Jump to content

Search the Community

Showing results for tags 'pup.optional.advancedsystemprotector'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 5 results

  1. What is Advanced System Optimizer?Advanced System Optimizer is a system optimizer that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog.How do I know if I am affected by Advanced System Optimizer?This is how the main screen of the system optimizer looks:You will find these icons in your taskbar, your startmenu, and on your desktop:and see this type of windows during install:and this type of screens during operations:You may see this entry in your list of installed programs:and these tasks in your list of Scheduled Tasks:How did Advanced System Optimizer get on my computer?These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website.How do I remove Advanced System Optimizer?Our program Malwarebytes can detect and remove this PUP. For a more complete removal it's advisable to use the built-in uninstaller first. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of Advanced System Optimizer? No, Malwarebytes removes Advanced System Optimizer completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. What if I want to keep Advanced System Optimizer?Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access.How would the full version of Malwarebytes help protect me?We hope our application and this guide have helped you in dealing with this system optimizer.As you can see below the full version of Malwarebytes would have warned you against the Advanced System Optimizer installer. Technical details for expertsYou may see these entries in FRST logs: Task: {016CD71E-27F9-49C7-BB1C-82437502F6B8} - System32\Tasks\Advanced System Optimizer => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [4153984 2021-02-13] (SYSTWEAK SOFTWARE -> Systweak Software) <==== ATTENTION Task: {734B8F01-18BD-4F2B-B73D-A3D02732E7D3} - System32\Tasks\ASO-AutoCheckUpdate7Days => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe [3257984 2021-02-13] (SYSTWEAK SOFTWARE -> Systweak Software) Task: C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe C:\Windows\system32\Tasks\ASO-AutoCheckUpdate7Days C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job C:\Program Files (x86)\Advanced System Optimizer 3 C:\Windows\system32\Tasks\Advanced System Optimizer C:\Users\Public\Desktop\Smart PC Care.lnk C:\ProgramData\Desktop\Smart PC Care.lnk C:\Users\Public\Desktop\Advanced System Optimizer.lnk C:\ProgramData\Desktop\Advanced System Optimizer.lnk C:\Users\{username}\AppData\Roaming\Systweak C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3 (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe (Systweak Software ) C:\Users\{username}\Downloads\aso3setup_systweak-default.exe Advanced System Optimizer (HKLM-x32\...\{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1) (Version: 3.9.3700.18392 - Systweak Software) <==== ATTENTION ContextMenuHandlers1-x32: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => C:\Program Files (x86)\Advanced System Optimizer 3\SecureShell.dll [2021-02-13] (SYSTWEAK SOFTWARE -> Systweak Software) ContextMenuHandlers2-x32: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => C:\Program Files (x86)\Advanced System Optimizer 3\SecureShell.dll [2021-02-13] (SYSTWEAK SOFTWARE -> Systweak Software) ContextMenuHandlers6-x32: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => C:\Program Files (x86)\Advanced System Optimizer 3\SecureShell.dll [2021-02-13] (SYSTWEAK SOFTWARE -> Systweak Software) Significant alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Advanced System Optimizer 3 Adds the file Advanced System Optimizer Help.url"="10/23/2020 4:47 PM, 432 bytes, A Adds the file ASEng.dll"="2/13/2021 4:20 PM, 363584 bytes, A Adds the file AsInvoker.exe"="2/13/2021 4:19 PM, 89728 bytes, A Adds the file ASO3.exe"="2/13/2021 4:19 PM, 4153984 bytes, A Adds the file ASO3DefragSrv.exe"="2/13/2021 4:19 PM, 265856 bytes, A Adds the file ASO3DefragSrv64.exe"="2/13/2021 4:19 PM, 289408 bytes, A Adds the file aso3sys.dll"="2/13/2021 4:19 PM, 1503872 bytes, A Adds the file ASOHelper.dll"="2/13/2021 4:19 PM, 1255552 bytes, A Adds the file asohtm.dll"="2/13/2021 4:19 PM, 333440 bytes, A Adds the file asores.dll"="2/13/2021 4:19 PM, 8833664 bytes, A Adds the file atl90.dll"="10/23/2020 4:46 PM, 161784 bytes, A Adds the file BackupManager.exe"="2/13/2021 4:20 PM, 3077248 bytes, A Adds the file Buy Advanced System Optimizer.url"="10/23/2020 4:47 PM, 331 bytes, A Adds the file CheckUpdate.exe"="2/13/2021 4:20 PM, 3257984 bytes, A Adds the file database.dat"="10/23/2020 4:44 PM, 32748 bytes, A Adds the file DefragServiceManager.exe"="2/13/2021 4:19 PM, 96384 bytes, A Adds the file demo.log"="5/4/2021 10:07 AM, 42 bytes, A Adds the file DiskDoctor.exe"="2/13/2021 4:20 PM, 398976 bytes, A Adds the file DiskExplorer.exe"="2/13/2021 4:20 PM, 930944 bytes, A Adds the file DiskOptimizer.exe"="2/13/2021 4:19 PM, 334464 bytes, A Adds the file Downloader.dll"="2/13/2021 4:19 PM, 97408 bytes, A Adds the file DuplicateFilesRemover.exe"="2/13/2021 4:20 PM, 344704 bytes, A Adds the file GameOptimizer.exe"="2/13/2021 4:19 PM, 124544 bytes, A Adds the file GameOptLauncher.exe"="2/13/2021 4:20 PM, 343168 bytes, A Adds the file GameOptLauncher64.exe"="2/13/2021 4:20 PM, 400000 bytes, A Adds the file GOHelper.exe"="2/13/2021 4:19 PM, 62592 bytes, A Adds the file Help.ico"="10/23/2020 4:47 PM, 1150 bytes, A Adds the file HighestAvailable.exe"="2/13/2021 4:19 PM, 114816 bytes, A Adds the file HookDll.dll"="2/13/2021 4:19 PM, 63104 bytes, A Adds the file HookDll64.dll"="2/13/2021 4:19 PM, 64128 bytes, A Adds the file info.ico"="10/23/2020 4:47 PM, 1150 bytes, A Adds the file KillASOProcesses.exe"="2/13/2021 4:20 PM, 121472 bytes, A Adds the file launcher.exe"="2/13/2021 4:20 PM, 72832 bytes, A Adds the file MemoryOptimizer.exe"="2/13/2021 4:20 PM, 193152 bytes, A Adds the file MFC90CHS.dll"="10/23/2020 4:46 PM, 38912 bytes, A Adds the file MFC90CHT.dll"="10/23/2020 4:46 PM, 39936 bytes, A Adds the file MFC90DEU.dll"="10/23/2020 4:46 PM, 66560 bytes, A Adds the file MFC90ENU.dll"="10/23/2020 4:46 PM, 56832 bytes, A Adds the file MFC90ESN.dll"="10/23/2020 4:46 PM, 65024 bytes, A Adds the file MFC90ESP.dll"="10/23/2020 4:46 PM, 65024 bytes, A Adds the file MFC90FRA.dll"="10/23/2020 4:46 PM, 66048 bytes, A Adds the file MFC90ITA.dll"="10/23/2020 4:46 PM, 64512 bytes, A Adds the file MFC90JPN.dll"="10/23/2020 4:46 PM, 46592 bytes, A Adds the file MFC90KOR.dll"="10/23/2020 4:46 PM, 46080 bytes, A Adds the file mfc90u.dll"="10/23/2020 4:46 PM, 3783672 bytes, A Adds the file Microsoft.VC90.ATL.manifest"="10/23/2020 4:46 PM, 353 bytes, A Adds the file Microsoft.VC90.CRT.manifest"="10/23/2020 4:46 PM, 391 bytes, A Adds the file Microsoft.VC90.MFC.manifest"="10/23/2020 4:46 PM, 349 bytes, A Adds the file Microsoft.VC90.MFCLOC.manifest"="10/23/2020 4:46 PM, 670 bytes, A Adds the file msvcp90.dll"="10/23/2020 4:46 PM, 572928 bytes, A Adds the file msvcr90.dll"="10/23/2020 4:46 PM, 655872 bytes, A Adds the file Network.dll"="2/13/2021 4:19 PM, 377472 bytes, A Adds the file NewScheduler.exe"="2/13/2021 4:20 PM, 736384 bytes, A Adds the file Order.ico"="10/23/2020 4:47 PM, 1150 bytes, A Adds the file PCFixer.exe"="2/13/2021 4:19 PM, 1288832 bytes, A Adds the file PrivacyProtector.exe"="2/13/2021 4:19 PM, 1590400 bytes, A Adds the file PTBWin7.exe"="2/13/2021 4:19 PM, 27264 bytes, A Adds the file RegClean.exe"="2/13/2021 4:19 PM, 1172608 bytes, A Adds the file RegistryOptimizer.exe"="2/13/2021 4:19 PM, 274048 bytes, A Adds the file RequireAdministrator.exe"="2/13/2021 4:19 PM, 89728 bytes, A Adds the file rw.dat"="10/23/2020 4:47 PM, 1371329 bytes, A Adds the file rw.ini"="10/23/2020 4:47 PM, 54694 bytes, A Adds the file SecureDelete.exe"="2/13/2021 4:19 PM, 1231488 bytes, A Adds the file SecureEncryptor.exe"="2/13/2021 4:20 PM, 380032 bytes, A Adds the file SecureShell.dll"="2/13/2021 4:20 PM, 324224 bytes, A Adds the file single_click_care.ico"="10/23/2020 4:47 PM, 15086 bytes, A Adds the file sqlite3.dll"="2/13/2021 4:19 PM, 575000 bytes, A Adds the file StartupManager.exe"="2/13/2021 4:20 PM, 278656 bytes, A Adds the file SysFileBakRes.exe"="2/13/2021 4:20 PM, 607872 bytes, A Adds the file SystemAnalyzerAndAdvisor.exe"="2/13/2021 4:20 PM, 789120 bytes, A Adds the file SystemCleaner.exe"="2/13/2021 4:20 PM, 2510464 bytes, A Adds the file Systweak Software Website.url"="10/23/2020 4:47 PM, 245 bytes, A Adds the file UndeleteDLL.dll"="2/13/2021 4:19 PM, 249984 bytes, A Adds the file unins000.dat"="5/4/2021 10:04 AM, 164231 bytes, A Adds the file unins000.exe"="5/4/2021 10:04 AM, 1187968 bytes, A Adds the file unins000.msg"="5/4/2021 10:04 AM, 22701 bytes, A Adds the file UninstallManager.exe"="2/13/2021 4:20 PM, 141440 bytes, A Adds the file unrar.dll"="2/13/2021 3:48 PM, 182400 bytes, A Adds the file VolumeControl.exe"="2/13/2021 4:19 PM, 74880 bytes, A Adds the file VolumeControl64.exe"="2/13/2021 4:19 PM, 73856 bytes, A Adds the file website.ico"="10/23/2020 4:47 PM, 1150 bytes, A Adds the file XceedZip.dll"="2/13/2021 4:20 PM, 504520 bytes, A Adds the file xmllite.dll"="2/13/2021 4:19 PM, 139904 bytes, A Adds the file zlibwapi.dll"="2/13/2021 3:48 PM, 127616 bytes, A Adds the folder C:\Program Files (x86)\Advanced System Optimizer 3\da Adds the folder C:\Program Files (x86)\Advanced System Optimizer 3\de Adds the folder C:\Program Files (x86)\Advanced System Optimizer 3\DefragReport Adds the folder C:\Program Files (x86)\Advanced System Optimizer 3\eng Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3 Adds the file Advanced System Optimizer Help.lnk"="5/4/2021 10:04 AM, 1444 bytes, A Adds the file Buy Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1439 bytes, A Adds the file Smart PC Care.lnk"="5/4/2021 10:04 AM, 1496 bytes, A Adds the file Start Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1332 bytes, A Adds the file Systweak Software Website.lnk"="5/4/2021 10:04 AM, 1415 bytes, A Adds the file Uninstall Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1304 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Backup and Recovery Adds the file Backup Manager.lnk"="5/4/2021 10:04 AM, 1504 bytes, A Adds the file System Files Backup and Restore.lnk"="5/4/2021 10:04 AM, 1385 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Common Issue Fixers Adds the file Duplicate File Remover.lnk"="5/4/2021 10:04 AM, 1423 bytes, A Adds the file PC Fixer.lnk"="5/4/2021 10:04 AM, 1295 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup Adds the file Disk Explorer.lnk"="5/4/2021 10:04 AM, 1498 bytes, A Adds the file Disk Optimizer.lnk"="5/4/2021 10:04 AM, 1524 bytes, A Adds the file Disk Tools.lnk"="5/4/2021 10:04 AM, 1504 bytes, A Adds the file System Cleaner.lnk"="5/4/2021 10:04 AM, 1504 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Registry Tuneup Adds the file Registry Cleaner.lnk"="5/4/2021 10:04 AM, 1508 bytes, A Adds the file Registry Optimizer.lnk"="5/4/2021 10:04 AM, 1548 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Regular Maintenance Adds the file Scheduler.lnk"="5/4/2021 10:04 AM, 1334 bytes, A Adds the file Startup Manager.lnk"="5/4/2021 10:04 AM, 1510 bytes, A Adds the file Uninstall Manager.lnk"="5/4/2021 10:04 AM, 1378 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Security and Privacy Adds the file Privacy Protector.lnk"="5/4/2021 10:04 AM, 1522 bytes, A Adds the file Secure Delete.lnk"="5/4/2021 10:04 AM, 1518 bytes, A Adds the file Secure Encryptor.lnk"="5/4/2021 10:04 AM, 1369 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Windows Optimization Adds the file Game Optimizer.lnk"="5/4/2021 10:04 AM, 1524 bytes, A Adds the file Memory Optimizer.lnk"="5/4/2021 10:04 AM, 1369 bytes, A Adds the file System and Security