Home Malware Programs Adware Adware.Wisen Wizard

Adware.Wisen Wizard

Posted: February 11, 2014

Threat Metric

Threat Level: 2/10
Infected PCs: 3,122
First Seen: February 11, 2014
Last Seen: October 30, 2024
OS(es) Affected: Windows


Wisen Wizard Screenshot 1Adware.Wisen Wizard is adware that may be installed onto the computer system together with a variety of freeware that PC users can download from suspicious download websites on the Internet. Adware.Wisen Wizard may show numerous random pop-up ads, messages and banners or the ones associated with the computer user's browsing routine, which may carry offers, deals, sales and discount coupons, on the desktop of the PC. Adware.Wisen Wizard may offer the computer user to check prices comparisons, for example, when the PC user is visiting shopping-related or social networking websites. The pop-up ads of Adware.Wisen Wizard may declare to allegedly be sent by Adware.Wisen Wizard. If the PC user clicks on any pop-up ads, Adware.Wisen Wizard may forcibly reroute him to questionable that may be commercial. Adware.Wisen Wizard may market unidentified websites, services and products. Adware.Wisen Wizard may also gather information about the computer user's search terms, browsing habits and websites he is visiting.

Technical Details

Registry Modifications

The following newly produced Registry Values are:

CLSID{3E2F502B-5548-4066-88E1-9A93214AD7D5}{d7bbe586-f42a-454b-9794-776b57483a40}{FBCC351C-579A-4031-8C1D-4C69BCE3806D}HKEY..\..\..\..{RegistryKeys}SOFTWARE\Microsoft\Tracing\updatewisenwizard_RASAPI32SOFTWARE\Microsoft\Tracing\updatewisenwizard_RASMANCSSOFTWARE\Microsoft\Tracing\wisenwizard_RASAPI32SOFTWARE\Microsoft\Tracing\wisenwizard_RASMANCSSOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{d7bbe586-f42a-454b-9794-776b57483a40}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7BBE586-F42A-454B-9794-776B57483A40}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7BBE586-F42A-454B-9794-776B57483A40}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{D7BBE586-F42A-454B-9794-776B57483A40}Software\wisen wizardSOFTWARE\Wow6432Node\Microsoft\Tracing\updatewisenwizard_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewisenwizard_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\wisenwizard_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{d7bbe586-f42a-454b-9794-776b57483a40}SOFTWARE\Wow6432Node\wisen wizardSYSTEM\ControlSet001\services\eventlog\Application\Update wisen wizardSYSTEM\ControlSet001\services\Update wisen wizardSYSTEM\ControlSet002\services\eventlog\Application\Update wisen wizardSYSTEM\ControlSet002\services\Update wisen wizardSYSTEM\CurrentControlSet\services\eventlog\Application\Update wisen wizardSYSTEM\CurrentControlSet\services\Update wisen wizardHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}wisen wizard

Additional Information

The following directories were created:
%PROGRAMFILES%\wisen wizard%PROGRAMFILES(x86)%\wisen wizard
The following URL's were detected:
wisen wizard
Loading...