Wordproser
Posted: October 20, 2014
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 7,580 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 75,842 |
| First Seen: | October 20, 2014 |
|---|---|
| Last Seen: | October 13, 2023 |
| OS(es) Affected: | Windows |
Wordproser is an unwanted program that computer researchers have ousted as an adware application that displays random advertisements. The Wordproser ads may be banners or pop-ups where they prove to be intrusive by interrupting your surfing of the internet. Usually the Wordproser ads will attempt to offer random products and services and ways to add functions to your web browser applications. Most computer users will find the Wordproser services as unwanted add-ons or become annoyed at the several Wordproser pop-ups loaded that if clicked, may cause redirects to other sites that have questionable content. Removal of Wordproser may be performed automatically by use of an antispyware application.
Aliases
Wordproser.7D0 [AVG]Adware/Vitruvian [Fortinet]Trojan/Win32.SGeneric [Antiy-AVL]Artemis [McAfee-GW-Edition]Adware.Plugin.274 [DrWeb]ApplicUnwnt [Comodo]Generic PUA EK [Sophos]not-a-virus:AdWare.Win32.Vitruvian.a [Kaspersky]Trojan.Gen.2 [Symantec]Adware ( 004a9fae1 ) [K7AntiVirus]Artemis!0BF1004D2D52 [McAfee]AdWare.Win64.r6 (Not a Virus) [CAT-QuickHeal]
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\Program Files (x86)\WordProser_1.10.0.6\Service\wpsvc.exe
File name: wpsvc.exeSize: 277.58 KB (277584 bytes)
MD5: 9774b8a352319d8e1969eaff18709fc3
Detection count: 8,186
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\WordProser_1.10.0.6\Service\wpsvc.exe
Group: Malware file
Last Updated: January 31, 2023
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WordProser_1.10.0.2\Service\wpsvc.exe.vir
File name: wpsvc.exe.virSize: 277.58 KB (277584 bytes)
MD5: b25922683bff1e1aa8164dc99e25f6e3
Detection count: 7,635
Mime Type: unknown/vir
Path: C:\AdwCleaner\Quarantine\C\Program Files (x86)\WordProser_1.10.0.2\Service\wpsvc.exe.vir
Group: Malware file
Last Updated: April 26, 2021
C:\Program Files\WordProser_1.10.0.4\Service\wpsvc.exe
File name: wpsvc.exeSize: 277.58 KB (277584 bytes)
MD5: 6a90987d602e51d9d37828f6177eb17c
Detection count: 7,553
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files\WordProser_1.10.0.4\Service\wpsvc.exe
Group: Malware file
Last Updated: November 9, 2021
C:\AdwCleaner\Quarantine\C\Program Files (x86)\wordproser_1.10.0.5\Service\wpsvc.exe.vir
File name: wpsvc.exe.virSize: 277.58 KB (277584 bytes)
MD5: b3b547f875928fadff3beaf5d3dc1fc5
Detection count: 7,408
Mime Type: unknown/vir
Path: C:\AdwCleaner\Quarantine\C\Program Files (x86)\wordproser_1.10.0.5\Service\wpsvc.exe.vir
Group: Malware file
Last Updated: January 31, 2023
C:\System Volume Information\_restore{4A6875BD-F03A-4E04-BAA5-224D81EDCBF8}\RP199\A0159664.sys
File name: A0159664.sysSize: 52.73 KB (52736 bytes)
MD5: 4b9c4a2acc61a0a29dd84e5d7355ad62
Detection count: 6,642
File type: System file
Mime Type: unknown/sys
Path: C:\System Volume Information\_restore{4A6875BD-F03A-4E04-BAA5-224D81EDCBF8}\RP199\A0159664.sys
Group: Malware file
Last Updated: August 30, 2022
c:\windows\system32\drivers\wpnfd_1_10_0_1.sys
File name: wpnfd_1_10_0_1.sysSize: 52.73 KB (52736 bytes)
MD5: f8971170ff3b508e47ecd2367558892e
Detection count: 5,579
File type: System file
Mime Type: unknown/sys
Path: c:\windows\system32\drivers\wpnfd_1_10_0_1.sys
Group: Malware file
Last Updated: March 27, 2022
c:\windows\system32\drivers\wpnfd_1_10_0_1.sys
File name: wpnfd_1_10_0_1.sysSize: 58.24 KB (58240 bytes)