Advisor.lnk"="5/4/2021 10:04 AM, 1594 bytes, A In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch Adds the file Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1490 bytes, A In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar Adds the file Start Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1332 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3 Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Checking for Updates\AppUpdates Adds the file LatestVersion.htm"="5/4/2021 10:10 AM, 268 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Partial Backups Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Registry Cleaner Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Registry Optimizer Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3\System Files Backup and Restore In the existing folder C:\Users\Public\Desktop Adds the file Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1466 bytes, A Adds the file Smart PC Care.lnk"="5/4/2021 10:04 AM, 1498 bytes, A Adds the folder C:\Windows\Repair\ASO3\4-5-2021_10-5 Adds the file .default"="5/4/2021 10:05 AM, 229376 bytes, A Adds the file bcd00000000"="5/4/2021 10:05 AM, 28672 bytes, A Adds the file hardware"="5/4/2021 10:05 AM, 28672 bytes, A Adds the file info.arb"="5/4/2021 10:05 AM, 34360 bytes, A Adds the file s-1-5-19"="5/4/2021 10:05 AM, 245760 bytes, A Adds the file s-1-5-20"="5/4/2021 10:05 AM, 253952 bytes, A Adds the file s-1-5-21-1350903546-318028887-1286703239-1003"="5/4/2021 10:05 AM, 851968 bytes, A Adds the file s-1-5-21-1350903546-318028887-1286703239-1003_classes"="5/4/2021 10:05 AM, 2297856 bytes, A Adds the file sam"="5/4/2021 10:05 AM, 65536 bytes, A Adds the file security"="5/4/2021 10:05 AM, 24576 bytes, A Adds the file software"="5/4/2021 10:05 AM, 94400512 bytes, A Adds the file system"="5/4/2021 10:05 AM, 11616256 bytes, A In the existing folder C:\Windows\System32 Adds the file roboot64.exe"="2/13/2021 4:20 PM, 26240 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file Advanced System Optimizer"="5/4/2021 10:04 AM, 3158 bytes, A Adds the file ASO-AutoCheckUpdate7Days"="5/4/2021 10:05 AM, 3348 bytes, A In the existing folder C:\Windows\Tasks Adds the file ASO-AutoCheckUpdate7Days.job"="5/4/2021 10:05 AM, 468 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C42CB13B-CA97-468D-9F93-AD1220004E62}] "(Default)"="REG_SZ", "SecureShell" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\SecureShell.dll] "AppID"="REG_SZ", "{C42CB13B-CA97-468D-9F93-AD1220004E62}" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe" "DisplayName"="REG_SZ", "Advanced System Optimizer" "DisplayVersion"="REG_SZ", "3.9.3700.18392" "EstimatedSize"="REG_DWORD", 191750 "HelpLink"="REG_SZ", "http://www.systweak.com/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Advanced System Optimizer 3" "Inno Setup: Icon Group"="REG_SZ", "Advanced System Optimizer 3" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.6 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20210504" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Advanced System Optimizer 3\" "MajorVersion"="REG_DWORD", 3 "MinorVersion"="REG_DWORD", 9 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Systweak Software" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Advanced System Optimizer 3\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Advanced System Optimizer 3\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.systweak.com/" "URLUpdateInfo"="REG_SZ", "http://www.systweak.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\ASO3] "ASO3AFFILIATE"="REG_SZ", "" "ASO3CAM"="REG_SZ", "default" "ASOBUILDFOR"="REG_SZ", "systweak" "BUILD_CATEGORY"="REG_DWORD", 0 "BuyNowURL"="REG_SZ", "https://www.systweak.com/advanced-system-optimizer/price?isasof=1&" "G_COMPANY_URL"="REG_SZ", "www.systweak.com" "G_HELP_EMAIL_URL"="REG_SZ", "mailto:support@systweak.com" "G_HELP_URL"="REG_SZ", "http://www.systweak.com/aso/help/showhelp.aspx?" "G_PRODUCT_URL"="REG_SZ", "https://www.systweak.com/advanced-system-optimizer/" "G_SUPPORT_PHONE_NUM"="REG_SZ", "" "G_SUPPORT_PHONE_NUM_FR"="REG_SZ", "" "G_SUPPORT_URL"="REG_SZ", "support@systweak.com" "G_TRIALPAY_URL"="REG_SZ", "http://www.systweak.com/aso/trialpay/?" "G_TUTORIAL_SITE_URL"="REG_SZ", "https://www.systweak.com/advanced-system-optimizer/?" "G_WEBSITE_URL"="REG_SZ", "http://www.systweak.com/?" "installed_date"="REG_SZ", "04-05-2021" "KeyExpired"="REG_DWORD", 0 "MachineHashID"="REG_SZ", "-3167270725993147789" "RegisteredPass"="REG_SZ", "" "RegisteredUser"="REG_SZ", "" "REGISTEREDVERFOUNINSTALL"="REG_DWORD", 1 "ReNewURL"="REG_SZ", "https://www.systweak.com/advanced-system-optimizer/renewal?isasof=1&" "utm_days"="REG_SZ", "0" "utm_xcid"="REG_SZ", "default" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/4/21 Scan Time: 10:23 AM Log File: f83ac26e-acb1-11eb-8000-080027235d76.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1273 Update Package Version: 1.0.40123 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username}-PC\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 238530 Threats Detected: 494 Threats Quarantined: 494 Time Elapsed: 4 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 24 PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\SecureShell.SecureShellExt, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\SecureShell.SecureShellExt.1, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\TYPELIB\{2A03A149-3CD3-429D-B4A4-28D9D2974874}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\INTERFACE\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2A03A149-3CD3-429D-B4A4-28D9D2974874}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{2A03A149-3CD3-429D-B4A4-28D9D2974874}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}\InprocServer32, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}\InprocServer32, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASO-AutoCheckUpdate7Days, Quarantined, 3574, 184083, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{734B8F01-18BD-4F2B-B73D-A3D02732E7D3}, Quarantined, 3574, 184083, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{734B8F01-18BD-4F2B-B73D-A3D02732E7D3}, Quarantined, 3574, 184083, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advanced System Optimizer, Quarantined, 3574, 184082, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{016CD71E-27F9-49C7-BB1C-82437502F6B8}, Quarantined, 3574, 184082, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{016CD71E-27F9-49C7-BB1C-82437502F6B8}, Quarantined, 3574, 184082, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\ASO3_JUMP_LIST, Quarantined, 884, 324616, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKCU\SOFTWARE\SYSTWEAK\ASO3, Quarantined, 884, 324154, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ASO3, Quarantined, 884, 324153, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}, Quarantined, 884, 351523, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}, Quarantined, 884, 351523, 1.0.40123, , ame, , , Registry Value: 5 PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\.DOC\OPENWITHPROGIDS|ASO3_JUMP_LIST, Quarantined, 884, 327153, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\.TXT\OPENWITHPROGIDS|ASO3_JUMP_LIST, Quarantined, 884, 327154, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\ASO3_JUMP_LIST|FRIENDLYTYPENAME, Quarantined, 884, 324616, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKCU\SOFTWARE\SYSTWEAK\ASO3|ASO3CAM, Quarantined, 884, 324154, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ASO3|ASO3CAM, Quarantined, 884, 324153, 1.0.40123, , ame, , , Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 31 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DefragReport, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\pt-br, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\zh-cn, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\eng, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\da, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\de, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\es, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\fi, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\fr, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\it, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ja, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\nl, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\no, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ru, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\sv, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Security and Privacy, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Windows Optimization, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Backup and Recovery, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Common Issue Fixers, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Regular Maintenance, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Registry Tuneup, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Advanced System Optimizer 3, Quarantined, 3574, 182041, 1.0.40123, , ame, , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Checking for Updates\AppUpdates, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\System Files Backup and Restore, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Checking for Updates, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Registry Optimizer, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Registry Cleaner, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Partial Backups, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\ROAMING\SYSTWEAK, Quarantined, 875, 184122, 1.0.40123, , ame, , , File: 434 PUP.Optional.AdvancedSystemOptimizer, C:\PROGRAM FILES (X86)\Advanced System Optimizer 3\unins000.dat, Quarantined, 3574, 184080, 1.0.40123, , ame, , 9D50E5DFA3350C223A715DBB1C982007, C0FFFD205B6B37C11E8A91A1AFC5368C277490DC0B27CFF60253F2D2C3560BDA PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Advanced System Optimizer Help.url, Quarantined, 3574, 184080, , , , , E7B38961D0F7EACC91363F5058800BB1, 8DCF06ECD3321DB902C2775D9F0E3A2FD847F7477ED5CE5B517A01EB23CEC436 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ASEng.dll, Quarantined, 3574, 184080, , , , , EF22E41BC9CD11AE18ECC4A4B556296F, 2A005913A2045EBF37C1855755DE55C527E4574A2002BE47FF8BA786EBD46B5C PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\AsInvoker.exe, Quarantined, 3574, 184080, , , , , F166B4A50D64C3212742A07BDFC990AF, 7F96BB572D6647C23DD681DFE74CD473F1828D5D23601D070BA2452B8CF39778 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe, Quarantined, 3574, 184080, , , , , 8C4CFDE11A5BEDAF3BBCDA465098489B, E4096455826E3152DEBE4DBCEED6F23D3772B4E8F92B37553EE4C1A37D37C6D7 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv.exe, Quarantined, 3574, 184080, , , , , 57EA7FFD3D89E3219F0ACAC9C725D8A5, 30ED7DE211C20171581C16E7467EB97EA3C77F5D1619AC6EB4A7305C3A475187 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe, Quarantined, 3574, 184080, , , , , 3456B682982808DE14728D03162EC2EB, 3B4E6645F0AB92AD792043EE995490AD0C7DD6A7270A2F7E2A68A91887010AA0 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\aso3sys.dll, Quarantined, 3574, 184080, , , , , 72499463594B4ABCAF507BBA0C5F96FE, 246BCD3E11ADE3FB5F2655FED97AD39EDD555852379495E188C80A042C1493A5 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ASOHelper.dll, Quarantined, 3574, 184080, , , , , 0FEA08AB9D1345EB60BAC7AB23326F25, EDFA730236986FD2818B46F69FF83173387A76A4A2989854E4855341BB6353F2 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\asohtm.dll, Quarantined, 3574, 184080, , , , , 6E96C71C8D03495F1CCA4B2B21A0C997, D209D97C31E4FBC96BA0EDCB8BD0C5ADAE5FE45E769DBFC85CC6244C795EA250 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\asores.dll, Quarantined, 3574, 184080, , , , , 62B23977F95D6F37800F7B75A2315D4C, 