webHancer
|
Description:
|
Spyware
|
|
Risk Level:
|
High
|
|
Date of First Occurence:
|
Monday, April 14, 2008
|
|
Software Developer:
|
WebHancer Corporation
|
|
Brief Info:
|
Webhancer is a program that monitors Web sites visited and sends this information to a remote server.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SUPPRIMER SPYWARE »
Geographical Distribution of Threat "webHancer"
Threat Info
View All
Detected Items
- Detected Files:
%TEMP%\sporder.dll
MD5: F12E514AEA35CD28BA6C080E707550F9 Size:8464
MD5: 97F50C3E6EEB45CBE2413431F1BB52FB Size:8464
MD5: C5C389AC9F9DE572B443CEF6E78214B7 Size:6138
%PROGRAMFILES%\webHancer\Programs\whinstaller.exe
MD5: 3EA39F5BE46BBDB9B4E210975EBAFF87 Size:249856
MD5: 37D387740E3A7B37FDCBCDD596E4CE07 Size:249856
MD5: 900E5BFD42A04C16464E95EEFB86EE62 Size:249856
MD5: 551299175682230F488A7C201F15FDF4 Size:249856
MD5: B24A1E46996A11A50648F111033DEB51 Size:258048
MD5: 210D954F90CC0BABA2CF6E614377FED2 Size:258048
MD5: B02CA6E3E046083EF75FA78B274AC790 Size:249856
MD5: BF338EA53E585957E2CFC07C07BDAFF2 Size:249856
MD5: FF82D9DAC34559379BD4F96A8AA08AB3 Size:311296
MD5: 77C87EF7DB580249EA2C6130CC474626 Size:360448
%WINDIR%\whInstaller.exe
MD5: 81CBBEC324E381509CB225961CD797CE Size:32768
MD5: 47D926EF989DC6B00A227E7D530E58F5 Size:32768
MD5: D9FBBD131A0E48F466EBC92167E7E107 Size:32768
MD5: DA1CC34887F63B7D0600879564B0D00E Size:32768
MD5: 49A9ECABC3508725F4EE5F783FF7FF98 Size:32768
MD5: A63BBECF0C39222C027335482A844D90 Size:73728
%WINDIR%\wh.exe
MD5: 374991EFCE628D59FA8FE66A4EBD1C1F Size:239680
%PROGRAMFILES%\WEBHANCER\PROGRAMS\WHSURVEY.EXE
MD5: 91ABE7B9FD549AAC55612596AA3A77DE Size:143360
MD5: A2DE900E911810776AD83CFAEDAC55F4 Size:143360
MD5: FE0DB8715539D42FBF3064B46742D050 Size:139264
%PROGRAMFILES%\webHancer\programs\whiehlpr.dll
MD5: FD7EABC5C5FFB21908EAD00864DD95FF Size:106496
MD5: 37445896C9BEE85D6FD33104BA7EBD16 Size:86016
MD5: 00F223DA9C569B6BCA9606083FDE805C Size:86016
MD5: 99485942CA6DA1CB9BAA12C3243577E4
MD5: 99485942CA6DA1CB9BAA12C3243577E4 Size:159744
%PROGRAMFILES%\webHancer\Programs\whAgent.exe
MD5: 933EDEEBC9BD5203F6747E1EA152B52C Size:229376
%WINDIR%\webhdll.dll
MD5: 1F481ECEB3CE99690AC57935EA64420B Size:40960
MD5: ECD40C86E6EB29E71F9837231E3C485D Size:40960
MD5: 44B8FC06DED3148DCEC767E59C5310D9 Size:40960
MD5: E6F0E134BF7857EBBBC889894C72136A Size:40960
MD5: 9355953A273DF0BE863CCCBCB2CF9953 Size:61440
%PROGRAMFILES%\webHancer\Programs\whieshm.dll
MD5: 23D640999DE92DB66084E2B56AB9E70E Size:28672
%PROGRAMFILES%\webHancer\Programs\wbhshare.dll
MD5: 0AB3D2E52D12F506A3CDAE03824AD1D9 Size:45056
%PROGRAMFILES%\webHancer\Programs\whagent.exe
MD5: 3A212BCB0EA7F5F4753EB5204EC0E852 Size:172032
MD5: 5169BBE9ED545F47A3E6057260C6F103 Size:569344
MD5: ED4B0167A2BF50B7B5B7DB7FEE1FA684 Size:565248
MD5: E916880D4C06C39779474720009C95F0 Size:577536
MD5: F0B2D19D9EB7BF9BE2E6C95948967076
MD5: 39E2C81928879A3C7EABDC4793A4EA3A Size:323584
MD5: 485A3E69303E2DCF57016BEBA5D6369E Size:589824
MD5: 780E75D996C9F600406F3F9865F9737F Size:24588
MD5: 108D61E229ACD16DF2010D914F11E423 Size:647168
MD5: BCD2DB7DB4131CEB358ED837948519FD Size:630784
MD5: 247A9E8F63A7727F0ACCA7208D9F9B23 Size:581632
MD5: 0D372CDEF38CFE527AD577A9E857A90A Size:647168
and more....
