My Assistant
Site Message
(Message will auto close in 2 seconds)
Logged in as: iSergiwa ( Log Out )
My Controls · View New Posts · My Assistant · My Friends · 0 New Messages
  |
 Help Removing Sohanad.as Virus |
 Today, 08:32
Post
#1
|
|
|
Newbie  Group: Members Posts: 1 Joined: Today, 08:24  |
Hi Mates,
My system is Infected With This Virus .Could You First Brief Me What All It does And How To Remove The Same From My system .Fast Help Would Be Appreciate .I am a Reseller In India And Sell Approx 500 Licenses Quarterly . Regards Amarbir Lynx |
  |
 
|
|
Today, 12:19
Post
#2
|
|
 Global Moderator Group: Moderators Posts: 15513 Joined: 7.04.2005 |
What happens when you scan with Kaspersky.....?......also see this:http://forum.kaspersky.com/index.php?showtopic=21869.
-------------------- Errare humanum est
Member of: Kaspersky connoisseurs Kaspersky Product Downloads Kaspersky Webscanner |
|
|
|
|
Today, 14:26
Post
#3
|
|
 Section Moderator Group: Members Posts: 2386 Joined: 9.03.2007 From: London/Великобритания |
As far as I can remember, sohanad is an Instant Messaging worm that
spreads via chat networks such as MSN Messengner and Yahoo IM. The worm
will usually make a copy of itself disguised as SVICHOSST.exe in the
windows folder and some other places, disable the taskmanager, regedit
and some other system tools to try and prevent disinfection.
--------------------  KL product updates Keyfile Creator GetSystemInfo Parser Online Virus Scanner Kaspersky Lab Personal Security Professional Member of: Kaspersky connoisseurs |
|
|
|
|
Today, 14:38
Post
#4
|
|
 Forum Elite Group: Gold beta testers Posts: 28212 Joined: 28.01.2006 From: Timisoara, Romania |
in c:\windows & c:\windows\system32 (i have a very similar variant
to study), some, most likely this one too, also change the shell value
to include themselves, in addition to the classic hklm\software\..\run
entry.
disable folder options, task manager regedit and possibly run + it's a autorun.inf "favorite". This post has been edited by Lucian Bara: Today, 14:39 -------------------- Download the latest product version ● Kaspersky removal tool ● F.A.Q for beta testers ● What information to post when seeking help ● Frequently encountered messages
--------------------------------------------------------------- Intel Pentium 4 Prescot 540(LGA) 3,2GHz, Msi Asus P5PL2-E, 1024MB-DDR2 (2*512), Leadtek PX6600 256MB, Teac DV-W516GA, Leadtek tv2000 xp Expert, HDD 200GB*2 (sata/sata2) |
|
|
|
|
Today, 21:28
Post
#5
|
|
 Advanced Member Group: Members Posts: 122 Joined: 20.03.2006 From: Derna - Libya |
QUOTE(Amarbir @ 24.10.2007 08:32)  Hi Mates, My system is Infected With This Virus .Could You First Brief Me What All It does And How To Remove The Same From My system .Fast Help Would Be Appreciate .I am a Reseller In India And Sell Approx 500 Licenses Quarterly . Regards Amarbir Lynx There are 3 variants I know of this worm: IM-Worm.Win32.Sohanad.as IM-Worm.Win32.Sohanad.ao IM-Worm.Win32.Sohanad.am A full scan with system restore off in safe mode with an updated Kaspersky will take care of all those variants. If there was something wrong with your Kaspersky, or if you got infected after you had paused Kaspersky protection for a short time, or before you got it updated, here, you'll find a modest tool which will take care of all Sohanad variants for you with one single click. SRT - Sohandad Removal Tool Download SRT from Sergiwa.com Download SRT from Softpedia.com Download SRT from CNet.com Note: * As Sohanad worm "deploys" itself almost in every folder in you computer, SRT may take a while to scan all your storage media; hard disk partitions, flash disks, external hard disks, iPods, MP3 pens... so please patient while scanning. Thank you for reading and being patient This post has been edited by iSergiwa: Today, 21:29 -------------------- I shall not waste my life trying to prolong it!
Sergiwa.com |
|
|
|
 |
1 User(s) are reading this topic (0 Guests and 1 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 24.10.2007 21:34 |