We received the file ASSISTANT.DLL and detected that ASSISTANT.DLL is not good.
ASSISTANT.DLL is Adware. You should remove the file ASSISTANT.DLL.
Kill the process ASSISTANT.DLL and remove ASSISTANT.DLL from Windows.
Malware Analysis of ASSISTANT.DLL
Full path on a computer: %Common Appdata%\Assistant\Assistant.dll
Detected by UnHackMe:
ASSISTANT.DLL
Default location: %Common Appdata%\Assistant\Assistant.dll
Removal Results: Success
Number of reboot: 1
ASSISTANT.DLL is known as:
Adware.PUP.SProtector, Trojan ( 0049344e1 ), Troj.Undef.(kcloud), Trojan.SProtector.D, a variant of Win32.SProtector.D, AdWare.Bprotector, Win32.Trojan.e6d
ASSISTANT.DLL hash:
- MD5: 181c6deb7ee5b3d582b9a1643aeae1e7
The file tries to connect to the dangerous web site.
How to quickly detect ASSISTANT.DLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{e64a4d03}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\DOCUME~1\ALLUSE~1\APPLIC~1\ASSIST~1\ASSIST~1.DLL”,_uninstall /un”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{e64a4d03}\DisplayName: “Assistant”
- HKLM\System\CurrentControlSet\Services\e64a4d03\ImagePath: “”%SysDir%\rundll32.exe” “c:\docume~1\alluse~1\applic~1\assist~1\AssistantSvc.dll”,service”
- HKLM\System\CurrentControlSet\Services\e64a4d03\DisplayName: “Assistant”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\docume~1\alluse~1\applic~1\assist~1\assist~1.dll”
Folders:- %Common Appdata%\Assistant
Files:- %Temp%\__tmp_3805bf61
- %Common Appdata%\Assistant\Assistant.dll
- %Common Appdata%\Assistant\AssistantSvc.dll