WSV

Description:	Dialer
Risk Level:	High
Date of First Occurence:	Monday, April 21, 2008
Software Developer:	(unknown)
Brief Info:	WSV installs itself and attempts to use the modem to dial a high-cost telephone number.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "WSV"

Threat Info

View All

Detected Items

Detected Files: %SYSDIR%\dload.exe MD5: A9A82E7BFBEBD9ECFB0375AFEEF82F9D Size:17408 MD5: 8C0B95CB20BA366CB070380BFBAD40A5 Size:30408 MD5: 8811356C417A4E1C6C30FDC2387DB8FD Size:28672 MD5: 91A636148FA50EB57ADD2FE45614F5E7 Size:28160 MD5: 96399397AF809D793CC1A57B6B26BEE5 Size:9216 MD5: 813BF3530434C9414DFE8443E722A415 Size:80533 MD5: D43FFD14B2DDD4424625CE601039583B Size:11008 MD5: 029818754CE40A969AF735E5674B417F Size:19968 MD5: 55C94BE83DDB3269A4898FB27173DAD7 Size:17664 MD5: 96934C97569ABF1147BA0F7B13DD14BA Size:23296 MD5: 2D22F37B835CB0F2383E47AC3A9FA387 Size:30464 %PROGRAMFILES%\WebSiteViewer\111881.exe MD5: 5EB44A48A3C57D09EF0914CCB67BE52F Size:23816 %WINDIR%\cerbmod.dll MD5: 5FCD5E8E4BB019AF96B6B4A0EEB54BED Size:27136 MD5: D2FC3772DEDB6DD1B2521E95F9AEFAFF Size:1481 %PROGRAMFILES%\WebSiteViewer\110094.exe MD5: 1A7213642D4D6182CCE9CD96B6A0237D Size:26328 MD5: CEE02D684E327F7B0C99FBC9D5A52505 Size:26328 %PROGRAMFILES%\WebSiteViewer\ppv.exe MD5: C27E187BC91D126EA104AE3075B652B4 Size:75776 MD5: E80D549ACCC3171E1E368BDECA165656 Size:74752 MD5: 98DC3915B815DF8C17DF29C267A9DF7B Size:75264 MD5: EA587B23783B812334A649F78853403C Size:76288 %PROGRAMFILES%\WebSiteViewer\108186.exe MD5: 1BBC0553BBC3CEAD1B73BE088B954213 Size:23816 %PROGRAMFILES%\WebSiteViewer\120124.exe MD5: 8C811ED51FD958F946937FEB65F14704 Size:23816 %PROGRAMFILES%\WebSiteViewer\124491.exe MD5: 9C37CC88C3994095E7AAC9D27108DC6A Size:26328 %PROGRAMFILES%\WebSiteViewer\124842.exe MD5: 4393B653EAD2BF1A5903E1244A1D6949 Size:23816 %PROGRAMFILES%\WebSiteViewer\112023.exe MD5: 6FD854364DBD3755E01964FDA974B8E7 Size:23816 %PROGRAMFILES%\WebSiteViewer\124530.exe MD5: 24EE759BF31ADF8F6BD044F288B52BDA Size:23816 %PROGRAMFILES%\WebSiteViewer\109152.exe MD5: 506516A90B3A0261616DF1F738596A17 Size:22760 %PROGRAMFILES%\WebSiteViewer\113261.exe MD5: A3D8F57640C5261950158D5BD4826045 Size:23816 %PROGRAMFILES%\WebSiteViewer\119563.exe MD5: 8325FEEAD4DE309C3468687FCA7B5014 Size:23816 %SystemDiskRoot%\misb.exe MD5: CEB7B14CB1B8685B451C1ACA4C5C38BD Size:522 MD5: 9ECB1C472E8D29F122C7C32744F2F579 Size:27320 %PROGRAMFILES%\WebSiteViewer\122290.exe MD5: 04A12A5D6037FF52DE718FFBDD771B75 Size:19584 %PROGRAMFILES%\WebSiteViewer\111867.exe MD5: A88858E3052790677A4254ED283A2913 Size:23816 %PROGRAMFILES%\WebSiteViewer\113021.exe MD5: F0DC680F9068AF612CA88CE3E6D7D6ED Size:23816 %PROGRAMFILES%\WebSiteViewer\111857.exe MD5: BDAEF2A04AFAC8E6B10B629D35FDBC10 Size:22792 %PROGRAMFILES%\WebSiteViewer\119209.exe MD5: 5B25B5B6A5AFF75F7BCAA8CD7A21DB0D Size:23784 %PROGRAMFILES%\WebSiteViewer\111781.exe MD5: B626AB0FD5D85236DCB0E73EBECDEC2E Size:23816 %PROGRAMFILES%\WebSiteViewer\117728.exe MD5: DC6FDBEE2DC9438306215E15FB26AC3C Size:27320 %PROGRAMFILES%\WebSiteViewer\128034.exe MD5: 089B27A6C40FA2B80C1AD069A9DAECF4 Size:77824 %PROGRAMFILES%\WebSiteViewer\112220.exe MD5: 39603087B93074B6C9CB34DBCA3754C2 Size:22792 %PROGRAMFILES%\WebSiteViewer\113140.exe MD5: 744C7C2CD782D7C69471096949CE4A09 Size:23784 %PROGRAMFILES%\WebSiteViewer\109185.exe MD5: 5ABFE0ABAB0AC26DFF3091178B562518 Size:23816 %PROGRAMFILES%\WebSiteViewer\125926.exe MD5: 794D497CD5C43A6C2C8CBD9E70402C56 Size:27320
Detected Files with variable Filenames: MD5: D17DB81EFD5906EEBBBC05278505AA5C Size: 20480 %PROGRAMFILES%\WebSiteViewer\9248448temp.exe %PROGRAMFILES%\WebSiteViewer\113261.exe %PROGRAMFILES%\WebSiteViewer\12972084temp.exe %PROGRAMFILES%\WebSiteViewer\111867.exe %PROGRAMFILES%\WebSiteViewer\15134772temp.exe %PROGRAMFILES%\WebSiteViewer\120104.exe %PROGRAMFILES%\WebSiteViewer\9313984temp.exe %PROGRAMFILES%\WebSiteViewer\111153.exe %PROGRAMFILES%\WebSiteViewer\121643.exe %PROGRAMFILES%\WebSiteViewer\10559168temp.exe %PROGRAMFILES%\WebSiteViewer\121717.exe and next 7 variations. MD5: 63A671BDBD85D4F411FF00464B500848 Size: 13824 %PROGRAMFILES%\WebSiteViewer\9248400temp.exe %PROGRAMFILES%\WebSiteViewer\120619.exe %PROGRAMFILES%\WebSiteViewer\121925.exe MD5: 98DC3915B815DF8C17DF29C267A9DF7B Size: 75264 %PROGRAMFILES%\WebSiteViewer\ppv.exe %PROGRAMFILES%\WebSiteViewer\ppv.exe.ren MD5: 9ECB1C472E8D29F122C7C32744F2F579 Size: 27320 %SystemDiskRoot%\misb.exe %PROGRAMFILES%\WebSiteViewer\127036.exe MD5: 2F47B3460DCD6D466223C9A223721206 Size: 23816 %PROGRAMFILES%\WebSiteViewer\111804temp.exe %PROGRAMFILES%\WebSiteViewer\111804.exe

