there were 26 new threads and 156 reply posts. View Active Threads
Who's Online
This forum has 27198 registered members. Please welcome our newest member, shahed.
46 Guest(s), 1 Registered Member(s) are currently online.  Details
RAYJAY
5 Latest Threads
HELP I AM GOING MAD (6)22-11-2008 13:54:37 (traceyd31)
Redirecting virus? (7)22-11-2008 13:42:54 (r1ch1e)
Antivirus trigger is now the threat or what? (6)22-11-2008 13:01:06 (thegascomp)
Generic.PWS.WoW.B7078E0 (16)22-11-2008 11:55:15 (Behram)
Help please!!! (15)22-11-2008 10:05:45 (Touch)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard