webHancer

Description:	Spyware
Risk Level:	High
Date of First Occurence:	Monday, April 14, 2008
Software Developer:	WebHancer Corporation
Brief Info:	Webhancer is a program that monitors Web sites visited and sends this information to a remote server.
Removal:	This threat can be removed using "Spyware Terminator"

ENTFERNEN SPYWARE »

Geographical Distribution of Threat "webHancer"

Threat Info

View All

Detected Items

Detected Files: %TEMP%\sporder.dll MD5: F12E514AEA35CD28BA6C080E707550F9 Size:8464 MD5: 97F50C3E6EEB45CBE2413431F1BB52FB Size:8464 MD5: C5C389AC9F9DE572B443CEF6E78214B7 Size:6138 %PROGRAMFILES%\webHancer\Programs\whinstaller.exe MD5: 3EA39F5BE46BBDB9B4E210975EBAFF87 Size:249856 MD5: 37D387740E3A7B37FDCBCDD596E4CE07 Size:249856 MD5: 900E5BFD42A04C16464E95EEFB86EE62 Size:249856 MD5: 551299175682230F488A7C201F15FDF4 Size:249856 MD5: B24A1E46996A11A50648F111033DEB51 Size:258048 MD5: 210D954F90CC0BABA2CF6E614377FED2 Size:258048 MD5: B02CA6E3E046083EF75FA78B274AC790 Size:249856 MD5: BF338EA53E585957E2CFC07C07BDAFF2 Size:249856 MD5: FF82D9DAC34559379BD4F96A8AA08AB3 Size:311296 MD5: 77C87EF7DB580249EA2C6130CC474626 Size:360448 %WINDIR%\whInstaller.exe MD5: 81CBBEC324E381509CB225961CD797CE Size:32768 MD5: 47D926EF989DC6B00A227E7D530E58F5 Size:32768 MD5: D9FBBD131A0E48F466EBC92167E7E107 Size:32768 MD5: DA1CC34887F63B7D0600879564B0D00E Size:32768 MD5: 49A9ECABC3508725F4EE5F783FF7FF98 Size:32768 MD5: A63BBECF0C39222C027335482A844D90 Size:73728 %WINDIR%\wh.exe MD5: 374991EFCE628D59FA8FE66A4EBD1C1F Size:239680 %PROGRAMFILES%\WEBHANCER\PROGRAMS\WHSURVEY.EXE MD5: 91ABE7B9FD549AAC55612596AA3A77DE Size:143360 MD5: A2DE900E911810776AD83CFAEDAC55F4 Size:143360 MD5: FE0DB8715539D42FBF3064B46742D050 Size:139264 %PROGRAMFILES%\webHancer\programs\whiehlpr.dll MD5: FD7EABC5C5FFB21908EAD00864DD95FF Size:106496 MD5: 37445896C9BEE85D6FD33104BA7EBD16 Size:86016 MD5: 00F223DA9C569B6BCA9606083FDE805C Size:86016 MD5: 99485942CA6DA1CB9BAA12C3243577E4 MD5: 99485942CA6DA1CB9BAA12C3243577E4 Size:159744 %PROGRAMFILES%\webHancer\Programs\whAgent.exe MD5: 933EDEEBC9BD5203F6747E1EA152B52C Size:229376 %WINDIR%\webhdll.dll MD5: 1F481ECEB3CE99690AC57935EA64420B Size:40960 MD5: ECD40C86E6EB29E71F9837231E3C485D Size:40960 MD5: 44B8FC06DED3148DCEC767E59C5310D9 Size:40960 MD5: E6F0E134BF7857EBBBC889894C72136A Size:40960 MD5: 9355953A273DF0BE863CCCBCB2CF9953 Size:61440 %PROGRAMFILES%\webHancer\Programs\whieshm.dll MD5: 23D640999DE92DB66084E2B56AB9E70E Size:28672 %PROGRAMFILES%\webHancer\Programs\wbhshare.dll MD5: 0AB3D2E52D12F506A3CDAE03824AD1D9 Size:45056 %PROGRAMFILES%\webHancer\Programs\whagent.exe MD5: 3A212BCB0EA7F5F4753EB5204EC0E852 Size:172032 MD5: 5169BBE9ED545F47A3E6057260C6F103 Size:569344 MD5: ED4B0167A2BF50B7B5B7DB7FEE1FA684 Size:565248 MD5: E916880D4C06C39779474720009C95F0 Size:577536 MD5: F0B2D19D9EB7BF9BE2E6C95948967076 MD5: 39E2C81928879A3C7EABDC4793A4EA3A Size:323584 MD5: 485A3E69303E2DCF57016BEBA5D6369E Size:589824 MD5: 780E75D996C9F600406F3F9865F9737F Size:24588 MD5: 108D61E229ACD16DF2010D914F11E423 Size:647168 MD5: BCD2DB7DB4131CEB358ED837948519FD Size:630784 MD5: 247A9E8F63A7727F0ACCA7208D9F9B23 Size:581632 MD5: 0D372CDEF38CFE527AD577A9E857A90A Size:647168 and more.... %PROGRAMFILES%\webHancer\programs\whieshm.dll MD5: 447AA0998CAA7B004328D2754CFF3162 Size:28672 %PROGRAMFILES%\webHancer\programs\wbhshare.dll MD5: 8A94605F26BE0696C8E52B8F5C1352F1 Size:45056 %PROGRAMFILES%\webHancer\Programs\whsurvey.exe MD5: C716953B7CEDF78056FE0D4C132A5B8A Size:143360 MD5: 254457A07FA4E990166741A2D0CD47A5 Size:143360 %PROGRAMFILES%\webHancer\Programs\webhdll.dll MD5: 7851EA01066CD4DA830008959C970113 Size:114688 MD5: 0C2C72AB805C92FC415AC7C62AB57D25 Size:114688 MD5: ACC411AFCA4D89FE83F510CA633749B7 Size:233472 MD5: A50A479B7DC2152CFB2471C4797EC01E MD5: A50A479B7DC2152CFB2471C4797EC01E Size:122880 %PROGRAMFILES%\whinstall\whiehlpr.dll MD5: 7BC959B12515E0D71C23B78D7170D5DC Size:106496 MD5: 06D09F866F02DBFF69ACBF5C6528863B Size:110592 %PROGRAMFILES%\whinstall\whinstaller.exe MD5: C9238F3EE3D1018B827D54C9A218BC3A Size:106496 %PROGRAMFILES%\whinstall\whagent.exe MD5: 46474587EB44FCF41004CCFB85D21822 Size:229376 %PROGRAMFILES%\webHancer\Programs\whiehlpr.dll