We received the file WINEIGHTB301.DLL and detected that WINEIGHTB301.DLL is not good.
WINEIGHTB301.DLL is Adware. You should remove the file WINEIGHTB301.DLL.
Kill the process WINEIGHTB301.DLL and remove WINEIGHTB301.DLL from Windows.
Malware Analysis of WINEIGHTB301.DLL
Full path on a computer: %Program Files%\wineight\wineightb301.dll
Detected by UnHackMe:
WINEIGHTB301.DLL
Default location: %Program Files%\wineight\wineightb301.dll
Removal Results: Success
Number of reboot: 1
WINEIGHTB301.DLL is known as:
Adware.WinAgir.3
WINEIGHTB301.DLL hash:
- MD5: 1b918d30797fa709963c8b68edc4fc2e
The file tries to download information from some web sites.
How to quickly detect WINEIGHTB301.DLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Classes\CLSID\{4830B65C-3F89-4775-8FDB-E472D67DBDD0}\InprocServer32\: “%Program Files%\wineight\wineightb301.dll”
- HKLM\System\CurrentControlSet\Services\WinA Diagnostics Service\Type: 0×00000010
- HKLM\System\CurrentControlSet\Services\WinA Diagnostics Service\Start: 0×00000002
- HKLM\System\CurrentControlSet\Services\WinA Diagnostics Service\ErrorControl: 0×00000001
- HKLM\System\CurrentControlSet\Services\WinA Diagnostics Service\ImagePath: “%WinDir%\System32\wineightdr.exe”
- HKLM\System\CurrentControlSet\Services\WinA Diagnostics Service\DisplayName: “WinA Diagnostics Service”
- HKLM\System\CurrentControlSet\Services\WinA Diagnostics Service\ObjectName: “LocalSystem”
- HKLM\System\CurrentControlSet\Services\Windows WinEight Update Service\Type: 0×00000010
- HKLM\System\CurrentControlSet\Services\Windows WinEight Update Service\Start: 0×00000002
- HKLM\System\CurrentControlSet\Services\Windows WinEight Update Service\ErrorControl: 0×00000001
- HKLM\System\CurrentControlSet\Services\Windows WinEight Update Service\ImagePath: “%Program Files%\wineight\wineightu.exe”
- HKLM\System\CurrentControlSet\Services\Windows WinEight Update Service\DisplayName: “Windows WinEight Update Service”
- HKLM\System\CurrentControlSet\Services\Windows WinEight Update Service\ObjectName: “LocalSystem”
- HKLM\System\CurrentControlSet\Services\Windows WinEight Update Service\Description: “Windows WinEight Update Service”
Folders:- %Local Appdata%\WinEight
- %Temp%\~nsis
- %Temp%\~nsis\c3i023
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LUIIOHEM
- %Program Files%\wineight
Files:- %Temp%\~nsis\c3i023\sqlite3.dll
- %Temp%\~nsis\c3i023\wineights301.dll
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LUIIOHEM\desktop.ini
- %Program Files%\wineight\pkdb.dat
- %Program Files%\wineight\sqlite3.dll
- %Program Files%\wineight\ukdb.dat
- %Program Files%\wineight\uninst1.exe
- %Program Files%\wineight\wineightb301.dll
- %Program Files%\wineight\wineights301.dll
- %Program Files%\wineight\wineightu.exe
- %SysDir%\wineightdr.exe