How to remove AuthAssistant.exe

AuthAssistant.exe

The module AuthAssistant.exe has been detected as Ransom.Wacatac

AuthAssistant.exe
Remove AuthAssistant.exe

File Details

Company Name:

TEAM R2R
MD5: 14641e755ac55d5be4e22988004f0d43
Size: 128 KB
First Published: 2017-06-09 15:06:54 (8 years ago)
Latest Published: 2023-02-22 23:23:29 (2 years ago)
Status: Ransom.Wacatac (on last analysis)
Analysis Date: 2023-02-22 23:23:29 (2 years ago)

Common Places:

%programfiles%\izotope\insight\win32
%programfiles%\izotope\insight\win64
%desktop%\izotope 5\r2r\insight\win32
%programfiles%\izotope\insight
%programfiles%\izotope\ozone 6\insight
%sysdrive%\звук\izotope.ozone.6.advanced.v6.10.incl.emulator-r2r\r2r\insight
%sysdrive%\radio nacional huanuni\cumbias\lo mejor de la cumbia\proporciones\n-zation\nuevos\izotope ozone 6 advanced.rar\izotope ozone 6 advanced\crack\insight
%programfiles%\izotope\ozone 5\r2r\insight
%programfiles%\cakewalk\vstplugins\izotope\r2r\insight
%sysdrive%\pasta de programas\iz jr 6\izotope ozo 6 jr\r2r\insight

Geography:

Russia 19.0%
United States 13.1%
Ukraine 11.8%
Bulgaria 5.9%
Spain 5.9%
Turkey 5.2%
Brazil 5.2%
Vietnam 3.3%
Taiwan 2.6%
Italy 2.6%
Serbia 2.6%
Venezuela 2.6%
France 2.0%
United Kingdom 1.3%
South Korea 1.3%
Belarus 1.3%
Kazakhstan 1.3%
Bolivia 1.3%
Yemen 1.3%
Chile 1.3%
Canada 1.3%
Germany 1.3%
Ireland 1.3%
Latvia 1.3%
Belgium 1.3%
Austria 0.7%
Denmark 0.7%
Netherlands 0.7%
Peru 0.7%

OS Version:

Windows 10 62.2%
Windows 7 28.2%
Windows 8.1 6.4%
Windows XP 1.9%
Windows 8 1.3%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00031118

PE Sections:

Name Size of data MD5
.MPRESS1 28160 51012299f33df5826754c426e9d06f0e
.MPRESS2 3584 d49d97df28eb722032ae9ec40de2e22e
.rsrc 98816 18525d0c450ad659453873784cac9509

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for AuthAssistant.exe
copyright for information about AuthAssistant.exe
­