Remove Sohana. Description and removal instructions
Yahlover is able to camouflage its activities. This makes the worm difficult to notice, therefore difficult to remove. Yahlover may disable anti-virus programs and trick firewalls into taking the infection as it was regular software. It also runs automatically on boot. Yahlover is dangerous worm because its purpose is downloading other malwares. It is able to download and execute various trojans. Yahlover worm usually downloads infections from diesam.moe.hm, admin.waverevenue.com, bhxtakekep.net and sousi.extasix.com. Block these sources using your HOSTS file if you suspect Yahlover infection. Related files: 21srg698.au3.tb, csrcs.exe Sohana properties: • Connects itself to the internet • Hides from the user • Stays resident in background Automatic Sohana removal:remover for Sohana
Sohana manual removal:Kill processes:csrcs.exe sscvihost.exe Delete registry values: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\csrcs = "%System%\csrcs.exe" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "Explorer.exe csrcs.exe" HKLM\SOFTWARE\ESET\Nod\CurrentVersion\Modules\AMON\Settings\Config000\Settings\media_network = dword:00000000 HKLM\SOFTWARE\ESET\Nod\CurrentVersion\Modules\AMON\Settings\Config000\Settings\exc = HKLM\SOFTWARE\ESET\Nod\CurrentVersion\Modules\AMON\Settings\Config000\Settings\exc_num = dword:0000000c HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden = dword:00000002 HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SuperHidden = dword:00000000 HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden = dword:00000000 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue = dword:00000001 Delete files: csrcs.exe 21srg698.au3.tb Other programs to remove Sohana:• Malwarebytes Anti Malware - Review - Download• Malwarebytes Anti Malware - Review - Download • Windows Defender - Review - Download Information added: 21/12/07 Information updated: 24/06/09 Additional resources related to Sohana:Attention: If you know or you have a website or page about Sohana removal, feel free to add a link to this list: add url
more resources Post Comment:Attention: Use this form only if you have additional information about Sohana parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
|
Latest spyware news:
 Rogue security applications impersonate leading anti-virus manufacturers Attack of Waledac Worm is schedulled on July 4 Another Parasite Attack Spreads Via Twitter Free security product vets Twitter links Mac trojan targets game sites to infect users Security Threat at Fanny Mae Some web sites to avoid for today British Government will track all e-mail's YOUR SISTER NAKED LOLZ com “intervalhehehe” popupSubscribe to news 
Similar parasites:
|
FORUM:
HELP:
