PROWEBI.DLL is Adware Prowebi

Detected by UnHackMe:

PROWEBI.DLL
Default location: %Common Appdata%\Prowebi\Prowebi.dll

Removal Results: Success
Number of reboot: 1

PROWEBI.DLL is known as:

Adware.Prowebi

PROWEBI.DLL hash:

• MD5: 4a4565c3d6f22e697fdc8ab123cdbe87

Registry:

• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{b8e33daf}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prowebi\Prowebi.dll”,_uninstall /un”
• HKLM\System\CurrentControlSet\Services\b8e33daf\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
• HKLM\System\CurrentControlSet\Services\b8e33daf\Type: 0×00000010
• HKLM\System\CurrentControlSet\Services\b8e33daf\Start: 0×00000002
• HKLM\System\CurrentControlSet\Services\b8e33daf\ErrorControl: 0×00000000
• HKLM\System\CurrentControlSet\Services\b8e33daf\ImagePath: “”%SysDir%\rundll32.exe” “c:\docume~1\alluse~1\applic~1\prowebi\ProwebiSvc.dll”,service”
• HKLM\System\CurrentControlSet\Services\b8e33daf\DisplayName: “Prowebi”
• HKLM\System\CurrentControlSet\Services\b8e33daf\ObjectName: “LocalSystem”
• HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\docume~1\alluse~1\applic~1\prowebi\prowebi.dll”

Folders:

• %Common Appdata%\Prowebi

Files:

• %Temp%\__tmp_316c85ca
• %Common Appdata%\Prowebi\Prowebi.dll
• %Common Appdata%\Prowebi\ProwebiSvc.dll