The file ASSISTANT.DLL is malware related.
You must delete the file ASSISTANT.DLL immediately!
Delete the file ASSISTANT.DLL without delay!
Kill the process ASSISTANT.DLL and remove ASSISTANT.DLL from the Windows startup.
Malware Analysis of ASSISTANT.DLL
Full path on a computer: %Program Files%\GS_Enabler\Assistant.dll
Detected by UnHackMe:
ASSISTANT.DLL
Default location: %Program Files%\GS_Enabler\Assistant.dll
Removal Results: Success
Number of reboot: 1
ASSISTANT.DLL is known as:
Trojan.SProtector
ASSISTANT.DLL hash:
- MD5: 6bf611e368d15b869957727b5b3e5b59
The file tries to download information from some web sites.
How to quickly detect ASSISTANT.DLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Classes\CLSID\{2BCA86A1-CB27-7DE0-F462-D102B524FFB2}\InprocServer32\: “%Program Files%\greatuSaver\yN02zyf_k.dll”
- HKLM\Software\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}\InprocServer32\: “C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL”
- HKLM\Software\Classes\CLSID\{C3ED3169-DF0E-9064-C503-F53E3C331503}\InprocServer32\: “%Program Files%\YoutubeAdblocker\DoI3.dll”
- HKLM\Software\Classes\CLSID\{EBFCF40E-A87B-463F-A782-55BDD4160B5E}\InprocServer32\: “%Program Files%\LiveSupport\LiveSupport_deskband_x32.dll”
- HKLM\System\CurrentControlSet\Services\10fdc8d0\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
- HKLM\System\CurrentControlSet\Services\10fdc8d0\Type: 0×00000010
- HKLM\System\CurrentControlSet\Services\10fdc8d0\Start: 0×00000002
- HKLM\System\CurrentControlSet\Services\10fdc8d0\ErrorControl: 0×00000000
- HKLM\System\CurrentControlSet\Services\10fdc8d0\ImagePath: “”%SysDir%\rundll32.exe” “c:\progra~1\gs_ena~1\AssistantSvc.dll”,service”
- HKLM\System\CurrentControlSet\Services\10fdc8d0\DisplayName: “GS_Supporter”
- HKLM\System\CurrentControlSet\Services\10fdc8d0\ObjectName: “LocalSystem”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Optimizer Pro: “%Program Files%\Optimizer Pro\OptProLauncher.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\LiveSupport: “”%Program Files%\LiveSupport\LiveSupport.exe” /noshow /log”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\RDReminder: “”%Program Files%\RegClean Pro\Regcleanpro.exe” -rem”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\progra~1\gs_ena~1\assist~1.dll”
Folders:- %Program Files%\greatuSaver
- %Program Files%\GS_Enabler
- %Program Files%\LiveSupport
- %Program Files%\Optimizer Pro
- %Program Files%\RegClean Pro
- %Program Files%\TwitterDesktop
- %Program Files%\YoutubeAdblocker
Files:- %Program Files%\greatuSaver\yN02zyf_k.dat
- %Program Files%\greatuSaver\yN02zyf_k.dll
- %Program Files%\greatuSaver\yN02zyf_k.tlb
- %Program Files%\greatuSaver\yN02zyf_k.x64.dll
- %Program Files%\GS_Enabler\Assistant.dll
- %Program Files%\GS_Enabler\AssistantSvc.dll
- %Program Files%\LiveSupport\LiveSupport.exe
- %Program Files%\LiveSupport\LiveSupport_deskband_x32.dll
- %Program Files%\LiveSupport\LiveSupport_deskband_x64.dll
- %Program Files%\LiveSupport\unins000.dat
- %Program Files%\LiveSupport\unins000.exe
- %WinDir%\Tasks\GS_Enabler-S-5887107696.job