Sohanad is a worm that spreads itself by sending links to your contacts in messengers like Yahoo, AOL and Windows Live messengers. It changes the Internet Explorer (IE) home page and doesn’t let you change the homepage address. It also disables Registry Editor, Task Manager and the Run option in Start-menu.

It tries to download some files:

– The location is the following:
• http://st83.startlogic.com/**********/Gallery/albums/data/YMworm.exe
It is saved on the local hard drive under: %SYSDIR%\svchost.exe Furthermore this file gets executed after it was fully downloaded. At the time of writing this file was not online for further investigation.

– The location is the following:
• http://st83.startlogic.com/**********/Gallery/albums/data/worm2007.exe
It is saved on the local hard drive under: %SYSDIR%\svchost32.exe Furthermore this file gets executed after it was fully downloaded. At the time of writing this file was not online for further investigation.

The details of the message sent out by this worm are;

Do you realize who is in this image: http://{BLOCKED}coolpics.net/who.jpg . Just think for a moment and tell me soon )
who is beside you in this pic http://thecoolpics.net/friendpic1.jpg so good-looking
the page cannot be displayed http://{BLOCKED}coolpics.net/error.jpg Something was wrong !!! Check it again and tell me later. THanks
Images shot in Iraq _ The war will never end http://{BLOCKED}coolpics.net/Iraqwar.jpg <<
Miss World 2006: http://{BLOCKED}coolpics.net/MissWorld.jpg !! <<
oh my god , i’ve won a 20000 usd lottery :O http://{BLOCKED}coolpics.net/mylottery.jpg <<

It also attempts to connect to the following website to download and execute some malicious files.

http://{BLOCKED}vey-sales.com/ipn/transactions/en.exe

http://{BLOCKED}vey-sales.com/ipn/transactions/link-en.exe

How to Remove Sohanad Virus from your computer/laptop?

i. Download the filder.rar Virus Removal Tool.
ii. Extract the filder.rar.
iii. Run the filder.exe.
iv. Remove virus from hard disk.
v. Now virus is removed from you computer.

Kinza.exe Virus Removal Tool

What does Kinza.exe does?

i. It make Computer too Slow.
ii. It makes stop response or restrict Task Manager, Regedit, CMD, Msconfig, Group
iii. Policies. Some Windows tools like Like Task Manager, Regedit suddenly gets closed or open for few second Like Task Manager, Regedit, etc.
iv. Folder Options is Disable from Windows Explorer
v. It hide the hidden files.
vi. It extract itself and create lot of exe, dll, boot.vbs files

Source
i. Main source is Internet.
ii. Pen Drive which have Kinza.exe infected.
iii. CD which have Kinza.exe infected.

How to Remove Kinza.exe from your computer/laptop?

i. Download the Kinza.exe Virus Removal Tool.
ii. Turn off the System Restore point.
iii. Restart the computer the computer in Safemode.
iv. double click kinza.bat from the extracted file.
v. Delete temp file and internet temp file.
vi. Restart the computer.

Now your PC is free from kinza.exe