9F76AB6F721FB050A05D574A628A5E5BC86E176E459C242AC0DFFF8979244CC7 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\BackupManager.exe, Quarantined, 3574, 184080, , , , , 5E7856FA61AF4ECF9B8B2837F9A6F374, E84A90061D4A1F63271E3C04A65937276B6D66FFFB3728AC3DCB2517FF3182BE PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Buy Advanced System Optimizer.url, Quarantined, 3574, 184080, , , , , ED2AC7685D1C07C78D92A48B374712B6, 5CB98360A7E1E7B2695DA718BD2A866135B72095BC062A8FEFFE7228DBB06053 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe, Quarantined, 3574, 184080, , , , , DECD7B3924F9112488B999893C173279, 2E176CED2130EF47D6EF983C5CA9D3CBC5AACFF604C56CA5456FA9CE2D4DF9CE PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\database.dat, Quarantined, 3574, 184080, , , , , E6D3E82BD5BC0E93ED17164D68F0C872, 681F493E02CB4001D08FFBAC9F62C1710DC9C44B8D9E8966E108909AC3DE2F44 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DefragServiceManager.exe, Quarantined, 3574, 184080, , , , , 997CCBD0D348A4CB9672A6BC1BB947E3, 3047D6B2CEDAD833ACD7736CAA427E72022D292B141EB55DE24D5AEAE28F92E8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\demo.log, Quarantined, 3574, 184080, , , , , 2C251534C182CFC73104D95461525FCF, 23BEA73F9AB48E78D60EDA98C66E51C6DDB978A1FCB64092BCECADF1AD345EB7 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DiskDoctor.exe, Quarantined, 3574, 184080, , , , , 7E6A3AE047F1ECA2C84026B869076332, 4406F70151E7A1322FCEDDA9874D7C80A98D5DEF39288D061E1851983DD667EB PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DiskExplorer.exe, Quarantined, 3574, 184080, , , , , 98C3D9546A676854391F141B626BF970, 7B0067FDA6B5E1F7382A8FD37542820E0CCA466DFEB37D392204DBC91A93B6B5 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DiskOptimizer.exe, Quarantined, 3574, 184080, , , , , 914EF2CD1228654A4BB948752871BC27, E194DDCA5AD9999DFCBAD4DA9E0F0EF15AB372633CFB6F711982E365C8DFDF8A PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Downloader.dll, Quarantined, 3574, 184080, , , , , 58D0D388DC9B1C9A448F455659B46D90, 57696048BBBB9797ED438A43B7FB78F1EFED0CB87C8C5BE4DB64D382DBB300E4 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DuplicateFilesRemover.exe, Quarantined, 3574, 184080, , , , , 0E07C2020C46A43EEC17FB23557C8F44, 4D966D3C37F0DFCE0BD509795F015E763A250A1E23249A7D938C1D5E3E2C63A7 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\GameOptimizer.exe, Quarantined, 3574, 184080, , , , , 14CC49F139234053DF80C28CD80D848F, 4BEB7365696FEDA1422E0A5CB6ECC2BC404BBD7921A40EDA129B56023B00AFE5 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\GameOptLauncher.exe, Quarantined, 3574, 184080, , , , , 889875DA1AAA4C695E99A690B8BCA3FF, 6C04C06409FB62B1B662AB2BD52A12D4CF1CBEB470DB21F865277292F262F9AD PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\GameOptLauncher64.exe, Quarantined, 3574, 184080, , , , , 9AFADED72B429B639295CBA709BFECF0, 432843DBB0DA475135F127B17D076390381894C9425ABB731985B885C88DAB49 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\GOHelper.exe, Quarantined, 3574, 184080, , , , , 34645C81869C3096EF94B7B28B8B3416, 8B47D86787C932EF597203391CA5968F72F53AB4EB1CBDA650F45C4250754CE4 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Help.ico, Quarantined, 3574, 184080, , , , , 5697B752200CF82615E9143F678AFBD4, 32F56BC79BB493F9F9F26BEF94BB92E9F45D2353557F4BAF94A41D6933495FF4 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\HighestAvailable.exe, Quarantined, 3574, 184080, , , , , 3EE222E43E89F8C436AEDD0D935D1A9B, 18F457ECD230EABBEE7B489C0DB8A7449D51F0B5F2B929CDF23F5BAF730B31F3 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\HookDll.dll, Quarantined, 3574, 184080, , , , , F16993ABA22DB333FB2880E094F4FCFD, 4551F12F863D5E9EECCFD3C91437D7C89B72C8931D97AED8C7C9E417A26EF35D PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\HookDll64.dll, Quarantined, 3574, 184080, , , , , 643AEB0EA8003089E211E0C54B01EA13, AB6422E046940100E83982E47B8354661CCCE9039A07569E1EE138A2C1C08F78 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\info.ico, Quarantined, 3574, 184080, , , , , 3B1C489DA41E6286FC9E6E7C7FD5EC9B, 8F82A1E2856B58D405F4EC893CC6BA10D4DF2DD9014D014F2FD8E00D18F00A31 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\KillASOProcesses.exe, Quarantined, 3574, 184080, , , , , 8365F3775085680D69185C938D4AFDFD, C0B29198BC4B47F8E274CEB570CB3CCD9D6412C6EDA14C0D806A5F779A9D96DE PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\launcher.exe, Quarantined, 3574, 184080, , , , , E901F5DA770A13BEC85161E09A6BD6C5, C14489C4A59AE32E5ECCC32058919ADD10CF3D56F8C82E5072E8B5496DE25127 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\MemoryOptimizer.exe, Quarantined, 3574, 184080, , , , , 7639197CD5F60C6D7048A0C527C0DB7B, D52336DA03F9283E471AD736A8569062DC9E18A026C3DCCF7DA44651426F8EC6 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Microsoft.VC90.ATL.manifest, Quarantined, 3574, 184080, , , , , 740631036E6FD381CE8D2005C69BBACF, FB7DC909360397ED397119639728B1D33B0F3F985285FFA2C422FED41A6DA94B PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Microsoft.VC90.CRT.manifest, Quarantined, 3574, 184080, , , , , A14E590E0DFBB2DF0FB77768F993FC79, E9D66E9E851F0612A6EF8ACEA86724970FF2335378D506499A3C86DB2F674531 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Microsoft.VC90.MFC.manifest, Quarantined, 3574, 184080, , , , , B9CA9C15F4FC967B95217464F83900E5, E7332E45362AB7DC85E4FF2E66B5F7C50D11DBCC9BBF5B3BC4E9C32557E1035D PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Microsoft.VC90.MFCLOC.manifest, Quarantined, 3574, 184080, , , , , 7A7C6CD751B2E9A0088A825B10D60E53, E34C3DDF56B7AA53F0C787643030568EC0F37C2E53ECDB8138C809BE9C71D0B8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Network.dll, Quarantined, 3574, 184080, , , , , F4FEAC1EE9A1AEB7834F15FE83ED5F75, 4D9C6075C330E724C49E167467BA11299B9B55A70EA958459BAB3A18D90344B8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\NewScheduler.exe, Quarantined, 3574, 184080, , , , , A38381F4FD121D7FC21032DEDA972AB3, A06AD8C8CF94CE1B5F27248D6ABDB98AFCE3EFA344AC5166B893B9ECA8B39589 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Order.ico, Quarantined, 3574, 184080, , , , , 15A1352769B0A5CDDF8458B000544B36, FBB63525D5D171311F20966517E55041C2397EA84DE3BA91DCB0135332F227E5 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\PCFixer.exe, Quarantined, 3574, 184080, , , , , C74DAA41529465F7ECA163BF6C940DD7, 5F379FBEF44B554CC1BCB725D2BF363DE06B03EE1A8FFDDF1FBB8C5ADA32E7E9 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\PrivacyProtector.exe, Quarantined, 3574, 184080, , , , , 81BEAFA62807D1298B9F5B3BCDD0A40C, C2E98E074C62194D8CBFF7A09472551C1C7100E2E6AFF7CA0CD9A0795E80611E PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\PTBWin7.exe, Quarantined, 3574, 184080, , , , , C2D04E4FC3D6557831974BB3C125B003, 73D1E5B7F0A923DF1FE249B7FE068A5DA804761497FB0A6DB736D6272AF65A1B PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\RegClean.exe, Quarantined, 3574, 184080, , , , , CD75779C46E8FA0A225BE223C63864F1, D52BB696A308A05F48C8C19AF8AC01B47EC61552483D56397AC0750630C3AD3B PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\RegistryOptimizer.exe, Quarantined, 3574, 184080, , , , , EF8340971C4F08826D664375EF0387BD, A205D6A6B65265A9B49B8618C3F8C96D536FC13987D618D832FA985F61E241B9 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\RequireAdministrator.exe, Quarantined, 3574, 184080, , , , , B99393750868835D0A37FA05BC3B8D18, 9D1FEC367CFD8F118E352EB8ADF7C81494A709FBDA3C44E2B98EE13F570D2C6E PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\rw.dat, Quarantined, 3574, 184080, , , , , 9B3F874215648E8F992948A93E8EC3B6, 34E0AC12C7D6B26CFAE79E64D4F2BD18085D6B30E77C144C7DF91799AF1B0F38 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\rw.ini, Quarantined, 3574, 184080, , , , , EFAF01408DE02752A8CB7CCD2EA79AF6, 053BED1FE8765D8BA496BE2A58143D7D354F095CD6D2B5EEF2E227BC408F64DB PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SecureDelete.exe, Quarantined, 3574, 184080, , , , , CA06DBE2BF30A9663AAB250D07A22FA0, BD5CF44F691FD742CB3CFB7697AF08BBCD6042AD30E14163598DD6C8CBB331E8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SecureEncryptor.exe, Quarantined, 3574, 184080, , , , , ED2F00DDE97849C080B08A64A45066EE, 7EA6705799FE1F7B03CB11B322E9439B12FDAF9F6CE55B3D49070D5E9FCB235D PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SecureShell.dll, Quarantined, 3574, 184080, , , , , 1E9A3D77346986DB1E208281471552AA, 932935F6573B8653CC87FBDF4B65E07CB75FB3AF3C5435494C413156FA36BB4D PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\single_click_care.ico, Quarantined, 3574, 184080, , , , , EAB151D0B51D5DA45F38A9D4FBAB6169, 3104ECAB5B375C601D7960064E9909D1E502701683169F19C22F3D6C2954A08B PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\sqlite3.dll, Quarantined, 3574, 184080, , , , , FEA76C4AAE247AA7316CB1A17B8B82B4, 220708CFC4871FC6A710F459A2C22E12824E13F2DA274D5C14D0BEB5841FF919 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\StartupManager.exe, Quarantined, 3574, 184080, , , , , 18AB82E805DA28BB3C0F1EC2F18E82A4, 98457DE1561824961EEC12DFF8E6883DA0C71DDCC3EF3B8C6784353A67CE50BC PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SysFileBakRes.exe, Quarantined, 3574, 184080, , , , , 253F6813608C1A0525852723E46B3B38, 8BF70C87EDE8BA69F26EE609E04CDFFABD400E50D2C80004FFE9667755E57A92 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SystemAnalyzerAndAdvisor.exe, Quarantined, 3574, 184080, , , , , 6CAFC139544A7D9707FAA8406D81223C, 0AEBCD9249F44231457DA1C7683D8A7F057AF11BA2AF5D6AFF0368FFDD2521B8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SystemCleaner.exe, Quarantined, 3574, 184080, , , , , F723208F11CCD51109DCD73313D9DEE5, 4F62FC09B2C3BAFCF744A2D3F8CAAA80F94F468EEDA5E2F7357F0048D7A93B17 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Systweak Software Website.url, Quarantined, 3574, 184080, , , , , 6AF3D9C77BA821B14FA5E146AC65C72C, E3D92B9AD4B80DF495B5BF7AB16E8BB061DCD0EE94C8BF3439DEF3A681CBE8D8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\UndeleteDLL.dll, Quarantined, 3574, 184080, , , , , 739D5F64EF184DB033BBFE0F1FA9E4F2, 3B8FD5EA06A6D81061FA64A3B498B3800A42A55F4614DA424E7D1605A2C21818 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\unins000.exe, Quarantined, 3574, 184080, , , , , 732AB3A914069E78BF525E9561D3404C, 10681AFEF258C1EB11B1B3174052A99CF19C9DE838FF49A961D0A13435381971 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\unins000.msg, Quarantined, 3574, 184080, , , , , 5F38274FC51EC35B61E925153E26EF1C, 946195C199C2F798ED0AB3DC8AE4511BE30AD70E5FB994D677BEEE0AE249DEC8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\UninstallManager.exe, Quarantined, 3574, 184080, , , , , 0B938297E2834748A8F0BE184725F7B0, BBBEB52A97566353DFB866D3452C2EC345327BAABE4A1B538BC34E67FBCB112B PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\unrar.dll, Quarantined, 3574, 184080, , , , , 9DD783542AD1168FD2C7E3D245B531CE, AA00A045D1A1010B9497825794F6BE8D75ECC8C3F00A15E9EED0C0A0E2A254A9 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\VolumeControl.exe, Quarantined, 3574, 184080, , , , , C53D47208E8DFE98EEDA41C082798A5F, 0A79A1DB5ED2BABBA6B38155304A5E7FF09D938322CE822BA7BCD7E2A18D0DA4 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\VolumeControl64.exe, Quarantined, 3574, 184080, , , , , 8B46A050CDBE170B4F52AD4E3966E7C9, 38FA6A9603CAEE0C45B48DE818035F98482599CEB5B0E640D0CC491FF5920BD2 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\website.ico, Quarantined, 3574, 184080, , , , , B2A9DD9BD0B6C373F26D8B102B514761, 7C6C7BE3B768FB64DCD1B54B8201B67F807A4884F4AC8082FDC0D97F80B84318 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\XceedZip.dll, Quarantined, 3574, 184080, , , , , 6790F95F8C340110940EF92100C8FBED, 354AD2F5AF9460878D6C641231B2BEB43763A1548256782950EAAF27FB156491 