The file ASSISTANTSVC.DLL is malware related.
You must delete the file ASSISTANTSVC.DLL immediately!
Delete the file ASSISTANTSVC.DLL without delay!
Kill the process ASSISTANTSVC.DLL and remove ASSISTANTSVC.DLL from the Windows startup.
Malware Analysis of ASSISTANTSVC.DLL
Full path on a computer: %Program Files%\GS_Enabler\AssistantSvc.dll
Detected by UnHackMe:
ASSISTANTSVC.DLL
Default location: %Program Files%\GS_Enabler\AssistantSvc.dll
Removal Results: Success
Number of reboot: 1
ASSISTANTSVC.DLL is known as:
Trojan.SProtector
ASSISTANTSVC.DLL hash:
- MD5: fcdef2bed14906186b75297fa2451781
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect ASSISTANTSVC.DLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Classes\CLSID\{2BCA86A1-CB27-7DE0-F462-D102B524FFB2}\InprocServer32\: “%Program Files%\greatuSaver\yN02zyf_k.dll”
- HKLM\Software\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}\InprocServer32\: “C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL”
- HKLM\Software\Classes\CLSID\{C3ED3169-DF0E-9064-C503-F53E3C331503}\InprocServer32\: “%Program Files%\YoutubeAdblocker\DoI3.dll”
- HKLM\Software\Classes\CLSID\{EBFCF40E-A87B-463F-A782-55BDD4160B5E}\InprocServer32\: “%Program Files%\LiveSupport\LiveSupport_deskband_x32.dll”
- HKLM\System\CurrentControlSet\Services\10fdc8d0\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
- HKLM\System\CurrentControlSet\Services\10fdc8d0\Type: 0×00000010
- HKLM\System\CurrentControlSet\Services\10fdc8d0\Start: 0×00000002
- HKLM\System\CurrentControlSet\Services\10fdc8d0\ErrorControl: 0×00000000
- HKLM\System\CurrentControlSet\Services\10fdc8d0\ImagePath: “”%SysDir%\rundll32.exe” “c:\progra~1\gs_ena~1\AssistantSvc.dll”,service”
- HKLM\System\CurrentControlSet\Services\10fdc8d0\DisplayName: “GS_Supporter”
- HKLM\System\CurrentControlSet\Services\10fdc8d0\ObjectName: “LocalSystem”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Optimizer Pro: “%Program Files%\Optimizer Pro\OptProLauncher.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\LiveSupport: “”%Program Files%\LiveSupport\LiveSupport.exe” /noshow /log”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\RDReminder: “”%Program Files%\RegClean Pro\Regcleanpro.exe” -rem”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\progra~1\gs_ena~1\assist~1.dll”
Folders:- %Program Files%\greatuSaver
- %Program Files%\GS_Enabler
- %Program Files%\LiveSupport
- %Program Files%\Optimizer Pro
- %Program Files%\RegClean Pro
- %Program Files%\TwitterDesktop
- %Program Files%\YoutubeAdblocker
Files:- %Program Files%\greatuSaver\yN02zyf_k.dat
- %Program Files%\greatuSaver\yN02zyf_k.dll
- %Program Files%\greatuSaver\yN02zyf_k.tlb
- %Program Files%\greatuSaver\yN02zyf_k.x64.dll
- %Program Files%\GS_Enabler\Assistant.dll
- %Program Files%\GS_Enabler\AssistantSvc.dll
- %Program Files%\LiveSupport\LiveSupport.exe
- %Program Files%\LiveSupport\LiveSupport_deskband_x32.dll
- %Program Files%\LiveSupport\LiveSupport_deskband_x64.dll
- %Program Files%\LiveSupport\unins000.dat
- %Program Files%\LiveSupport\unins000.exe
- %Program Files%\YoutubeAdblocker\DoI3.dat
- %Program Files%\YoutubeAdblocker\DoI3.dll
- %Program Files%\YoutubeAdblocker\DoI3.tlb
- %Program Files%\YoutubeAdblocker\DoI3.x64.dll
- %SysDir%\roboot.exe
- %WinDir%\Tasks\GS_Enabler-S-5887107696.job