We received the file GS-ENABLER.EXE and detected that GS-ENABLER.EXE is not good.
GS-ENABLER.EXE is Adware. You should remove the file GS-ENABLER.EXE.
Kill the process GS-ENABLER.EXE and remove GS-ENABLER.EXE from Windows.
Malware Analysis of GS-ENABLER.EXE
Full path on a computer: %Common Appdata%\QuickSet\GS-Enabler\GS-Enabler.exe
Detected by UnHackMe:
GS-ENABLER.EXE
Default location: %Common Appdata%\QuickSet\GS-Enabler\GS-Enabler.exe
Removal Results: Success
Number of reboot: 1
GS-ENABLER.EXE is known as:
Adware.PUP.Optional.MultiPlug.A, Trojan-Downloader ( 0048ec4f1 ), Trojan.Agent.cojdgu, Troj.Agent-AFFX, TrojWare.TrojanDownloader.Agent.AFD, Trojan.DownLoad3.30962, TR.Downloader.A.988, Trojan.S.Agent.729600.B, Trojan-Downloader.Agent.AU, W32.Trojan.IDAE-2984, Trojan.Agent, Trojan.Agent.50, a variant of Win32.TrojanDownloader.Agent.AFD, W32.Agent.AFD.tr.dldr
GS-ENABLER.EXE hash:
- MD5: 1d283dd3ae2312eee624e8b8c46f6adb
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect GS-ENABLER.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Classes\CLSID\{068A308B-E1A7-7E38-7228-D1484AE207FD}\InprocServer32\: “%Program Files%\SurFNakeeap\ZAUX.dll”
- HKLM\Software\Classes\CLSID\{B4646CE2-1DA6-7C46-48CA-35CFF295DA03}\InprocServer32\: “%Program Files%\YoutubeAdblocker\egy_0w5.dll”
- HKLM\Software\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}\InProcServer32\: “%SystemRoot%\system32\SHELL32.dll”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Optimizer Pro: “%Program Files%\Optimizer Pro\OptProLauncher.exe”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\progra~1\gs-ena~1\psupport.dll”
Folders:- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\staged
- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\staged\ja.8wtf@ac-ywuhrf-.co.uk
- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\staged\ja.8wtf@ac-ywuhrf-.co.uk\content
- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\staged\yyaa.3bw@xqoslrmoyaoaee.com
- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\staged\yyaa.3bw@xqoslrmoyaoaee.com\content
- %Appdata%\Optimizer Pro
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\aiolklkconpmaclhociijbocapmlgmlj
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\aiolklkconpmaclhociijbocapmlgmlj\1.0
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\hkbgablijppnjojjmaghmafhhfbpndag
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\hkbgablijppnjojjmaghmafhhfbpndag\1.0
- %Local Appdata%\Google\Chrome SxS
- %Local Appdata%\Google\Chrome SxS\User Data
- %Local Appdata%\Google\Chrome SxS\User Data\Default
- %Local Appdata%\Google\Chrome SxS\User Data\Default\Extensions
- %Local Appdata%\Google\Chrome SxS\User Data\Default\Extensions\aiolklkconpmaclhociijbocapmlgmlj
- %Local Appdata%\Google\Chrome SxS\User Data\Default\Extensions\aiolklkconpmaclhociijbocapmlgmlj\1.0
- %Local Appdata%\Google\Chrome SxS\User Data\Default\Extensions\hkbgablijppnjojjmaghmafhhfbpndag
- %Local Appdata%\Google\Chrome SxS\User Data\Default\Extensions\hkbgablijppnjojjmaghmafhhfbpndag\1.0
- %Local Appdata%\Comodo
- %Local Appdata%\Comodo\Dragon
- %Local Appdata%\Comodo\Dragon\User Data
- %Local Appdata%\Comodo\Dragon\User Data\Default
- %Local Appdata%\Comodo\Dragon\User Data\Default\Extensions
- %Local Appdata%\Comodo\Dragon\User Data\Default\Extensions\aiolklkconpmaclhociijbocapmlgmlj
- %Local Appdata%\Comodo\Dragon\User Data\Default\Extensions\aiolklkconpmaclhociijbocapmlgmlj\1.0