%PROGRAMFILES%\webHancer\programs\whieshm.dll
MD5: 447AA0998CAA7B004328D2754CFF3162 Size:28672
%PROGRAMFILES%\webHancer\programs\wbhshare.dll
MD5: 8A94605F26BE0696C8E52B8F5C1352F1 Size:45056
%PROGRAMFILES%\webHancer\Programs\whsurvey.exe
MD5: C716953B7CEDF78056FE0D4C132A5B8A Size:143360
MD5: 254457A07FA4E990166741A2D0CD47A5 Size:143360
%PROGRAMFILES%\webHancer\Programs\webhdll.dll
MD5: 7851EA01066CD4DA830008959C970113 Size:114688
MD5: 0C2C72AB805C92FC415AC7C62AB57D25 Size:114688
MD5: ACC411AFCA4D89FE83F510CA633749B7 Size:233472
MD5: A50A479B7DC2152CFB2471C4797EC01E
MD5: A50A479B7DC2152CFB2471C4797EC01E Size:122880
%PROGRAMFILES%\whinstall\whiehlpr.dll
MD5: 7BC959B12515E0D71C23B78D7170D5DC Size:106496
MD5: 06D09F866F02DBFF69ACBF5C6528863B Size:110592
%PROGRAMFILES%\whinstall\whinstaller.exe
MD5: C9238F3EE3D1018B827D54C9A218BC3A Size:106496
%PROGRAMFILES%\whinstall\whagent.exe
MD5: 46474587EB44FCF41004CCFB85D21822 Size:229376
%PROGRAMFILES%\webHancer\Programs\whiehlpr.dll
MD5: 684C9C12E88DFE79DA2DFA39E50E0F2D Size:221184
%PROGRAMFILES%\webHancer\Programs\sporder.dll
MD5: 4D1D31B74441280149D9CA682916784E Size:210944
%PROGRAMFILES%\webHancer\whAgent_update.exe
MD5: 6FE28819FDDAD8CE6005ED1EAEEB4101 Size:397356
MD5: 69D13FA8E88A3878FB083C50E877543D Size:395234
MD5: 42D48811F1643B112585218A6C86A73E Size:234338
MD5: A1DEADBBDE65F0A0CCEE194CDCEEE505 Size:379564
%TEMP%\whiehlpr.dll
MD5: 4A60746E423258DFF2B2319A0F4BB9E6 Size:69632
%TEMP%\whieshm.dll
MD5: 620AFE6654B9E8122219D0661BDBF0AF Size:40960
%TEMP%\whAgent.exe
MD5: 9F38CA8C5270E0D85B551C05872CBC34 Size:180224
%TEMP%\regwebh.dll
MD5: 27E996E4F6B0F01EBD9F2E58A706949E Size:32768
%PROGRAMFILES%\webHancer\Programs\whSurvey.exe
MD5: 639843A6D31AF426FB0DBD7B0E2598F8 Size:143360
%PROGRAMFILES%\webHancer\Programs\whiehlpr(2).dll
MD5: FCC04F2408AAB3B4691D8F3A7A4911F4 Size:151552
%PROGRAMFILES%\webHancer\Programs\whagent(2).exe
MD5: FC120385E23206977518B4EDBF4DAAAC Size:532480
%PROGRAMFILES%\webHancer\Programs\webhdll(2).dll
MD5: ADFC83A067ACA94F47F081E924803BFD Size:110592
%PROGRAMFILES%\webHancer\Programs\whagent.exe
MD5: 946AD6CE630E31F867F55E0D72802889 Size:569344
- Detected Files with variable Filenames:
MD5: D80A3177B2E84E5D0249EF86C9AF9872 Size: 249856
%PROGRAMFILES%\webHancer\Programs\whinstaller.exe
%PROGRAMFILES%\webHancer\Programs\SETD.tmp
%PROGRAMFILES%\webHancer\Programs\whinstaller.exe.ren
MD5: 471789F182C0B60304CE19F023D8911D Size: 11264
%PROGRAMFILES%\webHancer\Programs\sporder.dll
%PROGRAMFILES%\whinstall\sporder.dll
%TEMP%\sporder.dll
MD5: F0B2D19D9EB7BF9BE2E6C95948967076 Size: 569344
%PROGRAMFILES%\webHancer\Programs\whagent.exe
%PROGRAMFILES%\webHancer\Programs\whagent(5).exe
%PROGRAMFILES%\webHancer\Programs\whagent(4).exe
%PROGRAMFILES%\webHancer\Programs\whagent(3).exe
%PROGRAMFILES%\webHancer\Programs\whagent(2).exe
%PROGRAMFILES%\webHancer\Programs\whagent.exe.ren
MD5: 3B2D852C7BEF818C8A7509CFA6097090 Size: 569344
%PROGRAMFILES%\webHancer\Programs\whagent.exe
%PROGRAMFILES%\webHancer\Programs\whagent.exe.ren
MD5: CB91D48690E8943DADD772273DFAA920 Size: 167936
%PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\WhAgent.exe
%PROGRAMFILES%\webHancer\Programs\whAgent.exe
