WSV
|
Description:
|
Dialer
|
|
Risk Level:
|
High
|
|
Date of First Occurence:
|
Monday, April 21, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
WSV installs itself and attempts to use the modem to dial a high-cost telephone number.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SUPPRIMER SPYWARE »
Geographical Distribution of Threat "WSV"
Threat Info
View All
Detected Items
- Detected Files:
%SYSDIR%\dload.exe
MD5: A9A82E7BFBEBD9ECFB0375AFEEF82F9D Size:17408
MD5: 8C0B95CB20BA366CB070380BFBAD40A5 Size:30408
MD5: 8811356C417A4E1C6C30FDC2387DB8FD Size:28672
MD5: 91A636148FA50EB57ADD2FE45614F5E7 Size:28160
MD5: 96399397AF809D793CC1A57B6B26BEE5 Size:9216
MD5: 813BF3530434C9414DFE8443E722A415 Size:80533
MD5: D43FFD14B2DDD4424625CE601039583B Size:11008
MD5: 029818754CE40A969AF735E5674B417F Size:19968
MD5: 55C94BE83DDB3269A4898FB27173DAD7 Size:17664
MD5: 96934C97569ABF1147BA0F7B13DD14BA Size:23296
MD5: 2D22F37B835CB0F2383E47AC3A9FA387 Size:30464
%PROGRAMFILES%\WebSiteViewer\111881.exe
MD5: 5EB44A48A3C57D09EF0914CCB67BE52F Size:23816
%WINDIR%\cerbmod.dll
MD5: 5FCD5E8E4BB019AF96B6B4A0EEB54BED Size:27136
MD5: D2FC3772DEDB6DD1B2521E95F9AEFAFF Size:1481
%PROGRAMFILES%\WebSiteViewer\110094.exe
MD5: 1A7213642D4D6182CCE9CD96B6A0237D Size:26328
MD5: CEE02D684E327F7B0C99FBC9D5A52505 Size:26328
%PROGRAMFILES%\WebSiteViewer\ppv.exe
MD5: C27E187BC91D126EA104AE3075B652B4 Size:75776
MD5: E80D549ACCC3171E1E368BDECA165656 Size:74752
MD5: 98DC3915B815DF8C17DF29C267A9DF7B Size:75264
MD5: EA587B23783B812334A649F78853403C Size:76288
%PROGRAMFILES%\WebSiteViewer\108186.exe
MD5: 1BBC0553BBC3CEAD1B73BE088B954213 Size:23816
%PROGRAMFILES%\WebSiteViewer\120124.exe
MD5: 8C811ED51FD958F946937FEB65F14704 Size:23816
%PROGRAMFILES%\WebSiteViewer\124491.exe
MD5: 9C37CC88C3994095E7AAC9D27108DC6A Size:26328
%PROGRAMFILES%\WebSiteViewer\124842.exe
MD5: 4393B653EAD2BF1A5903E1244A1D6949 Size:23816
%PROGRAMFILES%\WebSiteViewer\112023.exe
MD5: 6FD854364DBD3755E01964FDA974B8E7 Size:23816
%PROGRAMFILES%\WebSiteViewer\124530.exe
MD5: 24EE759BF31ADF8F6BD044F288B52BDA Size:23816
%PROGRAMFILES%\WebSiteViewer\109152.exe
MD5: 506516A90B3A0261616DF1F738596A17 Size:22760
%PROGRAMFILES%\WebSiteViewer\113261.exe
MD5: A3D8F57640C5261950158D5BD4826045 Size:23816
%PROGRAMFILES%\WebSiteViewer\119563.exe
MD5: 8325FEEAD4DE309C3468687FCA7B5014 Size:23816
%SystemDiskRoot%\misb.exe
MD5: CEB7B14CB1B8685B451C1ACA4C5C38BD Size:522
MD5: 9ECB1C472E8D29F122C7C32744F2F579 Size:27320
%PROGRAMFILES%\WebSiteViewer\122290.exe
MD5: 04A12A5D6037FF52DE718FFBDD771B75 Size:19584
%PROGRAMFILES%\WebSiteViewer\111867.exe
MD5: A88858E3052790677A4254ED283A2913 Size:23816
%PROGRAMFILES%\WebSiteViewer\113021.exe
MD5: F0DC680F9068AF612CA88CE3E6D7D6ED Size:23816
%PROGRAMFILES%\WebSiteViewer\111857.exe