MD5: 9d73c4ab327ec78741392378f81085ad
Detection count: 5,019
File type: System file
Mime Type: unknown/sys
Path: c:\windows\system32\drivers\wpnfd_1_10_0_1.sys
Group: Malware file
Last Updated: August 20, 2022
c:\windows\system32\drivers\wpnfd_1_10_0_2.sys
File name: wpnfd_1_10_0_2.sysSize: 58.24 KB (58240 bytes)
MD5: 869359adc102dfcb23727a5570af130a
Detection count: 2,087
File type: System file
Mime Type: unknown/sys
Path: c:\windows\system32\drivers\wpnfd_1_10_0_2.sys
Group: Malware file
Last Updated: February 21, 2022
C:\Windows\System32\drivers\wpnfd_1_10_0_2.sys
File name: wpnfd_1_10_0_2.sysSize: 52.73 KB (52736 bytes)
MD5: 10ca6f7dcbf8688b6a817eda4a2e3e7b
Detection count: 1,223
File type: System file
Mime Type: unknown/sys
Path: C:\Windows\System32\drivers\wpnfd_1_10_0_2.sys
Group: Malware file
Last Updated: April 24, 2022
c:\windows\system32\drivers\wpnfd_1_10_0_5.sys
File name: wpnfd_1_10_0_5.sysSize: 58.24 KB (58240 bytes)
MD5: 76856cd4c95f6be28e429e3a2ac5750d
Detection count: 157
File type: System file
Mime Type: unknown/sys
Path: c:\windows\system32\drivers\wpnfd_1_10_0_5.sys
Group: Malware file
Last Updated: January 31, 2023
C:\Program Files (x86)\WordProser_1.10.0.1\Service\wpsvc.exe
File name: wpsvc.exeSize: 277.58 KB (277584 bytes)
MD5: 409aa0858006cef45b827eff34d7a94f
Detection count: 126
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\WordProser_1.10.0.1\Service\wpsvc.exe
Group: Malware file
Last Updated: June 14, 2023
C:\Program Files\WordProser_1.10.0.1\IE\WordProserClientIE.dll
File name: WordProserClientIE.dllSize: 181.84 KB (181840 bytes)
MD5: 4a5a090f28520793eedcb7a2f142ce55
Detection count: 89
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\Program Files\WordProser_1.10.0.1\IE\WordProserClientIE.dll
Group: Malware file
Last Updated: June 14, 2023
%PROGRAMFILES%\WordProser\IE\WordProserClientIE.dll
File name: WordProserClientIE.dllSize: 254.03 KB (254032 bytes)
MD5: 7b1ec8a997bf53b2113f8c549923da38
Detection count: 65
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\WordProser\IE
Group: Malware file
Last Updated: May 25, 2017
system32\drivers\wpnfd_1_10_0_6.sys
File name: wpnfd_1_10_0_6.sysSize: 58.24 KB (58240 bytes)
MD5: d60d1d327c27e7ead4e18e4f5881c523
Detection count: 63
File type: System file
Mime Type: unknown/sys
Path: system32\drivers
Group: Malware file
Last Updated: April 9, 2016
%WINDIR%\System32\drivers\wpnfd_1_10_0_9.sys
File name: wpnfd_1_10_0_9.sysSize: 52.73 KB (52736 bytes)
MD5: d3c0038453fd11b098ac4c89b7da31ce
Detection count: 49
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers
Group: Malware file
Last Updated: October 31, 2018
system32\drivers\wpnfd_1_10_0_9.sys
File name: wpnfd_1_10_0_9.sysSize: 58.24 KB (58240 bytes)
MD5: 17aa25f4ddd583f4510bf05470483dfc
Detection count: 33
File type: System file
Mime Type: unknown/sys
Path: system32\drivers
Group: Malware file
Last Updated: January 30, 2020
%WINDIR%\System32\drivers\wpnfd_1_10_0_4.sys
File name: wpnfd_1_10_0_4.sysSize: 58.24 KB (58240 bytes)
MD5: 7c47f94089fb8f4f3f37d5b30e684b54
Detection count: 26
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers
Group: Malware file
Last Updated: April 9, 2016
%PROGRAMFILES%\WordProser_1.10.0.2\IE\WordProserClientIE.dll
File name: WordProserClientIE.dllSize: 149.07 KB (149072 bytes)
MD5: b4e7a73bd9080a4a137ba3fcf86301b1
Detection count: 21
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\WordProser_1.10.0.2\IE
Group: Malware file
Last Updated: May 25, 2017
%WINDIR%\System32\drivers\wpnfd.sys
File name: wpnfd.sysSize: 58.24 KB (58240 bytes)