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\xmllite.dll, Quarantined, 3574, 184080, , , , , 47176C26B3BC164CCB0354694D684E7B, 2FF76AA25ECD5B4CE6344CC2F9E569875123FA891E48A06AFEC4BEB9439766C6 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\zlibwapi.dll, Quarantined, 3574, 184080, , , , , F1B0EF23946D1D6CB40DDD8EE93A8053, D25F33DFE1BF507D537C56A12E8A486C5B900FB56738180EAE7848B780E9B5D8 PUP.Optional.AdvancedSystemOptimizer, C:\USERS\{username}\APPDATA\LOCAL\TEMP\Start Advanced System Optimizer.lnk, Quarantined, 3574, 184080, , , , , D04E69DE5EAA7E116ECE1744CCCA9310, 24942317BDB9A92110C69E6F47227C6ACB25AF1F3D584E8C7D4592CD9CDF65C4 PUP.Optional.AdvancedSystemOptimizer, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\User Pinned\TaskBar\Start Advanced System Optimizer.lnk, Quarantined, 3574, 184080, , , , , D04E69DE5EAA7E116ECE1744CCCA9310, 24942317BDB9A92110C69E6F47227C6ACB25AF1F3D584E8C7D4592CD9CDF65C4 PUP.Optional.AdvancedSystemOptimizer, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\ADVANCED SYSTEM OPTIMIZER.LNK, Quarantined, 3574, 184081, 1.0.40123, , ame, , 22004A27CB3D66A5BD14322539BB81CA, 564F1CD8FCCAE85875367710B199F2E3637A0731EF235E5AA09F73839F10614A PUP.Optional.AdvancedSystemOptimizer, C:\WINDOWS\TASKS\ASO-AutoCheckUpdate7Days.job, Quarantined, 3574, 184083, , , , , 28F6E5FA5F752F34B6162169DD121E4B, 64C0F831DBC9EEFB657A7BADC0A1ADFE84B1F6341ADFBDCDC284D04CBE67B534 PUP.Optional.AdvancedSystemOptimizer, C:\WINDOWS\SYSTEM32\TASKS\ASO-AutoCheckUpdate7Days, Quarantined, 3574, 184083, 1.0.40123, , ame, , 6BECD62322C0D1AF7159C36ED826370D, 088B265CA25E3AC253C58B0802B853F961D86646681E8ECB2484FC231B758E0D PUP.Optional.SmartPCCare, C:\USERS\PUBLIC\DESKTOP\SMART PC CARE.LNK, Quarantined, 3646, 184115, 1.0.40123, , ame, , 46C31AE4EA32680EE1F5281D933930DE, 3E5EE9188D3DAE3A9CEA26482CAB3C1B28AA7425C8116D6BCE5FA01C780DE88A PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Backup and Recovery\Backup Manager.lnk, Quarantined, 3574, 182041, , , , , 38F4C73AA543C7D4B4F301E1FA96A585, 15D919DAA4E76F557A2D77EED519F40701E733B7F43137CA798549A7344DCE9F PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Backup and Recovery\System Files Backup and Restore.lnk, Quarantined, 3574, 182041, , , , , F42D80D3A18A74C769CB99263A276D59, 03C83836827AA9451D2475FA01B4C43E718F9DE6029A84607A47DCA05BAD116D PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Common Issue Fixers\Duplicate File Remover.lnk, Quarantined, 3574, 182041, , , , , F27D29121821B3AE2878AAB82C5CF585, 6CF9950C6888465DA0C9A254BD5AB4C7C8D8D022CD09C5C8132BE91E7272A18B PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Common Issue Fixers\PC Fixer.lnk, Quarantined, 3574, 182041, , , , , 9F92C94C6443FACFCA0EE1A94B415CB9, 00266E294D7312652C64D0C4EB4DB21B5B756BEE5E2986B6EC606C8FA4631854 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup\Disk Explorer.lnk, Quarantined, 3574, 182041, , , , , 1205076907623DC3ECBC8C0719C7B067, 8D0B0B6B5B77FFC97C0D18D8F872C595B9AAE12997A55FEAD4B1F01EDD32C504 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup\Disk Optimizer.lnk, Quarantined, 3574, 182041, , , , , 07A78EB4F25A6B1F0D0791C0AE2D15B8, C36EAEAF2EEE06C65B249554505AA44D639F00031029A5A658F316731E7FB1B9 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup\Disk Tools.lnk, Quarantined, 3574, 182041, , , , , 5E6B84AE73337F1D9B3DF7E162116EAD, 592B151C730C9B80F3AE5888968F46DE44E0349D840099F70ED818ED54EB5359 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup\System Cleaner.lnk, Quarantined, 3574, 182041, , , , , E576D17B846E1E15018EBAD8FEF4D74E, 2B99BE9721F52BB87AFC695F125660F47BAABE63560F4C3890AFE497D702AA64 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Registry Tuneup\Registry Cleaner.lnk, Quarantined, 3574, 182041, , , , , 077CF448D5F26FA3507D7276CCB4DD5F, AB8ACACB419C2F5AA46FE69C5B7D0E09953372132EB6942CBE9AC2A966729DCE PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Registry Tuneup\Registry Optimizer.lnk, Quarantined, 3574, 182041, , , , , F9D4EC22BD86876007D2E65C905E1963, 17A9728D16A0ECB7CE31D77AC192759DB52749A14AADE0F1F4CC87F1F2838462 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Regular Maintenance\Scheduler.lnk, Quarantined, 3574, 182041, , , , , A690F7C92DF511456FD0B73B65111C98, DB176A052307EA9A3DEB0D073FFCB009825F528880668C8F301468235A516A7C PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Regular Maintenance\Startup Manager.lnk, Quarantined, 3574, 182041, , , , , E81A9928AA90C8A97E86053B45BC5812, 458914D49BC7E2384247F3A46B032068A9F1C74956B8FF421F56D354EFB19B7B PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Regular Maintenance\Uninstall Manager.lnk, Quarantined, 3574, 182041, , , , , 65718D14EBC5642AD79B86581452DA6F, D58F87158321225D67113C8EB79BFD8D14016295186CF46BC8EEA9D0472B3212 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Security and Privacy\Privacy Protector.lnk, Quarantined, 3574, 182041, , , , , 266B765AD4E4379463C83861EB63FD94, 2BB96464C072E1D8D3CE9E9803D00E5A0ADECC2761B129577201D4B3649DB4B7 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Security and Privacy\Secure Delete.lnk, Quarantined, 3574, 182041, , , , , 734AFD89ECD173AE12E26664259716F0, FA22432869016DEB3AEEEC6FB392DF9AD0F21DC083BAE66619098ADB1D5B81BD PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Security and Privacy\Secure Encryptor.lnk, Quarantined, 3574, 182041, , , , , 440244AC84C7C899A7C0176A621EFC53, C97EFDC54B9BD33EE0CAAEBEFFB914762A559D885E4CC41C6A46B21A1655A3DF PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Windows Optimization\Game Optimizer.lnk, Quarantined, 3574, 182041, , , , , 5457B5F9935754081B842AC7704CA3DE, 6BCBCB9C9741E0ADEF86CF453F0889BE75F36A8B22AFAC97D122B9CE12DA74BA PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Windows Optimization\Memory Optimizer.lnk, Quarantined, 3574, 182041, , , , , FD1422B158BDD6F3E8677A378C38AD9A, 8FBF2C361F3A5D09EDD461F58F7099BCA8BAE61A429C776A30F766B3BBA3ABD2 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Windows Optimization\System and Security Advisor.lnk, Quarantined, 3574, 182041, , , , , D939678D5CDF84B92F5D649EA5C620FF, 22A04A6638B4AAC47DCE08E44E7A2F89B3A1A9EF325C09665104CF48B4B5F952 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Advanced System Optimizer Help.lnk, Quarantined, 3574, 182041, , , , , AD0EC3F6B077340662FC50E6F9552830, 2492DD4D67C045A124E4B90A7E2F10A1F9ADD1781371E89CEDBB4021D363F752 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Buy Advanced System Optimizer.lnk, Quarantined, 3574, 182041, , , , , 21116847AAACCC65DA77FE9750B05BF5, DDB73BCD7638453B20B12E53006CA6A80387746C56C48FAD6644CED2F8523776 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Smart PC Care.lnk, Quarantined, 3574, 182041, , , , , 9CAF0943145ED41780391DD1A7537C59, BF6F8848952DB9C8DF4B7426821A087D2DC299DF2ABA65F47E6DBF152779A2AB PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Start Advanced System Optimizer.lnk, Quarantined, 3574, 182041, , , , , D04E69DE5EAA7E116ECE1744CCCA9310, 24942317BDB9A92110C69E6F47227C6ACB25AF1F3D584E8C7D4592CD9CDF65C4 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Systweak Software Website.lnk, Quarantined, 3574, 182041, , , , , C46257935F387F1FEE39F81F0A7FC046, 8E959EEBB199CF5AFF0EA623A002C713FD8CA719CDA8EBE4622A3B5F20265889 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Uninstall Advanced System Optimizer.lnk, Quarantined, 3574, 182041, , , , , 72ABC62AB12AC7B2E7518B9D0A75E27C, 7F88F550922BE88E5B6768A7267217051A17D94E1E7E375545E282F29B4C7A07 PUP.Optional.AdvancedSystemOptimizer, C:\USERS\PUBLIC\DESKTOP\ADVANCED SYSTEM OPTIMIZER.LNK, Quarantined, 3574, 184079, 1.0.40123, , ame, , E2FCBE1551123600D15B0D6F90E08170, A80AFA5DC0601846C31E6B62CE7152323D5AE3BA6191F4B305D55F467A6F4C8C PUP.Optional.AdvancedSystemOptimizer, C:\WINDOWS\SYSTEM32\TASKS\ADVANCED SYSTEM OPTIMIZER, Quarantined, 3574, 184082, 1.0.40123, , ame, , 3B5D71C91E08D6A666F95CA0175E4B49, 72DB7E7B6256797B630CAF273296579AD6269F368D4EF6474D75576F20886357 PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\ROAMING\SYSTWEAK\ASO3\backup.aso, Quarantined, 875, 184122, 1.0.40123, , ame, , E9137675D4ABC2D8CF6CE32B15B98D42, 0D0791E33E77756724EE0F8ECAEDDC4143E3F904BCFA6056FAE0EB29C42AF9E2 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Checking for Updates\AppUpdates\LatestVersion.htm, Quarantined, 875, 184122, , , , , 7F5146C9DAAA5557783FB96C90B44594, BC56C170FFAD0121BBBCB5C1315400CC406F38F00C462985AC725EB6E4BB6DB8 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Partial Backups\00000001.rmx, Quarantined, 875, 184122, , , , , 5EB5A079E4B0CD48D7B2E9EB682732DB, C8737D59AE076B1FA31039B4080C64974459854A12D6BF99DA9B91D29EFDE43F PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Partial Backups\00000001.rxb, Quarantined, 875, 184122, , , , , CC6AAB8C6553ECE6D93328FA315C58C0, 993967EED892460CB611310FE628F0BCAB4B2352D348E48BC8F1BD6C8B1472A0 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Registry Cleaner\log_05-04-2021.log, Quarantined, 875, 184122, , , , , 8B1E292271E01034FC9A46C42B79A2B2, 64FC2DF7F5F3229F2B7E8CD09E8EA77F2E57528687FCCFF2BFE0755F7BAE50C7 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\System Files Backup and Restore\LastBkpDateTime.txt, Quarantined, 875, 184122, , , , , 3281685CAD4F1B6A5358367334A2FA4B, 3AC376FFA5BB95984051AF87EABDE1014AFEAF6A6AA9EC120B51304C902B7E96 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\telnostatus.ini, Quarantined, 875, 184122, , , , , 599C43E8C8CEB1CC8CCB24F273D27C8C, 78D60F2EBAE383F40B0773CB4426DBDBAF0AEB0DFB3E8428D15B149C8FA3F416 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\TempHLList.aso, Quarantined, 875, 184122, , , , , 7319468847D7B1AEE40DBF5DD963C999, B0F66ADC83641586656866813FD9DD0B8EBB63796075661BA45D1AA8089E1D44 PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\ROAMING\SYSTWEAK\ASO3\ExcludeList.aso, Quarantined, 875, 184122, 1.0.40123, , ame, , 7319468847D7B1AEE40DBF5DD963C999, B0F66ADC83641586656866813FD9DD0B8EBB63796075661BA45D1AA8089E1D44 PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\ROAMING\SYSTWEAK\ASO3\results.aso, Quarantined, 875, 184122, 1.0.40123, , ame, , A302A771EE0E3127B8950F0A67D17E49, 5DCC1B5872DD9FF1C234501F1FEFDA01F664164E1583C3E1BB3DBEA47588AB31 PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, Quarantined, 875, 395666, 1.0.40123, , ame, , B0AF09399578D5E03BE0723A9926F6EE, 0C2C04A98685FE4E95625F7078EAF34A7D85274D90BFA3FD106397A4EB21EC43 PUP.Optional.SysTweak.Generic, C:\DOWNLOADS\ASO3SETUP_SYSTWEAK-DEFAULT.EXE, Quarantined, 5582, 696375, 1.0.40123, , ame, , 81E69DE9C32BC382666B875DBD21494D, 86E1A1BBFF3D733413310CEBA0F12C63F14EA779AC8B0A5F44E611F4F29EE3BC PUP.Optional.SysTweak.Generic, C:\USERS\{username}\DOWNLOADS\ASO3SETUP_SYSTWEAK-DEFAULT.EXE, Quarantined, 5582, 696375, 1.0.40123, , ame, , 81E69DE9C32BC382666B875DBD21494D, 86E1A1BBFF3D733413310CEBA0F12C63F14EA779AC8B0A5F44E611F4F29EE3BC Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this potentially unwanted program.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  2. What is Simple Malware Protector? Simple Malware Protector is a system optimizer that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog. How do I know if I am affected by Simple Malware Protector? This is how the main screen of the system optimizer looks: You will find these icons in your taskbar, your startmenu, and on your desktop: and see these types of windows during install: and this type of screens during operations: You may see this entry in your list of installed programs: and this task in your list of Scheduled Tasks: How did Simple Malware Protector get on my computer? These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website. How do I remove Simple Malware Protector? Our program Malwarebytes can detect and remove this PUP. