Worm.IM.Sohanad
With a range of new PC threats that are marketed through malicious websites, it may be easy to overlook the nonetheless-still-dangerous Sohanad, a worm that blocks other programs and spreads itself in several ways. The latest Sohanad infection vectors include sites that pretend to provide information relevant to the US presidential election, through which Sohanad may be installed either automatically or manually. Variants of Sohanad can perform different functions, but most versions of Sohanad will attempt to disable security-related programs and/or instant messengers. SpywareRemove.com malware analysts strongly counsel that you do all that is necessary to keep Sohanad from using its multitude of infection methods to spread to new PCs. However, a competent anti-malware scanner should be capable of searching and deleting all copies of Sohanad without any problems.
How Politics Takes the Conflict to Your Hard Drive with Sohanad
Sohanad is a worm with over a dozen variants and correspondingly minor differentiations between their attacks (such as Sohanad.CN, which changes Internet Explorer's settings, or Sohanad.AE, which modifies your general system settings). However, all versions of Sohanad have been found to display common traits, with the most newsworthy being Sohanad's usage of malicious websites to install itself on new computers. These sites exploit search engine results to make their links appear highly-placed and then offer content that looks as though it's related to the US election contending between President Obama and Governor Romney. Installers for Sohanad may use exploits to install Sohanad without your permission or they may name installation files for Sohanad in ways that make them appear to be relevant news information.
SpywareRemove.com malware experts have also found that Sohanad often blocks other programs related to security or basic Windows functions. CMD.exe (the Windows Command Processor) is very often targeted, but other programs can include Task Manager, Registry Editor, system configuration utilities and some types of instant messengers. Usually, Sohanad also modifies your Registry in ways that disable security-related features and creates hidden copies of itself in several locations.
Sohanad's Journey from Your PC to Elsewhere
Sohanad's latest distribution scheme may use faux politics sites, but Sohanad has also been known to reproduce by other methods – particularly those common to other worms. SpywareRemove.com malware research team warns that Sohanad-infected PCs will also have their removable drives infected by hidden copies of Sohanad that use Autorun exploits to install themselves on new systems. Removable devices should, naturally, not be shared until they and the rest of the affected computer have been disinfected by good anti-malware programs.
Additional distribution tactics include spamming attacks that use your computer's resources to send instant messages with Sohanad to other victims. Since they may take up unexpected RAM and other system resources, these attacks can also degrade your PC's performance. Nonetheless, Sohanad infections shouldn't be assumed to display any type of distinctive symptoms that can be spotted by eye.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.