Home Malware Programs Worms Win32.Xorer.Gen

Win32.Xorer.Gen

Posted: November 4, 2010

Threat Metric

Threat Level: 5/10
Infected PCs: 16
First Seen: January 9, 2011
OS(es) Affected: Windows

Win32.Xorer.Gen is a dangerous computer virus capable of modifying system files by infecting them. Win32.Xorer.Gen may attempt to replicate across the existing network and represents a security risk for the compromised system and its network environment. Win32.Xorer.Gen also contains a keylogger program that can capture all user keystrokes, including confidential details such username, passwords and credit card numbers. The stolen data could be used for blackmail or identity theft.

Aliases

W32/Sality.AF [Panda]Worm/Generic.BCMF [AVG]Win32/Sohaned.worm.230400 [AhnLab-V3]Win32/Yahlover.EV [eTrust-Vet]Packed.Win32.MUPX.Gen [Comodo]W32/AutoRun-YE [Sophos]Win32.WormSohaned.Bp [eSafe]Trojan [K7AntiVirus]I-Worm.Sohanad.gen [CAT-QuickHeal]W32/Sohanat.GQ.worm [Panda]W32/AutoIt.CE!worm [Fortinet]Worm.Win32.AutoIt [Ikarus]Trojan.Win32.AutoIT.gen (v) [Sunbelt]Win32/Autorun.worm.267089 [AhnLab-V3]Worm:Win32/Sohanad.AQ [Microsoft]
More aliases (49)

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%WINDIR%\system32\gphone.exe File name: gphone.exe
Size: 328.52 KB (328529 bytes)
MD5: 03fa52ab4abe1ce9365615374986c5a9
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: August 13, 2012
%WINDIR%\system32\gphone.exe File name: gphone.exe
Size: 350.2 KB (350208 bytes)
MD5: 6add430404ffe69257a4413ec9d2542a
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: January 9, 2011
Loading...