MD5: BDAEF2A04AFAC8E6B10B629D35FDBC10 Size:22792
%PROGRAMFILES%\WebSiteViewer\119209.exe
MD5: 5B25B5B6A5AFF75F7BCAA8CD7A21DB0D Size:23784
%PROGRAMFILES%\WebSiteViewer\111781.exe
MD5: B626AB0FD5D85236DCB0E73EBECDEC2E Size:23816
%PROGRAMFILES%\WebSiteViewer\117728.exe
MD5: DC6FDBEE2DC9438306215E15FB26AC3C Size:27320
%PROGRAMFILES%\WebSiteViewer\128034.exe
MD5: 089B27A6C40FA2B80C1AD069A9DAECF4 Size:77824
%PROGRAMFILES%\WebSiteViewer\112220.exe
MD5: 39603087B93074B6C9CB34DBCA3754C2 Size:22792
%PROGRAMFILES%\WebSiteViewer\113140.exe
MD5: 744C7C2CD782D7C69471096949CE4A09 Size:23784
%PROGRAMFILES%\WebSiteViewer\109185.exe
MD5: 5ABFE0ABAB0AC26DFF3091178B562518 Size:23816
%PROGRAMFILES%\WebSiteViewer\125926.exe
MD5: 794D497CD5C43A6C2C8CBD9E70402C56 Size:27320
- Detected Files with variable Filenames:
MD5: D17DB81EFD5906EEBBBC05278505AA5C Size: 20480
%PROGRAMFILES%\WebSiteViewer\9248448temp.exe
%PROGRAMFILES%\WebSiteViewer\113261.exe
%PROGRAMFILES%\WebSiteViewer\12972084temp.exe
%PROGRAMFILES%\WebSiteViewer\111867.exe
%PROGRAMFILES%\WebSiteViewer\15134772temp.exe
%PROGRAMFILES%\WebSiteViewer\120104.exe
%PROGRAMFILES%\WebSiteViewer\9313984temp.exe
%PROGRAMFILES%\WebSiteViewer\111153.exe
%PROGRAMFILES%\WebSiteViewer\121643.exe
%PROGRAMFILES%\WebSiteViewer\10559168temp.exe
%PROGRAMFILES%\WebSiteViewer\121717.exe
and next 7 variations.
MD5: 63A671BDBD85D4F411FF00464B500848 Size: 13824
%PROGRAMFILES%\WebSiteViewer\9248400temp.exe
%PROGRAMFILES%\WebSiteViewer\120619.exe
%PROGRAMFILES%\WebSiteViewer\121925.exe
MD5: 98DC3915B815DF8C17DF29C267A9DF7B Size: 75264
%PROGRAMFILES%\WebSiteViewer\ppv.exe
%PROGRAMFILES%\WebSiteViewer\ppv.exe.ren
MD5: 9ECB1C472E8D29F122C7C32744F2F579 Size: 27320
%SystemDiskRoot%\misb.exe
%PROGRAMFILES%\WebSiteViewer\127036.exe
MD5: 2F47B3460DCD6D466223C9A223721206 Size: 23816
%PROGRAMFILES%\WebSiteViewer\111804temp.exe
%PROGRAMFILES%\WebSiteViewer\111804.exe
Detecting items list:
- Files by Name
%Windir%\drexinit.dll
%Windir%\cerbmod.dll
%Sysdir%\dload.exe
%SystemdiskRoot%\misb.exe
- Files by Directories
%ProgramFiles%\WebSiteViewer
- Files by CLSID or Name
CLSID=A0269420-A638-4509-889C-8FC3CC85DA7E
CLSID=C1C2AC28-5E4B-4228-B7A0-05E986FFCE14
CLSID=A0269420-A638-4509-889C-8FC3CC85DA7E
CLSID=C1C2AC28-5E4B-4228-B7A0-05E986FFCE13
CLSID=25720328-5F2D-4B90-920C-2C244165CFF3
CLSID=5FF31463-6856-4604-BEE9-D84C92F60BA4
CLSID=DB767162-0D30-4181-9ED6-8019F6452FFF
CLSID=0B454D9A-29BB-4930-A0C7-C87F21F82882
CLSID=D88DA98D-48BA-4116-96AB-77C38EAE487F
CLSID=C4855F24-2FEE-4253-AF26-24D539508AB1
CLSID=9C1AB637-F5E9-4C5D-BD2F-0EB389905301
CLSID=0F9561D0-03B2-44a3-89A6-E95E417CBA25
CLSID=491BE5B7-A7F8-40EC-AAD4-CBA11FDFD814
CLSID=29358AA6-679D-44EA-8A51-59A3C6E6F811
- Registry Keys
HKLM\SOFTWARE\WebSiteViewer
«
Go to Software Database