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of Simple Malware Protector? No, Malwarebytes removes Simple Malware Protector completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. What if I want to keep Simple Malware Protector? Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you in dealing with this system optimizer. As you can see below the full version of Malwarebytes would have warned you against the Simple Malware Protector installer. Technical details for experts You may see these entries in FRST logs: (Corel Corporation -> SimpleStar) C:\Program Files (x86)\Simple Malware Protector\SimpleMalwareProtector.exe Task: {22ED5DB2-3333-4853-8E3A-EE8E7FAA1E60} - System32\Tasks\smp_notifier_executor => C:\Program Files (x86)\Simple Malware Protector\notifier.exe [1891016 2021-01-27] (Corel Corporation -> Corel Corporation) Task: {E3740806-B555-4383-8694-7E3E38FF006B} - System32\Tasks\Simple Malware Protector_startup => C:\Program Files (x86)\Simple Malware Protector\SimpleMalwareProtector.exe [7681736 2021-01-27] (Corel Corporation -> SimpleStar) C:\Users\{username}\AppData\Local\SimpleStar C:\Windows\system32\Tasks\smp_notifier_executor C:\Windows\system32\Tasks\Simple Malware Protector_startup C:\ProgramData\Desktop\Simple Malware Protector.lnk C:\Users\{username}\AppData\Roaming\SimpleStar C:\ProgramData\SimpleStar C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simple Malware Protector C:\Program Files (x86)\Simple Malware Protector (Corel Corporation) C:\Windows\system32\smpnative64.exe (SimpleStar ) C:\Users\{username}\Desktop\Simple_Setup.exe Simple Malware Protector (HKLM-x32\...\E33A688D-A9DE-4653-9D98-86CBB8910021_SimpleStar_~542DC577_is1) (Version: 2.1.1000.26615 - SimpleStar) Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Simple Malware Protector Adds the file AppManager.exe"="1/27/2021 2:11 PM, 505032 bytes, A Adds the file AppResource.dll"="1/27/2021 2:11 PM, 13105352 bytes, A Adds the file categories.ini"="10/30/2020 11:40 AM, 44596 bytes, A Adds the file Chinese_asp_ZH-CN.ini"="1/19/2021 11:45 AM, 55864 bytes, A Adds the file danish_asp_DA.ini"="1/19/2021 11:45 AM, 99052 bytes, A Adds the file dutch_asp_NL.ini"="1/19/2021 11:45 AM, 99440 bytes, A Adds the file eng_asp_en.ini"="1/19/2021 11:45 AM, 54191 bytes, A Adds the file Finnish_asp_FI.ini"="1/19/2021 11:45 AM, 99206 bytes, A Adds the file french_asp_FR.ini"="1/19/2021 11:45 AM, 110672 bytes, A Adds the file german_asp_DE.ini"="1/19/2021 11:45 AM, 109028 bytes, A Adds the file helper.dll"="1/27/2021 2:11 PM, 2339528 bytes, A Adds the file Interop.IWshRuntimeLibrary.dll"="1/27/2021 2:12 PM, 57032 bytes, A Adds the file italian_asp_IT.ini"="1/19/2021 11:45 AM, 104274 bytes, A Adds the file japanese_asp_JA.ini"="1/19/2021 11:45 AM, 67834 bytes, A Adds the file lci.lci"="3/18/2021 9:07 AM, 664 bytes, H Adds the file loading_withWhiteBG.avi"="1/18/2021 12:20 PM, 103936 bytes, A Adds the file Microsoft.Win32.TaskScheduler.DLL"="1/27/2021 2:12 PM, 123080 bytes, A Adds the file norwegian_asp_NO.ini"="1/19/2021 11:45 AM, 94786 bytes, A Adds the file notifier.exe"="1/27/2021 2:12 PM, 1891016 bytes, A Adds the file portuguese_asp_PT-BR.ini"="1/19/2021 11:45 AM, 101156 bytes, A Adds the file russian_asp_ru.ini"="1/19/2021 11:45 AM, 101630 bytes, A Adds the file scandll.dll"="1/27/2021 2:11 PM, 58568 bytes, A Adds the file SimpleMalwareProtector.exe"="1/27/2021 2:12 PM, 7681736 bytes, A Adds the file SimpleMalwareProtector.exe.config"="1/18/2021 12:19 PM, 6214 bytes, A Adds the file smp.ico"="1/18/2021 12:20 PM, 34494 bytes, A Adds the file spanish_asp_ES.ini"="1/19/2021 11:45 AM, 106462 bytes, A Adds the file swedish_asp_SV.ini"="1/26/2021 1:03 PM, 96526 bytes, A Adds the file System.Core.dll"="1/27/2021 2:12 PM, 675528 bytes, A Adds the file System.Data.SQLite.dll"="1/27/2021 2:12 PM, 894152 bytes, A Adds the file tray.exe"="1/27/2021 2:11 PM, 2059976 bytes, A Adds the file unins000.dat"="3/18/2021 9:07 AM, 98275 bytes, A Adds the file unins000.exe"="3/18/2021 9:07 AM, 1217224 bytes, A Adds the file unins000.msg"="3/18/2021 9:07 AM, 22701 bytes, A Adds the file unrar.dll"="1/27/2021 2:12 PM, 219848 bytes, A Adds the file Xceed.Compression.dll"="1/27/2021 2:12 PM, 110280 bytes, A Adds the file Xceed.Compression.Formats.dll"="1/27/2021 2:12 PM, 73416 bytes, A Adds the file Xceed.FileSystem.dll"="1/27/2021 2:12 PM, 130760 bytes, A Adds the file Xceed.Zip.dll"="1/27/2021 2:12 PM, 204488 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simple Malware Protector Adds the file Register Simple Malware Protector.lnk"="3/18/2021 9:07 AM, 1233 bytes, A Adds the file Simple Malware Protector.lnk"="3/18/2021 9:07 AM, 1207 bytes, A Adds the file Uninstall Simple Malware Protector.lnk"="3/18/2021 9:07 AM, 1137 bytes, A Adds the folder C:\ProgramData\SimpleStar\Simple Malware Protector Adds the file AddonSafelist"="1/18/2021 12:20 PM, 13312 bytes, A Adds the file log.xslt"="1/18/2021 12:20 PM, 24753 bytes, A Adds the folder C:\ProgramData\SimpleStar\Simple Malware Protector\signatures Adds the file completedatabase.db"="3/18/2021 9:13 AM, 262275072 bytes, A Adds the file Cookies.bin"="3/18/2021 9:13 AM, 233960 bytes, A Adds the file DigSign.bin"="3/18/2021 9:14 AM, 132248 bytes, A Adds the file FilePaths.bin"="3/18/2021 9:13 AM, 5846920 bytes, A Adds the file FileSignature.bin"="3/18/2021 9:14 AM, 39806312 bytes, A Adds the file Folders.bin"="3/18/2021 9:14 AM, 1698944 bytes, A Adds the file Md5.bin"="3/18/2021 9:14 AM, 129842640 bytes, A Adds the file Registry.bin"="3/18/2021 9:14 AM, 39300384 bytes, A Adds the file SetupSign.bin"="3/18/2021 9:14 AM, 13504 bytes, A Adds the file StrSetupSign.bin"="3/18/2021 9:14 AM, 1824 bytes, A Adds the folder C:\ProgramData\SimpleStar\Simple Malware Protector\updates Adds the file 3262completedatabase.zip"="3/18/2021 9:11 AM, 36169813 bytes, A Adds the file 4221mupdate.zip"="3/18/2021 9:13 AM, 108841406 bytes, A Adds the file 4222update.zip"="3/18/2021 9:13 AM, 413832 bytes, A Adds the file 4223update.zip"="3/18/2021 9:13 AM, 671671 bytes, A Adds the file 4224update.zip"="3/18/2021 9:13 AM, 175199 bytes, A Adds the file 4225update.zip"="3/18/2021 9:13 AM, 18596 bytes, A Adds the file 4226update.zip"="3/18/2021 9:13 AM, 191470 bytes, A Adds the folder C:\Users\{username}\AppData\Local\SimpleStar\Simple Malware Protector Adds the file ScanEngineErrorLog.txt"="3/18/2021 9:17 AM, 6083 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\SimpleStar\Simple Malware Protector Adds the file ASPLog.txt"="3/18/2021 9:18 AM, 6520 bytes, A Adds the file QDetail.db"="3/18/2021 9:07 AM, 4096 bytes, A Adds the file Settings.db"="3/18/2021 9:17 AM, 12288 bytes, A Adds the file Update.ini"="3/18/2021 9:10 AM, 2360 bytes, A Adds the file uuid.txt"="3/18/2021 9:07 AM, 35 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\SimpleStar\Simple Malware Protector\Logs Adds the file log_18-03-21_09-17-10.xml"="3/18/2021 9:17 AM, 70532 bytes, A Adds the file SMLog.xml"="3/18/2021 9:17 AM, 3376 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file Simple Malware Protector.lnk"="3/18/2021 9:07 AM, 1189 bytes, A In the existing folder C:\Windows\System32 Adds the file smpnative64.exe"="1/27/2021 2:12 PM, 29384 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file Simple Malware Protector_startup"="3/18/2021 9:07 AM, 3116 bytes, A Adds the file smp_notifier_executor"="3/18/2021 9:07 AM, 3634 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\E33A688D-A9DE-4653-9D98-86CBB8910021_SimpleStar_~542DC577_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Simple Malware Protector\SimpleMalwareProtector.exe" "DisplayName"="REG_SZ", "Simple Malware Protector" "DisplayVersion"="REG_SZ", "2.1.1000.26615" "EstimatedSize"="REG_DWORD", 32132 "HelpLink"="REG_SZ", "https://goto.simplestar.com/action/?product=SMP&LinkType=Support/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Simple Malware Protector" "Inno Setup: Icon Group"="REG_SZ", "Simple Malware Protector" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.9 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20210318" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Simple Malware Protector\" "MajorVersion"="REG_DWORD", 2 "MinorVersion"="REG_DWORD", 1 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "SimpleStar" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Simple Malware Protector\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Simple Malware Protector\unins000.exe"" "URLInfoAbout"="REG_SZ", "https://www.simplestar.com" "VersionMajor"="REG_DWORD", 2 "VersionMinor"="REG_DWORD", 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SimpleStar\Params] "affiliateid"="REG_SZ", "" "SMPInstalledPath"="REG_SZ", "C:\Program Files (x86)\Simple Malware Protector" "TELNO"="REG_SZ", "" "utm_campaign"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "simplestar" "x-at"="REG_SZ", "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SimpleStar\Simple Malware Protector] "affiliateid"="REG_SZ", "" "afterInstallUrl"="REG_SZ", "https://goto.simplestar.com/action/?product=SMP&LinkType=Install&BuildID=5&t=" "buildid"="REG_SZ", "5" "BuyNowURL"="REG_SZ", "https://goto.simplestar.com/action/?product=SMP&LinkType=Purchase&BuildID=5&t=" "BuyNowURLADU"="REG_SZ", "" "BuyNowURLASP"="REG_SZ", "" "BuyNowURLPB"="REG_SZ", "" "BuyNowURLRCP"="REG_SZ", "" "cmd_t"="REG_SZ", "" "Expired"="REG_DWORD", 0 "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Simple Malware Protector" "isphone"="REG_SZ", "0" "IsScanOptional"="REG_DWORD", 1 "issilent"="REG_DWORD", 1 "MaxFixLimit"="REG_DWORD", 0 "REGVER"="REG_DWORD", 0 "REGVER-UNINSTALL"="REG_DWORD", 0 "RenewNowURL"="REG_SZ", "https://goto.simplestar.com/action/?product=SMP&LinkType=Renew&BuildID=5&t=" "RenewNowURLADU"="REG_SZ", "" "RenewNowURLASP"="REG_SZ", "" "RenewNowURLPB"="REG_SZ", "" "RenewNowURLRCP"="REG_SZ", "" "showbc"="REG_DWORD", 0 "showfth"="REG_DWORD", 0 "showfthsetting"="REG_DWORD", 0 "showpb"="REG_DWORD", 0 "showsm"="REG_DWORD", 1 "support_email"="REG_SZ", "support@simplestar.com" "SUPPORT_URL"="REG_SZ", "https://goto.simplestar.com/action/?product=SMP&LinkType=Support&BuildID=5&t=" "TELNO"="REG_SZ", "" "TELNOFR"="REG_SZ", "" "uid"="REG_SZ", "72205a28-a34819b8-a4bb0795-f972a54c" "utm_campaign"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "simplestar" "x-at"="REG_SZ", "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SimpleStar\Simple Malware Protector\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\SimpleStar\params] "SMPInstalledPath"="REG_SZ", "C:\Program Files (x86)\Simple Malware Protector" [HKEY_CURRENT_USER\Software\SimpleStar\Simple Malware Protector] "affiliateid"="REG_SZ", "" "buildid"="REG_SZ", "5" "cmd_t"="REG_SZ", "" "CurrentScanTime"="REG_BINARY, ........ "FirstInstallDate"="REG_SZ", "18-03-2021" "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Simple Malware Protector" "StrLastErrorsFixed"="REG_SZ", "0" "StrLastScanResults"="REG_SZ", "92" "TELNO"="REG_SZ", "" "TELNOFR"="REG_SZ", "" "utm_campaign"="REG_SZ", "default" "utm_days"="REG_SZ", "0" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "simplestar" "x-at"="REG_SZ", "" [HKEY_CURRENT_USER\Software\SimpleStar\Simple Malware Protector\2.1.1000.26615] [HKEY_CURRENT_USER\Software\SimpleStar\Simple Malware Protector\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/18/21 Scan Time: 9:26 AM Log File: a1d5a9f6-87c3-11eb-934c-080027235d76.