MD5: 684C9C12E88DFE79DA2DFA39E50E0F2D Size:221184 %PROGRAMFILES%\webHancer\Programs\sporder.dll MD5: 4D1D31B74441280149D9CA682916784E Size:210944 %PROGRAMFILES%\webHancer\whAgent_update.exe MD5: 6FE28819FDDAD8CE6005ED1EAEEB4101 Size:397356 MD5: 69D13FA8E88A3878FB083C50E877543D Size:395234 MD5: 42D48811F1643B112585218A6C86A73E Size:234338 MD5: A1DEADBBDE65F0A0CCEE194CDCEEE505 Size:379564 %TEMP%\whiehlpr.dll MD5: 4A60746E423258DFF2B2319A0F4BB9E6 Size:69632 %TEMP%\whieshm.dll MD5: 620AFE6654B9E8122219D0661BDBF0AF Size:40960 %TEMP%\whAgent.exe MD5: 9F38CA8C5270E0D85B551C05872CBC34 Size:180224 %TEMP%\regwebh.dll MD5: 27E996E4F6B0F01EBD9F2E58A706949E Size:32768 %PROGRAMFILES%\webHancer\Programs\whSurvey.exe MD5: 639843A6D31AF426FB0DBD7B0E2598F8 Size:143360 %PROGRAMFILES%\webHancer\Programs\whiehlpr(2).dll MD5: FCC04F2408AAB3B4691D8F3A7A4911F4 Size:151552 %PROGRAMFILES%\webHancer\Programs\whagent(2).exe MD5: FC120385E23206977518B4EDBF4DAAAC Size:532480 %PROGRAMFILES%\webHancer\Programs\webhdll(2).dll MD5: ADFC83A067ACA94F47F081E924803BFD Size:110592 %PROGRAMFILES%\webHancer\Programs\whagent.exe MD5: 946AD6CE630E31F867F55E0D72802889 Size:569344
Detected Files with variable Filenames: MD5: D80A3177B2E84E5D0249EF86C9AF9872 Size: 249856 %PROGRAMFILES%\webHancer\Programs\whinstaller.exe %PROGRAMFILES%\webHancer\Programs\SETD.tmp %PROGRAMFILES%\webHancer\Programs\whinstaller.exe.ren MD5: 471789F182C0B60304CE19F023D8911D Size: 11264 %PROGRAMFILES%\webHancer\Programs\sporder.dll %PROGRAMFILES%\whinstall\sporder.dll %TEMP%\sporder.dll MD5: F0B2D19D9EB7BF9BE2E6C95948967076 Size: 569344 %PROGRAMFILES%\webHancer\Programs\whagent.exe %PROGRAMFILES%\webHancer\Programs\whagent(5).exe %PROGRAMFILES%\webHancer\Programs\whagent(4).exe %PROGRAMFILES%\webHancer\Programs\whagent(3).exe %PROGRAMFILES%\webHancer\Programs\whagent(2).exe %PROGRAMFILES%\webHancer\Programs\whagent.exe.ren MD5: 3B2D852C7BEF818C8A7509CFA6097090 Size: 569344 %PROGRAMFILES%\webHancer\Programs\whagent.exe %PROGRAMFILES%\webHancer\Programs\whagent.exe.ren MD5: CB91D48690E8943DADD772273DFAA920 Size: 167936 %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\WhAgent.exe %PROGRAMFILES%\webHancer\Programs\whAgent.exe MD5: 37445896C9BEE85D6FD33104BA7EBD16 Size: 86016 %PROGRAMFILES%\webHancer\programs\whiehlpr.dll %PROGRAMFILES%\webHancer\Programs\whiehlpr(2).dll MD5: BC2160E39B3F680C62D2386FE357A1E4 Size: 159744 %PROGRAMFILES%\webHancer\Programs\whiehlpr.dll %PROGRAMFILES%\webHancer\Programs\whiehlpr(2).dll %PROGRAMFILES%\webHancer\Programs\trz16D.tmp MD5: 5169BBE9ED545F47A3E6057260C6F103 Size: 569344 %PROGRAMFILES%\webHancer\Programs\whagent.exe %PROGRAMFILES%\webHancer\Programs\whagent(2).exe MD5: 2A3AA99DAFEFE247BCB1641676DBBE27 Size: 151552 %PROGRAMFILES%\webHancer\Programs\whiehlpr(3).dll %PROGRAMFILES%\webHancer\Programs\whiehlpr.dll %PROGRAMFILES%\webHancer\Programs\whiehlpr(2).dll MD5: F430A7E23843A15D437D02DC944D06CF Size: 122880 %PROGRAMFILES%\webHancer\Programs\webhdll(4)(2).dll %PROGRAMFILES%\webHancer\Programs\webhdll.dll %PROGRAMFILES%\webHancer\Programs\webhdll(2).dll MD5: 11E5A8369B4EA48F7999AEE548501720 Size: 32768 %PROGRAMFILES%\whinstall\whinstaller.exe %WINDIR%\whInstaller.exe MD5: 0ACDF5940A7D7756C4428C7C7AA9D3CD Size: 172032 %PROGRAMFILES%\whinstall\whagent.exe %PROGRAMFILES%\WEBHANCER\PROGRAMS\WHAGENT.EXE %PROGRAMFILES%\webHancer\Programs\SET23.tmp MD5: 5E7303DB9AC2380F0FC195D287C8D7A5 Size: 114688 %PROGRAMFILES%\webHancer\Programs\webhdll(2).dll %PROGRAMFILES%\webHancer\Programs\webhdll.dll MD5: A50A479B7DC2152CFB2471C4797EC01E Size: 122880 %PROGRAMFILES%\webHancer\Programs\webhdll.dll %PROGRAMFILES%\webHancer\Programs\webhdll(2).dll %PROGRAMFILES%\webHancer\Programs\webhdll.dll.ren MD5: 99485942CA6DA1CB9BAA12C3243577E4 Size: 159744 %PROGRAMFILES%\webHancer\programs\whiehlpr.dll %PROGRAMFILES%\webHancer\Programs\_whiehlpr.dll %PROGRAMFILES%\webHancer\Programs\whiehlpr.dll.ren MD5: DC9D401101D65D9299222978D8E0B58F Size: 143360 %PROGRAMFILES%\webHancer\Programs\whSurvey.exe %PROGRAMFILES%\webHancer\Programs\SET27.tmp MD5: F122CE2F6608B7504D61D6A3AFFB075A Size: 565248 %PROGRAMFILES%\webHancer\Programs\bak\whagent.exe %PROGRAMFILES%\webHancer\Programs\whagent.exe

