KEEPNBROWSESVC.DLL is Adware KeepnBrowse

Detected by UnHackMe:

KEEPNBROWSESVC.DLL
Default location: %Common Appdata%\KeepnBrowse\KeepnBrowseSvc.dll

Removal Results: Success
Number of reboot: 1

KEEPNBROWSESVC.DLL is known as:

Adware.KeepnBrowse

KEEPNBROWSESVC.DLL hash:

• MD5: c85fc61c58ccb3e7d950e51799074532

Registry:

• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{615eb58f}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\DOCUME~1\ALLUSE~1\APPLIC~1\KEEPNB~1\KEEPNB~1.DLL”,_uninstall /un”
• HKLM\System\CurrentControlSet\Services\615eb58f\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
• HKLM\System\CurrentControlSet\Services\615eb58f\Type: 0×00000010
• HKLM\System\CurrentControlSet\Services\615eb58f\Start: 0×00000002
• HKLM\System\CurrentControlSet\Services\615eb58f\ErrorControl: 0×00000000
• HKLM\System\CurrentControlSet\Services\615eb58f\ImagePath: “”%SysDir%\rundll32.exe” “c:\docume~1\alluse~1\applic~1\keepnb~1\KeepnBrowseSvc.dll”,service”
• HKLM\System\CurrentControlSet\Services\615eb58f\DisplayName: “KeepnBrowse”
• HKLM\System\CurrentControlSet\Services\615eb58f\ObjectName: “LocalSystem”
• HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\docume~1\alluse~1\applic~1\keepnb~1\keepnb~1.dll”

Folders:

• %Common Appdata%\KeepnBrowse

Files:

• %Temp%\__tmp_3c23ef57
• %Common Appdata%\KeepnBrowse\KeepnBrowse.dll
• %Common Appdata%\KeepnBrowse\KeepnBrowseSvc.dll