WEBLIGHTSVC.DLL is Adware WebLight

Detected by UnHackMe:

WEBLIGHTSVC.DLL
Default location: %Common Appdata%\Web Light\WebLightSvc.dll

Removal Results: Success
Number of reboot: 1

WEBLIGHTSVC.DLL is known as:

Adware.WebLight

WEBLIGHTSVC.DLL hash:

• MD5: d5e7b951f15f439eb6a8f89947a1dcd5

Registry:

• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{95af55ea}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBLIG~1\WebLight.dll”,_uninstall /un”
• HKLM\System\CurrentControlSet\Services\95af55ea\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
• HKLM\System\CurrentControlSet\Services\95af55ea\Type: 0×00000010
• HKLM\System\CurrentControlSet\Services\95af55ea\Start: 0×00000002
• HKLM\System\CurrentControlSet\Services\95af55ea\ErrorControl: 0×00000000
• HKLM\System\CurrentControlSet\Services\95af55ea\ImagePath: “”%SysDir%\rundll32.exe” “c:\docume~1\alluse~1\applic~1\weblig~1\WebLightSvc.dll”,service”
• HKLM\System\CurrentControlSet\Services\95af55ea\DisplayName: “Web Light”
• HKLM\System\CurrentControlSet\Services\95af55ea\ObjectName: “LocalSystem”
• HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\docume~1\alluse~1\applic~1\weblig~1\weblight.dll”

Folders:

• %Common Appdata%\Web Light

Files:

• %Temp%\__tmp_045be34f
• %Common Appdata%\Web Light\WebLight.dll
• %Common Appdata%\Web Light\WebLightSvc.dll