The file SVCCWB.DLL is identified as a virus dropper.
The dropper SVCCWB.DLL is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
The file SVCCWB.DLL loads into the computer memory and tries to connect to the dangerous web site.
Usually the SVCCWB.DLL dropper does not infect the files on the computer and does not replicate itself on other computers.
Kill the SVCCWB.DLL process and delete the file SVCCWB.DLL.
Malware Analysis of SVCCWB.DLL
Full path on a computer: %SysDir%\svccwb.dll
Detected by UnHackMe:
Item Name: svcc
Author:
Current Setting: %SYSDIR%\SVCC.EXE
Type: Registry Run
Item Name: svcc.exe
Author: Unknown
Related File: %SYSDIR%\SVCC.EXE
Type: Running Processes
Item Name: {1E1B2879-88FF-11D3-8D96-D7ACAC95951A}
Author:
Current Setting: %SYSDIR%\SVCCWB.DLL
Type: Browser Helper Objects
Removal Results: Success
Number of reboot: 1
SVCCWB.DLL is known as:
Trojan.Perfloger, Trojan.PerfectKeylogger.A5, Keylog-Perfect, Monitor.PerfKeylogger, Unwanted-Program ( 993923d30 ), Aplicacion.Perflogger.ca, W32.Monitor.MV, Spyware.Perfect, Perfloger.AJL, Mal_Naix-6, Win32:Perflogger-CG [PUP], not-a-virus:Monitor.Perflogger.ca, Trojan.Perfect.SBzBZKG5qWA, Perfect Keylogger, TrojWare.Perfect.41, Trojan.Peflog.156, TR.Perfect.4, TrojanSpy.Perfloger.bn, Trojan[Monitor:not-a-virus].Perflogger, KeyLoger.Perfect.ca.(kcloud), MonitoringTool.PerfectKeylogger, Trojan.Perflogger, Trojan.Peflog, Win32.Spy.PerfKey, PE:Trojan.KeyLogger.bz.1075151009, not-a-virus:Monitor.Perflogger, Logger.AUX
SVCCWB.DLL hash:
- MD5: 45d276fccfe7e40c1a75a0fc15de0722
Registry:- HKLM\Software\Classes\CLSID\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\InprocServer32\: “%SysDir%\svccwb.dll”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\svcc: “%SysDir%\svcc.exe”
Folders:- %Temp%\RarSFX0
Files:- %Temp%\RarSFX0\cabalmain.exe
- %Temp%\RarSFX0\rinst.exe
- %SysDir%\inst.dat
- %SysDir%\mc.dat
- %SysDir%\pk.bin
- %SysDir%\svcc.exe
- %SysDir%\svcchk.dll
- %SysDir%\svccr.exe
- %SysDir%\svccwb.dll