We received the file ASSISTANTSVC.DLL and detected that ASSISTANTSVC.DLL is not good.
ASSISTANTSVC.DLL is Adware. You should remove the file ASSISTANTSVC.DLL.
Kill the process ASSISTANTSVC.DLL and remove ASSISTANTSVC.DLL from Windows.
Malware Analysis of ASSISTANTSVC.DLL
Full path on a computer: %Common Appdata%\Assistant\AssistantSvc.dll
Detected by UnHackMe:
ASSISTANTSVC.DLL
Default location: %Common Appdata%\Assistant\AssistantSvc.dll
Removal Results: Success
Number of reboot: 1
ASSISTANTSVC.DLL is known as:
Adware.PUP.SProtector.D
ASSISTANTSVC.DLL hash:
- MD5: 9683cd80962f43498f911c9b87c7700c
The file tries to connect to the dangerous web site.
How to quickly detect ASSISTANTSVC.DLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{e64a4d03}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\DOCUME~1\ALLUSE~1\APPLIC~1\ASSIST~1\ASSIST~1.DLL”,_uninstall /un”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{e64a4d03}\DisplayName: “Assistant”
- HKLM\System\CurrentControlSet\Services\e64a4d03\ImagePath: “”%SysDir%\rundll32.exe” “c:\docume~1\alluse~1\applic~1\assist~1\AssistantSvc.dll”,service”
- HKLM\System\CurrentControlSet\Services\e64a4d03\DisplayName: “Assistant”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\docume~1\alluse~1\applic~1\assist~1\assist~1.dll”
Folders:- %Common Appdata%\Assistant
Files:- %Temp%\__tmp_3805bf61
- %Common Appdata%\Assistant\Assistant.dll
- %Common Appdata%\Assistant\AssistantSvc.dll