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1217 Update Package Version: 1.0.38331 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username}-PC\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 233646 Threats Detected: 12 Threats Quarantined: 12 Time Elapsed: 3 min, 6 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\SIMPLE MALWARE PROTECTOR\SIMPLEMALWAREPROTECTOR.EXE, Quarantined, 869, 911866, , , , , 20B90A718CF55D95616A79342DBA5D06, C88800519501E455CF6A45CD88776E54CE094A90B03312CF5ACBC796932E3A42 Module: 2 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\SIMPLE MALWARE PROTECTOR\SIMPLEMALWAREPROTECTOR.EXE, Quarantined, 869, 911866, , , , , 20B90A718CF55D95616A79342DBA5D06, C88800519501E455CF6A45CD88776E54CE094A90B03312CF5ACBC796932E3A42 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\SIMPLE MALWARE PROTECTOR\SCANDLL.DLL, Quarantined, 869, 911917, , , , , 3614951BABCC88D57F1A26AA2042666D, 92AD4CCA4ECCEC613CF4D58917901A50C4BE2C44845E1E81DDAB7D18AC4033D2 Registry Key: 3 PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Simple Malware Protector_startup, Quarantined, 869, 911866, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E3740806-B555-4383-8694-7E3E38FF006B}, Quarantined, 869, 911866, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{E3740806-B555-4383-8694-7E3E38FF006B}, Quarantined, 869, 911866, , , , , , Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 6 PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\Simple Malware Protector_startup, Quarantined, 869, 911866, , , , , 71C36A0F2F183A885E5F26F5867423AA, 9B20A18FC5FAB6BFCFBB08871730B07D13B0131175F1A882BCF3AB429921AC34 PUP.Optional.AdvancedSystemProtector, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Simple Malware Protector.lnk, Quarantined, 869, 911866, , , , , 6AD0A9E4EF88F0AF810329B557F6631E, 9F988C7F8E3F5C1D5AD382CA90073DCEBB4D1530D3FAA3DCD03E254465EB083B PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\SIMPLE MALWARE PROTECTOR\SIMPLEMALWAREPROTECTOR.EXE, Quarantined, 869, 911866, 1.0.38331, , ame, , 20B90A718CF55D95616A79342DBA5D06, C88800519501E455CF6A45CD88776E54CE094A90B03312CF5ACBC796932E3A42 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\SIMPLE MALWARE PROTECTOR\SCANDLL.DLL, Quarantined, 869, 911917, 1.0.38331, , ame, , 3614951BABCC88D57F1A26AA2042666D, 92AD4CCA4ECCEC613CF4D58917901A50C4BE2C44845E1E81DDAB7D18AC4033D2 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\SIMPLE MALWARE PROTECTOR\APPMANAGER.EXE, Quarantined, 869, 911911, 1.0.38331, , ame, , 8E5255733B46E1835407C6411FCCCEBE, 13061DB0897E812E0749903B7C9F800936854805D4323755765C55307F36837D PUP.Optional.SimpleStar, C:\USERS\{username}\DESKTOP\SIMPLE_SETUP.EXE, Quarantined, 1659, 921088, 1.0.38331, , ame, , 60157D8096122784436BD1748C2C0C58, 24E3E15DAEE753690446A2FB09F8AB410F05B4C0D5F25AC4318CFADE2D429487 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this potentially unwanted program. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  3. What is Advanced System Protector? Advanced System Protector is a system optimizer that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog. How do I know if I am affected by Advanced System Protector? This is how the main screen of the system optimizer looks: You will find these icons in your taskbar, your startmenu, and on your desktop: and see this type of windows during install: and this type of screens during operations: You may see this entry in your list of installed programs: and these tasks in your list of Scheduled Tasks: How did Advanced System Protector get on my computer? These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website. How do I remove Advanced System Protector? Our program Malwarebytes can detect and remove this PUP. For a more complete removal it is better to run the built-in uninstaller first. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of Advanced System Protector? No, Malwarebytes removes Advanced System Protector completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. What if I want to keep Advanced System Protector? Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you in dealing with this system optimizer. As you can see below the full version of Malwarebytes would have warned you against the Advanced System Protector installer. Technical details for experts You may see these entries in FRST logs: (SYSTWEAK SOFTWARE -> Systweak Software) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe Task: {1DBAD206-30B0-4BCB-B8E1-17C1EEC3BAEE} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\Advanced System Protector\AspManager.exe [1007864 2020-12-16] (SYSTWEAK SOFTWARE -> Systweak Software) Task: {D2AE2E3D-3A88-482F-B743-D48140E07ECD} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [8983288 2020-12-16] (SYSTWEAK SOFTWARE -> Systweak Software) C:\Windows\system32\Tasks\Advanced System Protector C:\Windows\system32\Tasks\Advanced System Protector_startup C:\ProgramData\Desktop\Advanced System Protector.lnk C:\Users\{username}\AppData\Roaming\Systweak C:\Users\{username}\AppData\Local\Systweak C:\ProgramData\Systweak C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector C:\Program Files (x86)\Advanced System Protector (Systweak Software) C:\Windows\system32\sasnative64.exe Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.3.1001.27010 - Systweak Software) <==== ATTENTION ContextMenuHandlers1: [Advanced System Protector] -> {00212D92-C5D8-4ff4-AE50-B20F0F85C40A} => C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector\aspcontexthelper64.dll [2020-12-16] (SYSTWEAK SOFTWARE -> Systweak Software) Significant alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Advanced System Protector Adds the file AdvancedSystemProtector.exe"="12/16/2020 11:02 AM, 8983288 bytes, A Adds the file AdvancedSystemProtector.exe.config"="12/8/2020 4:35 PM, 8316 bytes, A Adds the file AppResource.dll"="12/16/2020 11:02 AM, 5140216 bytes, A Adds the file asp.ico"="12/8/2020 4:35 PM, 17542 bytes, A Adds the file AspManager.exe"="12/16/2020 11:02 AM, 1007864 bytes, A Adds the file aspsys.dll"="12/16/2020 11:02 AM, 984824 bytes, A Adds the file categories.ini"="12/8/2020 4:35 PM, 44596 bytes, A Adds the file Chinese_asp_ZH-CN.ini"="12/8/2020 4:35 PM, 68320 bytes, A Adds the file Communication.dll"="12/16/2020 11:02 AM, 362232 bytes, A Adds the file danish_asp_DA.ini"="12/8/2020 4:35 PM, 119390 bytes, A Adds the file dutch_asp_NL.ini"="12/8/2020 4:35 PM, 120766 bytes, A Adds the file eng_asp_en.ini"="12/8/2020 4:35 PM, 131796 bytes, A Adds the file Finnish_asp_FI.ini"="12/8/2020 4:35 PM, 120236 bytes, A Adds the file french_asp_FR.ini"="12/8/2020 4:35 PM, 135418 bytes, A Adds the file german_asp_DE.ini"="12/8/2020 4:35 PM, 133458 bytes, A Adds the file Interop.IWshRuntimeLibrary.dll"="12/16/2020 11:02 AM, 55032 bytes, A Adds the file italian_asp_IT.ini"="12/8/2020 4:35 PM, 125334 bytes, A Adds the file japanese_asp_JA.ini"="12/8/2020 4:35 PM, 83742 bytes, A Adds the file libyara.NET.dll"="12/16/2020 11:02 AM, 1165560 bytes, A Adds the file loading_withWhiteBG.avi"="12/8/2020 4:35 PM, 103936 bytes, A Adds the file Microsoft.Win32.TaskScheduler.DLL"="12/16/2020 11:02 AM, 121080 bytes, A Adds the file norwegian_asp_NO.ini"="12/8/2020 4:35 PM, 114688 bytes, A Adds the file portuguese_asp_PT-BR.ini"="12/8/2020 4:35 PM, 122654 bytes, A Adds the file Restartexp.exe"="12/16/2020 11:02 AM, 14072 bytes, A Adds the file russian_asp_ru.ini"="12/8/2020 4:35 PM, 122402 bytes, A Adds the file scandll.dll"="12/16/2020 11:02 AM, 127736 bytes, A Adds the file spanish_asp_ES.ini"="12/8/2020 4:35 PM, 128178 bytes, A Adds the file SQLite.Interop.dll"="12/16/2020 11:02 AM, 1126136 bytes, A Adds the file swedish_asp_SV.ini"="12/8/2020 4:35 PM, 116524 bytes, A Adds the file System.Core.dll"="12/16/2020 11:02 AM, 673528 bytes, A Adds the file System.Data.SQLite.dll"="12/16/2020 11:02 AM, 369400 bytes, A Adds the file unins000.dat"="3/9/2021 10:35 AM, 166533 bytes, A Adds the file unins000.exe"="3/9/2021 10:34 AM, 1198328 bytes, A Adds the file unins000.msg"="3/9/2021 10:35 AM, 22701 bytes, A Adds the file unrar.dll"="12/16/2020 11:02 AM, 260344 bytes, A Adds the file Xceed.Compression.dll"="12/16/2020 11:02 AM, 108280 bytes, A Adds the file Xceed.Compression.Formats.dll"="12/16/2020 11:02 AM, 71416 bytes, A Adds the file Xceed.FileSystem.dll"="12/16/2020 11:02 AM, 128760 bytes, A Adds the file Xceed.Zip.dll"="12/16/2020 11:02 AM, 202488 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector Adds the file Advanced System Protector.lnk"="3/9/2021 10:35 AM, 1219 bytes, A Adds the file Register Advanced System Protector.lnk"="3/9/2021 10:35 AM, 1245 bytes, A Adds the file Uninstall Advanced System Protector.lnk"="3/9/2021 10:35 AM, 1168 bytes, A Adds the folder C:\ProgramData\Systweak\Advanced System Protector\signatures Adds the file completedatabase.db"="3/9/2021 10:38 AM, 263494656 bytes, A Adds the file Cookies.bin"="3/9/2021 10:38 AM, 233960 bytes, A Adds the file DigSign.bin"="3/9/2021 10:39 AM, 132248 bytes, A Adds the file FilePathFIX.bin"="3/9/2021 10:39 AM, 597664 bytes, A Adds the file FilePaths.bin"="3/9/2021 10:38 AM, 5840928 bytes, A Adds the file FileSignature.bin"="3/9/2021 10:38 AM, 39753240 bytes, A Adds the file Folders.bin"="3/9/2021 10:38 AM, 1688256 bytes, A Adds the file Md5.bin"="3/9/2021 10:39 AM, 129766720 bytes, A Adds the file Registry.bin"="3/9/2021 10:39 AM, 39293320 bytes, A Adds the file SetupSign.bin"="3/9/2021 10:39 AM, 13504 bytes, A Adds the file StrSetupSign.bin"="3/9/2021 10:39 AM, 1824 bytes, A Adds the folder C:\ProgramData\Systweak\Advanced System Protector\updates Adds the file 100oupdate.zip"="3/9/2021 10:37 AM, 67519 bytes, A Adds the file 3262completedatabase.zip"="3/9/2021 10:37 AM, 36169813 bytes, A Adds the file 4221mupdate.zip"="3/9/2021 10:37 AM, 108841406 bytes, A Adds the file 4222update.zip"="3/9/2021 10:37 AM, 413832 bytes, A Adds the file 4223update.zip"="3/9/2021 10:37 AM, 671671 bytes, A Adds the folder C:\ProgramData\Systweak\Advanced System Protector\yr Adds the file yrnp.txt"="3/9/2021 10:37 AM, 1283672 bytes, A Adds the folder C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector Adds the file aspcontexthelper64.dll"="12/16/2020 11:02 AM, 86776 bytes, A Adds the file ScanEngineErrorLog.txt"="3/9/2021 10:42 AM, 4898 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\Advanced System Protector Adds the file ASPLog.txt"="3/9/2021 10:42 AM, 4071 bytes, A Adds the file ASPStartupManagerErrorLog.txt"="3/9/2021 10:42 AM, 238 bytes, A Adds the file QDetail.db"="3/9/2021 10:36 AM, 16384 bytes, A Adds the file Settings.db"="3/9/2021 10:42 AM, 45056 bytes, A Adds the file Update.ini"="3/9/2021 10:36 AM, 3686 bytes, A Adds the file Utility_kit.ini"="3/9/2021 10:36 AM, 12408 bytes, A Adds the file yrscnloc.ini"="3/9/2021 10:39 AM, 748 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\Advanced System Protector\Logs Adds the file log_09-03-21_10-42-38.xml"="3/9/2021 10:42 AM, 92305 bytes, A Adds the file SMLog.xml"="3/9/2021 10:42 AM, 3046 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file Advanced System Protector.lnk"="3/9/2021 10:35 AM, 1201 bytes, A In the existing folder C:\Windows\System32 Adds the file sasnative64.exe"="12/16/2020 11:02 AM, 37112 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file Advanced System Protector"="3/9/2021 10:36 AM, 3740 bytes, A Adds the file Advanced System Protector_startup"="3/9/2021 10:36 AM, 3120 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced System Protector] "(Default)"="REG_SZ", "{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}\InProcServer32] "(Default)"="REG_SZ", "C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector\aspcontexthelper64.dll" "ThreadingModel"="REG_SZ", "Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Advanced System Protector] "(Default)"="REG_SZ", "{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}"="REG_SZ", "Scan with Advanced System Protector" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard] "CID"="REG_SZ", "1366989322" "CompanyID"="REG_DWORD", 1963947 "ProductCode"="REG_SZ", "{A22B8513-EA8C-46A1-9735-F5BE971C368D}" "referralid"="REG_SZ", "mzjv3r" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32] "ConsoleTracingMask"="REG_DWORD", -65536 "EnableConsoleTracing"="REG_DWORD", 