We received the file WEBGENIUOSSVC.DLL and detected that WEBGENIUOSSVC.DLL is not good.
WEBGENIUOSSVC.DLL is Adware. You should remove the file WEBGENIUOSSVC.DLL.
Kill the process WEBGENIUOSSVC.DLL and remove WEBGENIUOSSVC.DLL from Windows.
Malware Analysis of WEBGENIUOSSVC.DLL
Full path on a computer: %Common Appdata%\WebGeniuos\WebGeniuosSvc.dll
Detected by UnHackMe:
WEBGENIUOSSVC.DLL
Default location: %Common Appdata%\WebGeniuos\WebGeniuosSvc.dll
Removal Results: Success
Number of reboot: 1
WEBGENIUOSSVC.DLL is known as:
Adware.SProtector
WEBGENIUOSSVC.DLL hash:
- MD5: 0901350749e93698c0f6802f7f4ca65f
The file tries to connect to the dangerous web site.
How to quickly detect WEBGENIUOSSVC.DLL presence?
Registry:
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{148b9501}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBGEN~1\WEBGEN~1.DLL”,_uninstall /un”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{148b9501}\DisplayName: “WebGeniuos”
- HKLM\System\CurrentControlSet\Services\148b9501\ImagePath: “”%SysDir%\rundll32.exe” “c:\docume~1\alluse~1\applic~1\webgen~1\WebGeniuosSvc.dll”,service”
- HKLM\System\CurrentControlSet\Services\148b9501\DisplayName: “WebGeniuos”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\docume~1\alluse~1\applic~1\webgen~1\webgen~1.dll”
Folders:
- %Common Appdata%\WebGeniuos
Files:
- %Temp%\__tmp_09594e77
- %Common Appdata%\WebGeniuos\WebGeniuos.dll
- %Common Appdata%\WebGeniuos\WebGeniuosSvc.dll