Detecting items list:

Files by Name %ProgramFiles%\webHancer\Programs\whagent.exe %ProgramFiles%\webHancer\Programs\webhdll.dll %ProgramFiles%\webHancer\Programs\sporder.dll %ProgramFiles%\webHancer\Programs\wbhshare.dll %ProgramFiles%\webHancer\speedrank\whspeedrank.exe %ProgramFiles%\webHancer\Programs\whiehlpr.dll %ProgramFiles%\webHancer\Programs\whieshm.dll %windir%\webhdll.dll %windir%\wh.exe %windir%\whInstaller.exe %temp%\atlansi.dll %temp%\atlunicode.dll %temp%\regwebh.dll %temp%\sporder.dll %temp%\wbhshare.dll %temp%\whAgent.exe %temp%\whieshm.dll %temp%\whInstaller.exel %temp%\whiehlpr.dll %ProgramFiles%\webHancer\Programs\whsurvey.exe %ProgramFiles%\whinstall\sporder.dll %ProgramFiles%\whinstall\swebhdll.dll %ProgramFiles%\whinstall\whagent.exe %ProgramFiles%\whinstall\whiehlpr.dll %ProgramFiles%\whinstall\whinstaller.exe %ProgramFiles%\whinstall\whsurvey.dll
Files by MD5 MD5: 2417C7A72D092B3118FB1B0CABDA36F0 Size: 525770
Files by Directories %ProgramFiles%\webHancer
Files by CLSID or Name CLSID=c89435b0-cdfe-11d3-976a-00e02913a9e0 CLSID=c900b400-cdfe-11d3-976a-00e02913a9e0
Registry Keys HKLM\software\webhancer

« Go to Software Database

Suchen Sie unsere Software Datenbank

Surfen Sie die Software Datenbank

Neueste Malware Nachrichten

23. September 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Ältere Malware Nachrichten »