0 "EnableFileTracing"="REG_DWORD", 0 "FileDirectory"="REG_EXPAND_SZ, "%windir%\tracing" "FileTracingMask"="REG_DWORD", -65536 "MaxFileSize"="REG_DWORD", 1048576 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS] "ConsoleTracingMask"="REG_DWORD", -65536 "EnableConsoleTracing"="REG_DWORD", 0 "EnableFileTracing"="REG_DWORD", 0 "FileDirectory"="REG_EXPAND_SZ, "%windir%\tracing" "FileTracingMask"="REG_DWORD", -65536 "MaxFileSize"="REG_DWORD", 1048576 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe" "DisplayName"="REG_SZ", "Advanced System Protector" "DisplayVersion"="REG_SZ", "2.3.1001.27010" "EstimatedSize"="REG_DWORD", 24004 "HelpLink"="REG_SZ", "http://www.systweak.com/antispyware/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector" "Inno Setup: Icon Group"="REG_SZ", "Advanced System Protector" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.9 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20210309" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector\" "MajorVersion"="REG_DWORD", 2 "MinorVersion"="REG_DWORD", 3 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Systweak Software" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Advanced System Protector\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Advanced System Protector\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.systweak.com/antispyware/" "VersionMajor"="REG_DWORD", 2 "VersionMinor"="REG_DWORD", 3 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\Advanced System Protector] "affiliateid"="REG_SZ", "" "afterInstallUrl"="REG_SZ", "http://powerbundle.systweak.com/ASP/firstinstall/?newasp=1&utm_content=AfterInstall&utm_term=Setup&page=install&" "BuyNowURL"="REG_SZ", "http://www.systweak.com/antispyware/price.asp?" "BuyNowURLADU"="REG_SZ", "http://powerbundle.systweak.com/pb/price/?pname=adu&" "BuyNowURLASP"="REG_SZ", "http://powerbundle.systweak.com/pb/price/?pname=asp&" "BuyNowURLPB"="REG_SZ", "http://powerbundle.systweak.com/PB/purchase/?pname=asp&" "BuyNowURLRCP"="REG_SZ", "http://powerbundle.systweak.com/pb/price/?pname=rcp&" "Expired"="REG_DWORD", 0 "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector" "isphone"="REG_SZ", "0" "IsScanOptional"="REG_DWORD", 1 "IsShowcaseDepOnUpdIni"="REG_DWORD", 0 "issilent"="REG_DWORD", 0 "Key"="REG_SZ", "" "MaxFixLimit"="REG_DWORD", 0 "NoLPHIconNeeded"="REG_DWORD", 1 "REGVER"="REG_DWORD", 0 "REGVER-UNINSTALL"="REG_DWORD", 0 "RenewNowURL"="REG_SZ", "http://www.systweak.com/antispyware/price.asp?renew=1&" "RenewNowURLADU"="REG_SZ", "http://powerbundle.systweak.com/pb/renewal/?pname=adu&" "RenewNowURLASP"="REG_SZ", "http://powerbundle.systweak.com/pb/renewal/?pname=asp&" "RenewNowURLPB"="REG_SZ", "http://powerbundle.systweak.com/PB/pbrenewal/?pname=asp&" "RenewNowURLRCP"="REG_SZ", "http://powerbundle.systweak.com/pb/renewal/?pname=rcp&" "showbc"="REG_DWORD", 0 "showfth"="REG_DWORD", 1 "showfthsetting"="REG_DWORD", 1 "showpb"="REG_DWORD", 0 "showsadtab"="REG_DWORD", 1 "showsm"="REG_DWORD", 1 "showutk"="REG_DWORD", 1 "support_email"="REG_SZ", "support@systweak.com" "TELNO"="REG_SZ", "" "TELNOFR"="REG_SZ", "" "utm_campaign"="REG_SZ", "default" "utm_cid"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "systweak" "x-at"="REG_SZ", "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\Advanced System Protector\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\aso3] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\Params] "ASPInstalledPath"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector" "TELNO"="REG_SZ", "" [HKEY_CURRENT_USER\Software\LogMeInRescueCallingCard] "CID"="REG_SZ", "1366989322" "CompanyID"="REG_DWORD", 1963947 "ProductCode"="REG_SZ", "{A22B8513-EA8C-46A1-9735-F5BE971C368D}" "referralid"="REG_SZ", "mzjv3r" [HKEY_CURRENT_USER\Software\Systweak\Advanced System Protector] "affiliateid"="REG_SZ", "" "CurrentScanTime"="REG_BINARY, ........ "Expired"="REG_DWORD", 0 "FirstInstallDate"="REG_SZ", "09-03-2021" "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector" "IsFreeCleanDone"="REG_DWORD", 0 "IsPN"="REG_DWORD", 1 "Key"="REG_SZ", "" "MaxFixLimit"="REG_DWORD", 0 "REGVER"="REG_DWORD", 0 "REGVER-UNINSTALL"="REG_DWORD", 0 "StrLastErrorsFixed"="REG_SZ", "0" "StrLastScanResults"="REG_SZ", "120" "TELNO"="REG_SZ", "" "TELNOFR"="REG_SZ", "" "utm_campaign"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "systweak" "x-at"="REG_SZ", "" "YrVer"="REG_SZ", "9" [HKEY_CURRENT_USER\Software\Systweak\Advanced System Protector\2.3.1001.27010] [HKEY_CURRENT_USER\Software\Systweak\Advanced System Protector\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Systweak\params] "ASPInstalledPath"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/9/21 Scan Time: 11:00 AM Log File: 4e028238-80be-11eb-ac31-080027235d76.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1173 Update Package Version: 1.0.37897 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username}-PC\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 233731 Threats Detected: 73 Threats Quarantined: 73 Time Elapsed: 3 min, 14 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe, Quarantined, 865, 235325, , , , , 6301DFF73EF84A4EB5F692DA1B1E71FA, F329AD8522CF53F9F54E645DE78F81E34D83AB3E459BA5108981F28960F6CABF Module: 6 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector\aspcontexthelper64.dll, Quarantined, 865, 180843, , , , , 5F10F8DDBAC1A9EE80E8D3220C734694, 5256B0448B24096FE9E9BCBA836D29DCFE150CE2FC8ADEC3BA80FA87EBE59F23 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe, Quarantined, 865, 235325, , , , , 6301DFF73EF84A4EB5F692DA1B1E71FA, F329AD8522CF53F9F54E645DE78F81E34D83AB3E459BA5108981F28960F6CABF PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\aspsys.dll, Quarantined, 865, 235325, , , , , A434AFF6DB455ABD89716A06AE943EF4, DCD19100E6FC0B15C8F329616A39BBEBA057886D22F6F849DC4079B987F8F086 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\libyara.NET.dll, Quarantined, 865, 235325, , , , , 1EA4074FFD052CD036B448EB0CD24951, AE5B261FB477DE62960435933258F31E75942709447B0083F537D834AA05A731 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\SQLite.Interop.dll, Quarantined, 865, 235325, , , , , 410EF665AD9D5D5FC9F4F26294CD250C, 79C6B707652656FF61AE6256B95165ECB93B172C5CBF4DF1D0B7AECD0FBC4189 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\unrar.dll, Quarantined, 865, 235325, , , , , FB9C090B1BCE9AD6A5E4A560DDD70AB9, 88D76D52423FC7F18CB5B3B87D3576540BBF4D8BD3A90A144AF3244FC6F09128 Registry Key: 12 PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advanced System Protector_startup, Quarantined, 865, 190115, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2AE2E3D-3A88-482F-B743-D48140E07ECD}, Quarantined, 865, 190115, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{D2AE2E3D-3A88-482F-B743-D48140E07ECD}, Quarantined, 865, 190115, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\CLSID\{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}, Quarantined, 865, 180843, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\CLSID\{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}\InprocServer32, Quarantined, 865, 180843, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\FOLDER\SHELLEX\CONTEXTMENUHANDLERS\Advanced System Protector, Quarantined, 865, 326803, 1.0.37897, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advanced System Protector, Quarantined, 865, 235325, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1DBAD206-30B0-4BCB-B8E1-17C1EEC3BAEE}, Quarantined, 865, 235325, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{1DBAD206-30B0-4BCB-B8E1-17C1EEC3BAEE}, Quarantined, 865, 235325, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1, Quarantined, 865, 235325, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AdvancedSystemProtector_RASAPI32, Quarantined, 865, 246262, 1.0.37897, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AdvancedSystemProtector_RASMANCS, Quarantined, 865, 246262, 1.0.37897, , ame, , , Registry Value: 3 PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELL EXTENSIONS\APPROVED|{00212D92-C5D8-4FF4-AE50-B20F0F85C40A}, Quarantined, 865, 326804, 1.0.37897, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1DBAD206-30B0-4BCB-B8E1-17C1EEC3BAEE}|PATH, Quarantined, 865, 348601, 1.0.37897, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2AE2E3D-3A88-482F-B743-D48140E07ECD}|PATH, Quarantined, 865, 259033, 1.0.37897, , ame, , , Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 3 PUP.Optional.AdvancedSystemProtector, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Advanced System Protector, Quarantined, 865, 175380, 1.0.37897, , ame, , , PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\APPDATA\LOCAL\SYSTWEAK\ADVANCED SYSTEM PROTECTOR, Quarantined, 865, 180843, 1.0.37897, , ame, , , PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\LOCAL\SYSTWEAK, Quarantined, 857, 335041, 1.0.37897, , ame, , , File: 48 PUP.Optional.AdvancedSystemProtector, C:\USERS\PUBLIC\DESKTOP\ADVANCED SYSTEM PROTECTOR.LNK, Quarantined, 865, 190775, 1.0.37897, , ame, , 4039FB5EAB9ADEC34DEE932BC4F0A283, B5595C5120146A12EFC8B9EC1AED2E7951AA545B1F751208B8DFD85A7F0EB498 PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector.lnk, Quarantined, 865, 175380, , , , , 0AD9A3DE222AE2CD46253501372F78F8, 663F98858937B75C6E55ECE076FFFA71649DAF3B29CA3E604F37F643780C2521 PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Register Advanced System Protector.lnk, Quarantined, 865, 175380, , , , , EDCB1CEF7A61844CA017DF0F97D2E95E, 14434DDFCF681DFAAB65708CC19C8967E04251D668553337E906BA248E5EDCF0 PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Uninstall Advanced System Protector.lnk, Quarantined, 865, 175380, , , , , 60153BC9AFA94AE695D08AB9EA32DCF5, 31077607DE7A3D2EB9AF066F3C3B46AF9EDDB4BD7B923F6CA958E3B88669F2EF PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\ADVANCED SYSTEM PROTECTOR_STARTUP, Quarantined, 865, 190115, 1.0.37897, , ame, , F843AB34A2F48133B0F0DBB27D9F66BF, 2981E7653E90C5E42E131FF949051BBBF642DCF669AE5B7BEFF3E8854F755327 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector\aspcontexthelper64.dll, Quarantined, 865, 180843, , , , , 5F10F8DDBAC1A9EE80E8D3220C734694, 5256B0448B24096FE9E9BCBA836D29DCFE150CE2FC8ADEC3BA80FA87EBE59F23 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector\ScanEngineErrorLog.txt, Quarantined, 865, 180843, , , , , CC6DF19650DA1E36A23AC92E185BEB5F, 77A7DA26A664866C487495EC852301B0F52100C7E7039DB0A15887579384CB25 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\ADVANCED SYSTEM PROTECTOR\LOADING_WITHWHITEBG.AVI, Quarantined, 865, 235325, 1.0.37897, , ame, , 583B036CE812CD9DF8A6BBB8B7B3116C, 60F4505028DD26E3FF5BBD86F6B3AD7B43A76616BD91D39AB95DA5535436FFA2 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe, Quarantined, 865, 235325, , , , , 6301DFF73EF84A4EB5F692DA1B1E71FA, F329AD8522CF53F9F54E645DE78F81E34D83AB3E459BA5108981F28960F6CABF PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.config, Quarantined, 865, 235325, , , , , BF0D2D9EF29EFB894B942640850C07D7, 253E70FDD35C79D2F6932810E08095C6CEFCEADE365FFFE5726FAF25B49C588B PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AppResource.dll, Quarantined, 865, 235325, , , , , 4E05AEBFD005900ECDB803C1C9419929, 83953D25F3CE3B47173E5010D073E990D5CFAE15B4A0F12B1941E4174917CDF7 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\asp.ico, Quarantined, 865, 235325, , , , , B901782363304EF68B5C6FB9919CD57A, 20A80FE27C1ECE224A476A81219442D9F2AC8CD6FF5A385858CDD78527E27CFC PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AspManager.exe, Quarantined, 865, 235325, , , , , A34DCBA0A249CF482A9EB460EB8F4DAD, 9585328862E63F417692B85CEB76AC215F396F8EB955A86954379EC83B361C9C PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\aspsys.dll, Quarantined, 865, 