MD5: 23b70f71debec2a59e1c2c1d1c2016a1
Detection count: 14
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers
Group: Malware file
Last Updated: April 9, 2016
%WINDIR%\System32\drivers\wpnfd_1_10_0_2.sys
File name: wpnfd_1_10_0_2.sysSize: 58.24 KB (58240 bytes)
MD5: b1a87ece0a320d2d71c3bbf7247b8bad
Detection count: 6
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers
Group: Malware file
Last Updated: April 9, 2016
%PROGRAMFILES%\WordProser_1.10.0.1\IE\WordProserClientIE.dll
File name: WordProserClientIE.dllSize: 149.07 KB (149072 bytes)
MD5: f552254bd54fda2b01e229a4fa21ad25
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\WordProser_1.10.0.1\IE
Group: Malware file
Last Updated: May 25, 2017
Registry Modifications
The following newly produced Registry Values are:
CLSID{03A19B15-6866-4B99-97A7-57F359C40931}{3EBB5099-9732-48AE-B032-58B702D86EEC}{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}HKEY..\..\..\..{RegistryKeys}SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}SOFTWARE\Mozilla\Firefox\Extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}SYSTEM\ControlSet001\Enum\Root\LEGACY_WPNFD_1_10_0_1SYSTEM\ControlSet001\Enum\Root\LEGACY_WPNFD_1_10_0_2SYSTEM\ControlSet001\services\wpnfd_1_10_0_1SYSTEM\ControlSet001\services\wpnfd_1_10_0_2SYSTEM\ControlSet001\services\wpnfd_1_10_0_5SYSTEM\ControlSet001\services\wpsvc_1.10.0.2SYSTEM\ControlSet001\services\wpsvc_1.10.0.5SYSTEM\ControlSet002\Enum\Root\LEGACY_WPNFD_1_10_0_1SYSTEM\ControlSet002\Enum\Root\LEGACY_WPNFD_1_10_0_2SYSTEM\ControlSet002\services\wpnfd_1_10_0_1SYSTEM\ControlSet002\services\wpnfd_1_10_0_2SYSTEM\ControlSet002\services\wpnfd_1_10_0_5SYSTEM\ControlSet002\services\wpsvc_1.10.0.2SYSTEM\ControlSet002\services\wpsvc_1.10.0.5SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WPNFD_1_10_0_1SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WPNFD_1_10_0_2SYSTEM\CurrentControlSet\services\wpnfd_1_10_0_1SYSTEM\CurrentControlSet\services\wpnfd_1_10_0_2SYSTEM\CurrentControlSet\services\wpsvc_1.10.0.2
CLSID{03A19B15-6866-4B99-97A7-57F359C40931}{3EBB5099-9732-48AE-B032-58B702D86EEC}{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}HKEY..\..\..\..{RegistryKeys}SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}SOFTWARE\Mozilla\Firefox\Extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}SYSTEM\ControlSet001\Enum\Root\LEGACY_WPNFD_1_10_0_1SYSTEM\ControlSet001\Enum\Root\LEGACY_WPNFD_1_10_0_2SYSTEM\ControlSet001\services\wpnfd_1_10_0_1SYSTEM\ControlSet001\services\wpnfd_1_10_0_2SYSTEM\ControlSet001\services\wpnfd_1_10_0_5SYSTEM\ControlSet001\services\wpsvc_1.10.0.2SYSTEM\ControlSet001\services\wpsvc_1.10.0.5SYSTEM\ControlSet002\Enum\Root\LEGACY_WPNFD_1_10_0_1SYSTEM\ControlSet002\Enum\Root\LEGACY_WPNFD_1_10_0_2SYSTEM\ControlSet002\services\wpnfd_1_10_0_1SYSTEM\ControlSet002\services\wpnfd_1_10_0_2SYSTEM\ControlSet002\services\wpnfd_1_10_0_5SYSTEM\ControlSet002\services\wpsvc_1.10.0.2SYSTEM\ControlSet002\services\wpsvc_1.10.0.5SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WPNFD_1_10_0_1SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WPNFD_1_10_0_2SYSTEM\CurrentControlSet\services\wpnfd_1_10_0_1SYSTEM\CurrentControlSet\services\wpnfd_1_10_0_2SYSTEM\CurrentControlSet\services\wpsvc_1.10.0.2
Additional Information
The following directories were created:
%PROGRAMFILES%\Mozilla Firefox\extensions\{d9a96531-b093-4d07-9e4c-9704a365c441}%PROGRAMFILES%\WordProser_1.10.0.6%PROGRAMFILES(x86)%\Mozilla Firefox\extensions\{d9a96531-b093-4d07-9e4c-9704a365c441}%PROGRAMFILES(x86)%\WordProser_1.10.0.6
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.