W32.Zoher@mm
Aliases: I-Worm.Zoher, I-Worm.Zoher, Scherzo, Sheer, W32.Zoher@mm, W32/Sheer.A-mm
Variants: W32/Zoher, I-Worm/Zoher, WORM_ZOHER, W32/Zoher@mm, Zoher Internet Worm
Classification: Malware
Category: Computer Worm
Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 24 Dec 2001
Damage: Low
Characteristics: The W32.Zoher@mm program is a worm that arrives as an Italian email message with an executable file attachment. The W32.Zoher@mm worm attempts to execute itself and exploits Microsoft Outlook and Outlook Express vulnerability once the email message is opened or previewed.
W32.Zoher@mm Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Zoher@mm from your computer.
More details about W32.Zoher@mm
The W32.Zoher@mm is a worm that distributes itself through email. It comes as a forwarded message with a body and a subject in Italian, and comes with an executable file. Once the mail is opened or previewed in the window pane, the W32.Zoher@mm worm automatically runs itself and exploits the Microsoft Outlook, and Outlook Express vulnerability. The W32.Zoher@mm worm tries to spread its copies in the infected machine’s local network. It then sends itself out to all addresses in the address book using the SMTP mail server address that is stored in the system registry. The program is also made to download a text file from a specific malicious site which it uses to write the subject and message text of the e-mails it sends.Once the W32.Zoher@mm worm is executed, it immediately sends itself to everyone in the Microsoft Windows address book. The W32.Zoher@mm worm comes as a forwarded message having a subject of “Fw: Scherzo!” and a very long Italian message body and an executable file called “Javascript.exe.” On some systems, the executable file contained in the email is able to self-launch. This worm however does not install itself in the system, so cleaning up the infection is easy. Simply run a full system scan using the latest update of the infected computer’s security software, and delete all files that are detected as W32.Zoher@mm.
Browse for more malware information
- W32.Zoher@mm
- W32.Zori.B
- W32.Zorro@mm
- W32.Zotob.B
- W32.Zush@mm
- W64.Abul
- W64.Bounds
- W64.Rugrat.3344
- W95.Fix2001
- W95.Hybris.Plugin
- W95.HybrisF
- W95.MTX
- W32.AJM.Worm
- W32.Achar.Worm
- W32.Ackantta.B@mm
- W32.Ackantta@mm
- W32.Ackpra.A
- W32.Advegol
- W32.Ahker.B@mm
- W32.Ahlem.A@mm
- W32.Aidid
- W32.Aimdes.A@mm
- W32.Aizu.G
- W32.Alcarys.B@mm
- W32.Alco.gen
- W32.Alcra.A
- W32.Aliz.Worm
- W32.Allim
- W32.AllocUp.A
- W32.Almanahe.A
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.