Detecting items list:

Files by Name %Windir%\drexinit.dll %Windir%\cerbmod.dll %Sysdir%\dload.exe %SystemdiskRoot%\misb.exe
Files by Directories %ProgramFiles%\WebSiteViewer
Files by CLSID or Name CLSID=A0269420-A638-4509-889C-8FC3CC85DA7E CLSID=C1C2AC28-5E4B-4228-B7A0-05E986FFCE14 CLSID=A0269420-A638-4509-889C-8FC3CC85DA7E CLSID=C1C2AC28-5E4B-4228-B7A0-05E986FFCE13 CLSID=25720328-5F2D-4B90-920C-2C244165CFF3 CLSID=5FF31463-6856-4604-BEE9-D84C92F60BA4 CLSID=DB767162-0D30-4181-9ED6-8019F6452FFF CLSID=0B454D9A-29BB-4930-A0C7-C87F21F82882 CLSID=D88DA98D-48BA-4116-96AB-77C38EAE487F CLSID=C4855F24-2FEE-4253-AF26-24D539508AB1 CLSID=9C1AB637-F5E9-4C5D-BD2F-0EB389905301 CLSID=0F9561D0-03B2-44a3-89A6-E95E417CBA25 CLSID=491BE5B7-A7F8-40EC-AAD4-CBA11FDFD814 CLSID=29358AA6-679D-44EA-8A51-59A3C6E6F811
Registry Keys HKLM\SOFTWARE\WebSiteViewer

« Go to Software Database

Pesquisar em nosso banco de dados de software

Navegar pelo Banco de dados

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias anteriores sobre malware »