First
Open task manager and kill process wscript.exe.
Then
Delete VirusRemoval.vbs and Autorun.inf files from all usb drives.
Then
Go to c:\Windows\System32 and delete the file VirusRemoval.vbs. It is super hidden so first go to Folder Options and check show hidden and super hidden check boxes. Also required for the above files.
Then
Go to HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
On the right side look for Shell which should have value of just explorer.exe.
delete anything after explorer.exe.
Under same key Winlogon also look for Userinit which should have value of
c:\WINDOWS\system32\userinit.exe,
Delete all the crap after the comma.
Then
Go to HKCU\Software\Microsoft\Internet Explorer\Main
On the right side locate Window Title and delete its value i.e. Sujin.com.np
Under the same key locate Start Page and delete its value i.e.
http://sujin.com.np/
I think that's all guys. I'm sure it will help.
Guys u can also disable the use of vbs and
js files from the registry. For that
Go to HKLM\Software\Microsoft\Windows Script Host\Settings
On the right look for REG_SZ called Enabled and change its value to 0 to turn Windows Scripting Host. After this even if you accidentally click on vbs or
js files it will display the message you can see on your own.