» assistantsvc.dll
Overview
Analysis
File Details
Behaviors (1)

assistantsvc.dll

The module assistantsvc.dll has been detected as adware by 43 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “SW_Sustainer”. Also know as BrowserDefender, this bundled service will prevent various web browser toolbars and extensions from running as well as block changes to the search page and provider.

File name:

assistantsvc.dll

MD5:

165e82d3f32034736eaf7e0c23b3f358

SHA-1:

4f07e0678078e18714bafd0b94086c92c22a904c

SHA-256:

310b3a2c1ea85458bf7ef8bae415d59d82963345599aa5de6df3ad0be6c5df9b

Scanner detections:

43 / 68

Status:

Adware

Explanation:

This service will prevent resources from modifying the web browser's home and search pages as well as the search provider set by the product, an affiliate search engine partner.

Analysis date:

5/8/2024 11:45:18 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Adware.BProtector.1

927

Agnitum Outpost

Riskware.Agent

7.1.1

AhnLab V3 Security

Adware/Win32.SProtector

14.07.22

Avira AntiVirus

ADWARE/Adware.Gen2

7.11.151.186

avast!

Win32:Adware-gen [Adw]

140617-1

AVG

Adware Generic_r.HW

2014.0.3986

Baidu Antivirus

Adware.Win32.Bromngr

4.0.3.14722

Bitdefender

Gen:Adware.BProtector.1

1.0.20.1015

Bkav FE

W32.WinadeyLTB.Trojan

1.3.0.4959

Clam AntiVirus

Win.Adware.Bprotector-14

0.98/19185

Comodo Security

ApplicUnwnt

17990

Dr.Web

Trojan.WebPick.35

9.0.1.05190

Emsisoft Anti-Malware

Gen:Adware.BProtector

8.14.07.22.06

ESET NOD32

Win32/SProtector.D potentially unwanted application

7.0.302.0

Fortinet FortiGate

Riskware/SProtector

7/22/2014

F-Prot

W32/A-8efb389d

v6.4.7.1.166

F-Secure

Gen:Adware.BProtector.1

11.2014-22-07_3

G Data

Gen:Adware.BProtector

14.7.24

IKARUS anti.virus

Win32.AdWare

t3scan.2.2.29

K7 AntiVirus

Trojan

13.178.12212

Kaspersky

not-a-virus:HEUR:AdWare.Win32.Bromngr

15.0.0.494

Malwarebytes

Trojan.SProtector

v2014.07.22.06

McAfee

Artemis!A89717AF8D68

5600.7061

MicroWorld eScan

Gen:Adware.BProtector.1

15.0.0.609

NANO AntiVirus

Trojan.Win32.WebPick.cvlvgw

0.28.0.59921

Norman

Troj_Generic.SZSLU

11.20140722

nProtect

Trojan.GenericKD.1605678

14.03.17.01

Panda Antivirus

Trj/BProtect.A

14.07.22.06

Qihoo 360 Security

Win32/Virus.Adware.c63

1.0.0.1015

Quick Heal

Trojan.Bromngr.r5

7.14.14.00

Reason Heuristics

Threat.Win.Reputation.IMP

14.7.22.18

Rising Antivirus

PE:Malware.SProtector!6.1682

23.00.65.14720

Sophos

BProtector

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10467

Trend Micro House Call

TROJ_GEN.R0CBC0EDI14

7.2.203

Trend Micro

TROJ_GEN.R0CBC0EDI14

10.465.22

Vba32 AntiVirus

Trojan.Bromngr

3.12.26.0

VIPRE Antivirus

Trojan.Win32.Generic

29662

Zillya! Antivirus

Trojan.Bromngr.Win32.129

2.0.0.1846

File size:

170.8 KB (174,928 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\sw_booster\assistantsvc.dll

File PE Metadata

Compilation timestamp:

2/12/2014 9:57:34 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:TFXEB8zmzJfl2SF28TxM+M3Wgoz3KdjQsKTjgJO:TFXEr9jFEfWgVvKUJO

Entry address:

0xCC5C

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 62, 4B, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 18, 28, 02, 10, E8, 65, 36, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, C8, 6B, 02, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, A8, C0, 01, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

5.8762

Developed / compiled with:

Microsoft Visual C++

Code size:

104 KB (106,496 bytes)

Service

Display name:

SW_Sustainer

Service name:

3a941999

Type:

Win32OwnProcess

Remove assistantsvc.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.