IM-Worm.Sohanad.bh
|
Description:
|
Worm
|
|
Risk Level:
|
Critical
|
|
Date of First Occurence:
|
Friday, May 09, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Computer worm is malicious software application designed to spread via computer networks.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SCAN & REMOVE NOW »
Geographical Distribution of Threat "IM-Worm.Sohanad.bh"
Threat Info
View All
Detected Items
- Detected Files:
%SYSDIR%\SSCVIHOST.exe
MD5: CECCB2606F6C834600F7A2381BC38660 Size:613431
MD5: E82BC72E21C01875545D473DE88327D9 Size:251392
- Detected Files with variable Filenames:
MD5: 58297312FCD984B04F712344A31198AC Size: 250975
%DESKTOP%\F12\F12.exe
%SYSDIR%\SCVHOST.exe
J:\New Folder.{21EC2020-3AEA-1069-A2DD-08002B30309D}\New Folder.{21EC2020-3AEA-1069-A2DD-08002B30309D}.exe
J:\SCVHOST.exe
E:\SCVHOST.exe
MD5: 6E11F5AFB482C45186F9E8551BDF765F Size: 250999
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP3\A0052343.exe
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP3\A0052342.exe
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP3\A0052341.exe
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP3\A0052340.exe
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP1\A0045621.exe
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP1\A0043346.exe
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP1\A0043345.exe
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP1\A0043344.exe
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP1\A0040210.exe
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP1\A0040209.exe
%SystemDiskRoot%\System Volume Information\_restore{2E0E3A98-E240-4C06-963C-E8AF7F64129C}\RP1\A0040208.exe
and next 1404 variations.
MD5: 7DA74766F1D688425B79F4636675F3CB Size: 250999
%SYSDIR%\SSCVIHOST.exe
F:\Microsoft Office\Office12\Office12.exe
F:\Microsoft Office\Office12\Groove\Groove.exe
F:\Microsoft Office\Office12\Groove\ToolData\ToolData.exe
F:\Microsoft Office\Office12\Groove\ToolData\groove.net\groove.net.exe
F:\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms4\GrooveForms4.exe
F:\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\FormsStyles.exe
F:\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\STS2.exe
F:\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\Swirl.exe
F:\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms5\GrooveForms5.exe
F:\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveProjectToolset\GrooveProjectToolset.exe
and next 1504 variations.
Detecting items list:
- Files by MD5
MD5: 7DA74766F1D688425B79F4636675F3CB Size: 250999
MD5: 58297312FCD984B04F712344A31198AC Size: 250975
MD5: 0D484ECE6B1D8546F8ED9408D91D0437 Size: 251392
MD5: E82BC72E21C01875545D473DE88327D9 Size: 251392
MD5: 02DFD87807112647A809494D62C9123D Size: 250999
MD5: CECCB2606F6C834600F7A2381BC38660 Size: 613431
MD5: 6E11F5AFB482C45186F9E8551BDF765F Size: 250999
MD5: 4F7B0CD9A0A362520452B3A359864DC0 Size: 250999
MD5: C62FF9DA5EA5BD262A0FFF07801E6A5A Size: 369664
«
Go to Software Database