home

wssvc.dll

The module wssvc.dll has been detected as adware by 39 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “WS.Sustainer”. Also know as BrowserDefender, this bundled service will prevent various web browser toolbars and extensions from running as well as block changes to the search page and provider.
MD5:
1394dfbe69b9fac058cfb76016d2fd81

SHA-1:
4821e88a7cf603b407874b91086cb58da6a7da12

SHA-256:
9a07e3b1e9c65d16137c6a788bf0c9b1eb2289b48d3c079a2ccaff1caa4e1c1c

Scanner detections:
39 / 68

Status:
Adware

Explanation:
This service will prevent resources from modifying the web browser's home and search pages as well as the search provider set by the product, an affiliate search engine partner.

Analysis date:
4/27/2024 12:11:46 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Adware.BProtector.1
928

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
Adware/Win32.SProtector
14.07.22

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

avast!
Win32:Adware-gen [Adw]
2014.9-140722

AVG
Adware Generic_r
2015.0.3406

Baidu Antivirus
Adware.Win32.Bromngr
4.0.3.14722

Bitdefender
Gen:Adware.BProtector.1
1.0.20.1015

Bkav FE
W32.WinadeyLTB.Trojan
1.3.0.4959

Clam AntiVirus
Win.Adware.Bprotector-14
0.98/21411

Comodo Security
ApplicUnwnt
17990

Dr.Web
Trojan.Damaged.1
9.0.1.05190

Emsisoft Anti-Malware
Gen:Adware.BProtector
8.14.07.22.07

ESET NOD32
Win32/SProtector.D potentially unwanted application
8.7.0.302.0

Fortinet FortiGate
Riskware/SProtector
7/22/2014

F-Prot
W32/A-8efb389d
v6.4.7.1.166

F-Secure
Gen:Adware.BProtector.1
11.2014-22-07_3

G Data
Gen:Adware.BProtector
14.7.24

IKARUS anti.virus
Win32.AdWare
t3scan.2.2.29

K7 AntiVirus
Trojan
13.178.12212

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Bromngr
14.0.0.3523

Malwarebytes
Trojan.SProtector
v2014.07.22.07

McAfee
Artemis!A89717AF8D68
5600.7062

MicroWorld eScan
Gen:Adware.BProtector.1
15.0.0.609

NANO AntiVirus
Trojan.Win32.WebPick.cvlvgw
0.28.0.59921

Norman
Troj_Generic.SZSLU
11.20140722

nProtect
Trojan.GenericKD.1605678
14.03.17.01

Panda Antivirus
Trj/BProtect.A
14.07.22.07

Qihoo 360 Security
Win32/Virus.Adware.c63
1.0.0.1015

Quick Heal
Trojan.Bromngr.r5
7.14.14.00

Reason Heuristics
Threat.Win.Reputation.IMP
14.7.22.7

Rising Antivirus
PE:Malware.SProtector!6.1682
23.00.65.14720

Sophos
BProtector
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10468

Trend Micro House Call
TROJ_GEN.R0CBC0EDI14
7.2.203

Trend Micro
TROJ_GEN.R0CBC0EDI14
10.465.22

Vba32 AntiVirus
Trojan.Bromngr
3.12.26.0

VIPRE Antivirus
Trojan.Win32.Generic
29662

Zillya! Antivirus
Trojan.Bromngr.Win32.129
2.0.0.1846

File size:
170.8 KB (174,928 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\wssvc.dll

File PE Metadata
Compilation timestamp:
2/12/2014 11:27:34 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:TFXEB8zmzJfl2SF28TxM+M3Wgoz3KdjQsKTjgJO:TFXEr9jFEfWgVvKUJO

Entry address:
0xCC5C

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 62, 4B, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 18, 28, 02, 10, E8, 65, 36, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, C8, 6B, 02, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, A8, C0, 01, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
5.8762

Developed / compiled with:
Microsoft Visual C++

Code size:
104 KB (106,496 bytes)

Service
Display name:
WS.Sustainer

Service name:
916e5338

Type:
Win32OwnProcess


Remove wssvc.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.