- %Local Appdata%\Comodo\Dragon\User Data\Default\Extensions\hkbgablijppnjojjmaghmafhhfbpndag
- %Local Appdata%\Comodo\Dragon\User Data\Default\Extensions\hkbgablijppnjojjmaghmafhhfbpndag\1.0
- %Local Appdata%\Torch
- %Local Appdata%\Torch\User Data
- %Local Appdata%\Torch\User Data\Default
- %Local Appdata%\Torch\User Data\Default\Extensions
- %Local Appdata%\Torch\User Data\Default\Extensions\aiolklkconpmaclhociijbocapmlgmlj
- %Local Appdata%\Torch\User Data\Default\Extensions\aiolklkconpmaclhociijbocapmlgmlj\1.0
- %Local Appdata%\Torch\User Data\Default\Extensions\hkbgablijppnjojjmaghmafhhfbpndag
- %Local Appdata%\Torch\User Data\Default\Extensions\hkbgablijppnjojjmaghmafhhfbpndag\1.0
- %Common Appdata%\InstallMate
- %Common Appdata%\InstallMate\47AB4DF4
- %Common Appdata%\InstallMate\{729E6D76-A62F-4FE2-AD09-EE0DA97D4F80}
- %Common Appdata%\QuickSet
- %Common Appdata%\QuickSet\GS-Enabler
- %Common Appdata%\QuickSet\Setup
- %Common Appdata%\SurFNakeeap
- %Common Appdata%\YoutubeAdblocker
- %Common Startmenu%\Programs\EZDownloader
- %Common Startmenu%\Programs\Optimizer Pro v3.2
- %Program Files%\EZDownloader
- %Program Files%\GS-Enabler
- %Program Files%\Optimizer Pro
- %Program Files%\SurFNakeeap
- %Program Files%\YoutubeAdblocker
- %SysDir%\AMD64
- %SysDir%\X86
Files:- %Common Appdata%\QuickSet\GS-Enabler\299282477.ini
- %Common Appdata%\QuickSet\GS-Enabler\GS-Enabler.exe
- %Common Appdata%\SurFNakeeap\yToyG.dat
- %Common Appdata%\SurFNakeeap\yToyG.exe
- %Common Appdata%\YoutubeAdblocker\xVmGOXQf.dat
- %Common Appdata%\YoutubeAdblocker\xVmGOXQf.exe
- %Program Files%\EZDownloader\EZDownloader.Core.dll
- %Program Files%\EZDownloader\EZDownloader.exe
- %Program Files%\EZDownloader\EZDownloader.exe.config
- %Program Files%\EZDownloader\EZDownloader.Extension.dll
- %Program Files%\EZDownloader\EZDownloader.Spider.dll
- %Program Files%\EZDownloader\ICSharpCode.SharpZipLib.dll
- %Program Files%\EZDownloader\Interop.SHDocVw.dll
- %Program Files%\EZDownloader\TabStrip.dll
- %Program Files%\EZDownloader\unins000.dat
- %Program Files%\EZDownloader\unins000.exe
- %Program Files%\GS-Enabler\psupport.dll
- %Program Files%\GS-Enabler\uninstall.exe
- %Program Files%\Optimizer Pro\CookiesException.txt
- %Program Files%\Optimizer Pro\English.ini
- %Program Files%\Optimizer Pro\file_id.diz
- %Program Files%\Optimizer Pro\HomePage.url
- %Program Files%\Optimizer Pro\OptimizerPro.chm
- %Program Files%\Optimizer Pro\OptimizerPro.exe
- %Program Files%\Optimizer Pro\OptProGuard.exe
- %Program Files%\Optimizer Pro\OptProLauncher.exe
- %Program Files%\Optimizer Pro\OptProReminder.exe
- %Program Files%\Optimizer Pro\OptProSchedule.exe
- %Program Files%\Optimizer Pro\OptProSmartScan.exe
- %Program Files%\Optimizer Pro\OptProStart.exe
- %Program Files%\Optimizer Pro\OptProUninstaller.exe
- %Program Files%\Optimizer Pro\scan.gif
- %Program Files%\Optimizer Pro\sqlite3.dll
- %Program Files%\Optimizer Pro\StartupList.txt
- %Program Files%\Optimizer Pro\unins000.dat
- %Program Files%\Optimizer Pro\unins000.exe
- %Program Files%\Optimizer Pro\unins000.msg
- %Program Files%\SurFNakeeap\ZAUX.dat
- %Program Files%\SurFNakeeap\ZAUX.dll
- %Program Files%\SurFNakeeap\ZAUX.tlb
- %Program Files%\SurFNakeeap\ZAUX.x64.dll
- %Program Files%\YoutubeAdblocker\egy_0w5.dat
- %Program Files%\YoutubeAdblocker\egy_0w5.dll
- %Program Files%\YoutubeAdblocker\egy_0w5.tlb
- %Program Files%\YoutubeAdblocker\egy_0w5.x64.dll
- %WinDir%\Tasks\GS-Enabler-S-299282477.job