MD5: 37445896C9BEE85D6FD33104BA7EBD16 Size: 86016
%PROGRAMFILES%\webHancer\programs\whiehlpr.dll
%PROGRAMFILES%\webHancer\Programs\whiehlpr(2).dll
MD5: BC2160E39B3F680C62D2386FE357A1E4 Size: 159744
%PROGRAMFILES%\webHancer\Programs\whiehlpr.dll
%PROGRAMFILES%\webHancer\Programs\whiehlpr(2).dll
%PROGRAMFILES%\webHancer\Programs\trz16D.tmp
MD5: 5169BBE9ED545F47A3E6057260C6F103 Size: 569344
%PROGRAMFILES%\webHancer\Programs\whagent.exe
%PROGRAMFILES%\webHancer\Programs\whagent(2).exe
MD5: 2A3AA99DAFEFE247BCB1641676DBBE27 Size: 151552
%PROGRAMFILES%\webHancer\Programs\whiehlpr(3).dll
%PROGRAMFILES%\webHancer\Programs\whiehlpr.dll
%PROGRAMFILES%\webHancer\Programs\whiehlpr(2).dll
MD5: F430A7E23843A15D437D02DC944D06CF Size: 122880
%PROGRAMFILES%\webHancer\Programs\webhdll(4)(2).dll
%PROGRAMFILES%\webHancer\Programs\webhdll.dll
%PROGRAMFILES%\webHancer\Programs\webhdll(2).dll
MD5: 11E5A8369B4EA48F7999AEE548501720 Size: 32768
%PROGRAMFILES%\whinstall\whinstaller.exe
%WINDIR%\whInstaller.exe
MD5: 0ACDF5940A7D7756C4428C7C7AA9D3CD Size: 172032
%PROGRAMFILES%\whinstall\whagent.exe
%PROGRAMFILES%\WEBHANCER\PROGRAMS\WHAGENT.EXE
%PROGRAMFILES%\webHancer\Programs\SET23.tmp
MD5: 5E7303DB9AC2380F0FC195D287C8D7A5 Size: 114688
%PROGRAMFILES%\webHancer\Programs\webhdll(2).dll
%PROGRAMFILES%\webHancer\Programs\webhdll.dll
MD5: A50A479B7DC2152CFB2471C4797EC01E Size: 122880
%PROGRAMFILES%\webHancer\Programs\webhdll.dll
%PROGRAMFILES%\webHancer\Programs\webhdll(2).dll
%PROGRAMFILES%\webHancer\Programs\webhdll.dll.ren
MD5: 99485942CA6DA1CB9BAA12C3243577E4 Size: 159744
%PROGRAMFILES%\webHancer\programs\whiehlpr.dll
%PROGRAMFILES%\webHancer\Programs\_whiehlpr.dll
%PROGRAMFILES%\webHancer\Programs\whiehlpr.dll.ren
MD5: DC9D401101D65D9299222978D8E0B58F Size: 143360
%PROGRAMFILES%\webHancer\Programs\whSurvey.exe
%PROGRAMFILES%\webHancer\Programs\SET27.tmp
MD5: F122CE2F6608B7504D61D6A3AFFB075A Size: 565248
%PROGRAMFILES%\webHancer\Programs\bak\whagent.exe
%PROGRAMFILES%\webHancer\Programs\whagent.exe
Detecting items list:
- Files by Name
%ProgramFiles%\webHancer\Programs\whagent.exe
%ProgramFiles%\webHancer\Programs\webhdll.dll
%ProgramFiles%\webHancer\Programs\sporder.dll
%ProgramFiles%\webHancer\Programs\wbhshare.dll
%ProgramFiles%\webHancer\speedrank\whspeedrank.exe
%ProgramFiles%\webHancer\Programs\whiehlpr.dll
%ProgramFiles%\webHancer\Programs\whieshm.dll
%windir%\webhdll.dll
%windir%\wh.exe
%windir%\whInstaller.exe
%temp%\atlansi.dll
%temp%\atlunicode.dll
%temp%\regwebh.dll
%temp%\sporder.dll
%temp%\wbhshare.dll
%temp%\whAgent.exe
%temp%\whieshm.dll
%temp%\whInstaller.exel
%temp%\whiehlpr.dll
%ProgramFiles%\webHancer\Programs\whsurvey.exe
%ProgramFiles%\whinstall\sporder.dll
%ProgramFiles%\whinstall\swebhdll.dll
%ProgramFiles%\whinstall\whagent.exe
%ProgramFiles%\whinstall\whiehlpr.dll
%ProgramFiles%\whinstall\whinstaller.exe
%ProgramFiles%\whinstall\whsurvey.dll
- Files by MD5
MD5: 2417C7A72D092B3118FB1B0CABDA36F0 Size: 525770
- Files by Directories
%ProgramFiles%\webHancer
- Files by CLSID or Name
CLSID=c89435b0-cdfe-11d3-976a-00e02913a9e0
CLSID=c900b400-cdfe-11d3-976a-00e02913a9e0
- Registry Keys
HKLM\software\webhancer
«
Go to Software Database