235325, , , , , A434AFF6DB455ABD89716A06AE943EF4, DCD19100E6FC0B15C8F329616A39BBEBA057886D22F6F849DC4079B987F8F086 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\categories.ini, Quarantined, 865, 235325, , , , , F209C342E0373D5D28E7FF2D7FB5485B, 8CEDDEB44227B9A52B18A4461CDFCE5A51F9D680762163674B2F18764F312B5A PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Chinese_asp_ZH-CN.ini, Quarantined, 865, 235325, , , , , CAC354DA87D8A34384D36BA2FB43CE6D, 35E5F6480AB921A0D5232D7B61DC9F563CBA05507F1385374777B9D664433A07 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Communication.dll, Quarantined, 865, 235325, , , , , 145586B31AAB29222A10561FB0623A54, D11716FB0A173A2E304C902EF0B0F5E5CEB558A13AC0EAD6A248C36C79BD9F97 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\danish_asp_DA.ini, Quarantined, 865, 235325, , , , , BEC591D5B7AB929A285ED7412A595927, 8FECD4F0CC44378D7ACD734A0EEE60428E3AF4B32C9987E328202866BADC1A88 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\dutch_asp_NL.ini, Quarantined, 865, 235325, , , , , AE9D7A8FEB40CEA24C9F8AC1705995BF, 697B7BD93184E970C95030DE462C848DED1204DB94797B14377324D0999B0B6F PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\eng_asp_en.ini, Quarantined, 865, 235325, , , , , B2CBE6E3164E32ABE1272014E8F34969, 4BEE5F6FC0AE67118CCA1C066553FA707F84AE8A9B7C698F00C39978E6394B39 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Finnish_asp_FI.ini, Quarantined, 865, 235325, , , , , 62D1BE766EFD03899EFC3A355DC6C3EE, 0CF059E0256575D9A603F15A8350521D354C6D443937A757F84B0B657AD70864 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\french_asp_FR.ini, Quarantined, 865, 235325, , , , , CA67769FA2F5662650F3C526569C2909, 2179257C7849175ECAB2E1FF68902975A21EA2A8E134788BCCCF97EA4E3F8C04 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\german_asp_DE.ini, Quarantined, 865, 235325, , , , , 800EB123017C0CB84C1694213A82E376, 6F00FF2FB1B9818500A9833E9AACC5A16A81DDDB3BF336C147009E1972B96024 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Interop.IWshRuntimeLibrary.dll, Quarantined, 865, 235325, , , , , 11B908E39457E4F19FF4EEB89DB51BE2, 9A117FD7CF104DD5C9B1EC0A8DD2BF11BA22DA24D5641CDEA3247A37A8FD50A7 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\italian_asp_IT.ini, Quarantined, 865, 235325, , , , , D004BB33606E09706D25CA0FE2701200, 4A24D0DD69042A7EEC4F58CB6D8B27F47F0F7B0B94517E37E553507728A21BC0 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\japanese_asp_JA.ini, Quarantined, 865, 235325, , , , , 65AA587AF45D39CA8C378119F003789C, 92C9132309B756E5DBD482FAB9FE90FC5B317449F844FAF1D37734577C07D2FE PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\libyara.NET.dll, Quarantined, 865, 235325, , , , , 1EA4074FFD052CD036B448EB0CD24951, AE5B261FB477DE62960435933258F31E75942709447B0083F537D834AA05A731 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL, Quarantined, 865, 235325, , , , , 18F74320E012DB698B6D0FF12DB96C41, E3172941D24CFFEF645CFA4E0FB5D853BD021D0D78FC0DC36736D2D60E21CA35 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\norwegian_asp_NO.ini, Quarantined, 865, 235325, , , , , 47D122D60187ED6EFF26CC882DEB32B2, CB9EE77640518DC11C3DE89DEDE66C2189E0514BE4C5B297338D79C2543977C0 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\portuguese_asp_PT-BR.ini, Quarantined, 865, 235325, , , , , 59BE960D7D81EA4BA8B8E57DF24AB009, F8DFEC2E48D2D28D0C3CE70EA420FBD3D5B73B38EE570AC987ACF30A9BB99660 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Restartexp.exe, Quarantined, 865, 235325, , , , , DD403EB0F9E81FF7AD8BB787EA11EB8E, BC92F67C3CB5580D8D522A65F55FE05289091E8E87953ED92D8FE5E0567283E3 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\russian_asp_ru.ini, Quarantined, 865, 235325, , , , , B5F3B789A17BD1D9E6E6715FD97D10FC, 62BC0B0400AF3080D4A0C558F741C82E668149FEBB4AAF9B2E30E0EEA179AD4A PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\scandll.dll, Quarantined, 865, 235325, , , , , 1CDA43B5860D5FC397DAD63057184235, 1DCCD26F968E6B7E98F1EDAC2644C6E22E02EAEEF943E888073E19DD04D941E1 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\spanish_asp_ES.ini, Quarantined, 865, 235325, , , , , D5A8640DD83F9A9D39C2C205BD225B6C, 6D301A4081B44BA66632448A02E2467DF40F9EDAC23A887086F82240848A9DE5 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\SQLite.Interop.dll, Quarantined, 865, 235325, , , , , 410EF665AD9D5D5FC9F4F26294CD250C, 79C6B707652656FF61AE6256B95165ECB93B172C5CBF4DF1D0B7AECD0FBC4189 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\swedish_asp_SV.ini, Quarantined, 865, 235325, , , , , 5D2699E30E1D8CD5E89BFA2994C2BF7B, 171599D8C968FB5FFA8A7FBA754DBBAB8D1D4C62C0B622CE16BB384D6FCFF959 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll, Quarantined, 865, 235325, , , , , 4F41CA179DBFA86BD4F69AC884D4FE53, BA7821C8BE881793B63A0BBE2B7E557EA0CC26ECACC1A307F92785BC0D6A7666 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\unins000.dat, Quarantined, 865, 235325, , , , , 4BD7EC1601FDD47F30A363320A3A12B5, 2E6B82F244E7DF0B04A03CF0E8202E3D5219331C99720560993DA101BEA0AC57 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\unins000.exe, Quarantined, 865, 235325, , , , , 8F6AEAB86B9741C15A39CBBDDE3387CF, DA05C7762C04FF6A5F7EBC3EB6BAF0647F33AD9731E2416239BD8C690DA9F379 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\unins000.msg, Quarantined, 865, 235325, , , , , 5F38274FC51EC35B61E925153E26EF1C, 946195C199C2F798ED0AB3DC8AE4511BE30AD70E5FB994D677BEEE0AE249DEC8 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\unrar.dll, Quarantined, 865, 235325, , , , , FB9C090B1BCE9AD6A5E4A560DDD70AB9, 88D76D52423FC7F18CB5B3B87D3576540BBF4D8BD3A90A144AF3244FC6F09128 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll, Quarantined, 865, 235325, , , , , 2EC3E039C7E6BF0BB6B61C07B73E53B5, 18B5DAD4147D10688297DB79E886039F848AAA01DC6EF9215EE826653C947953 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.Formats.dll, Quarantined, 865, 235325, , , , , B241BCF74E2CD9728B9E17323A2646BA, FC96BEACBA9E4677C794C8B97CBABBAC6F4E54C0D08E14DC43E06F77E129F49F PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll, Quarantined, 865, 235325, , , , , 5AD9E53D3F71B34678FD9AE3C950A23E, 213FAFAE548A0CBE74CBC2ACA6706C7724FF42BA327627C59800D92606A4FD15 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll, Quarantined, 865, 235325, , , , , 7DF3B1E40FBE285D3E4BD99F904DD337, F1544A24C4F6134D38C2801411D67FED6C7EF21D7606D5406EEEC387E08C1216 PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\Advanced System Protector, Quarantined, 865, 235325, , , , , 219120A1C11FBF47D91141BC68AF05EC, 4DAE5E5B07BD2ED31B2C6098C3C7A12FFF5D12D2856A943D965BE327EB8D441D PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\SASNATIVE64.EXE, Quarantined, 865, 364690, 1.0.37897, , ame, , 37A084D01376937989821A79174FEAC4, 4C77F19E08E13A3D4C0856F7139CF029B5EF65559111CBC18917B7D493769E83 PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\DESKTOP\ASPSETUP_SYSTWEAK-DEFAULT.EXE, Quarantined, 865, 326624, 1.0.37897, , ame, , 45D8F4B77FED6E930DEAE0BE48308EFE, 4C3FD3D5DDF24240AD6CE214F2FE779B76BC6B36858B8390F69B99DD3461C91D Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this potentially unwanted program. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  4. What is K9-PCFixer? K9-PCFixer is a registry cleaner that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog. How do I know if I am affected by K9-PCFixer? This is how the main screen of the system optimizer looks: You will find these icons in your taskbar, your startmenu, and on your desktop: and see this type of windows during install: and this type of screens during operations: You may see this entry in your list of installed programs: and these tasks in your list of Scheduled Tasks: How did K9-PCFixer get on my computer? These so-called registry cleaners use different methods of getting installed. The website for this one is no longer available, but the programs is still offered in bundlers. How do I remove K9-PCFixer? Our program Malwarebytes can detect and remove this PUP. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of K9-PCFixer? No, Malwarebytes removes K9-PCFixer completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. What if I want to keep K9-PCFixer? Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you in dealing with this registry cleaner. As you can see below the full version of Malwarebytes would have warned you against the K9-PCFixer installer. Technical details for experts You may see these entries in FRST logs: (SUPER TUNEUP TECHNOLOGIES LLP -> K9Tools) C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe Task: {465B49A1-8C4D-4DE4-B050-21FCA4DC01EA} - System32\Tasks\K9-PCFixer_UPDATES => C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe [8187664 2015-03-09] (SUPER TUNEUP TECHNOLOGIES LLP -> K9Tools) Task: {4AF29C44-87EB-4F0D-84C2-888B2801BFD0} - System32\Tasks\K9-PCP => C:\Program Files (x86)\K9-PCFixer\k9schedule.exe [607608 2015-03-09] (SUPER TUNEUP TECHNOLOGIES LLP -> K9Tools) Task: {8045A3E0-0AEF-4EC9-A9B4-C606535DEBD7} - System32\Tasks\K9-PCFixer => C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe [8187664 2015-03-09] (SUPER TUNEUP TECHNOLOGIES LLP -> K9Tools) Task: {A0EBD465-E4CE-4065-BE74-9CE2D4854968} - System32\Tasks\K9-PCFixer_DEFAULT => C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe [8187664 2015-03-09] (SUPER TUNEUP TECHNOLOGIES LLP -> K9Tools) Task: C:\Windows\Tasks\K9-PCFixer_DEFAULT.job => C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe Task: C:\Windows\Tasks\K9-PCFixer_UPDATES.job => C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe C:\Users\{username}\AppData\Roaming\K9-PCFixer C:\Windows\system32\Tasks\K9-PCP C:\Windows\system32\Tasks\K9-PCFixer C:\Windows\system32\Tasks\K9-PCFixer_UPDATES C:\Windows\system32\Tasks\K9-PCFixer_DEFAULT C:\ProgramData\Desktop\K9-PCFixer.lnk C:\Windows\Tasks\K9-PCFixer_UPDATES.job C:\Windows\Tasks\K9-PCFixer_DEFAULT.job C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K9-PCFixer C:\Program Files (x86)\K9-PCFixer () C:\Windows\system32\roboot64.exe (K9 Tools ) C:\Users\{username}\Downloads\k9-pcfixer.exe ( ) C:\Users\{username}\Desktop\k9-pcfixer_QwuQ-B1.exe C:\Users\{username}\AppData\Roaming\SimpleStar K9 PCFixer (HKLM-x32\...\K9 PCFixer_is1) (Version: 1.8 - K9 Tools) Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\K9-PCFixer Adds the file CleanSchedule.exe"="3/9/2015 6:37 PM, 116496 bytes, A Adds the file FileList.rcp"="12/26/2014 6:56 PM, 13434 bytes, A Adds the file install_left_image.bmp"="12/23/2014 1:54 PM, 156296 bytes, A Adds the file isxdl.dll"="3/9/2015 6:37 PM, 156944 bytes, A Adds the file K9-PCFixer.exe"="3/9/2015 6:37 PM, 8187664 bytes, A Adds the file K9-PCFUninstall.exe"="3/9/2015 6:37 PM, 553232 bytes, A Adds the file k9schedule.exe"="3/9/2015 6:37 PM, 607608 bytes, A Adds the file RegList.rcp"="12/26/2014 6:56 PM, 91722 bytes, A Adds the file TPS.ico"="12/12/2014 1:32 PM, 34494 bytes, A Adds the file TraditionalCn_rcp_zh-tw.ini"="12/23/2014 12:05 PM, 49198 bytes, A Adds the file traditionalcn_uninst_zh-tw.ini"="12/12/2014 1:32 PM, 2692 bytes, A Adds the file unins000.dat"="2/24/2021 9:05 AM, 49545 bytes, A Adds the file unins000.exe"="2/24/2021 9:04 AM, 1209616 bytes, A Adds the file unins000.msg"="2/24/2021 9:05 AM, 22701 bytes, A Adds the file xmllite.dll"="12/12/2014 1:31 PM, 126976 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K9-PCFixer Adds the file K9-PCFixer.lnk"="2/24/2021 9:05 AM, 1049 bytes, A Adds the file Register K9-PCFixer.lnk"="2/24/2021 9:05 AM, 1075 bytes, A Adds the file Uninstall K9-PCFixer.lnk"="2/24/2021 9:05 AM, 1055 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\K9-PCFixer Adds the file backup6.bin"="2/24/2021 9:05 AM, 733 bytes, A Adds the file eng_rcp.dat"="2/24/2021 9:05 AM, 32700 bytes, A Adds the file log_02-24-2021.log"="2/24/2021 9:05 AM, 0 bytes, A Adds the file results.rcp"="2/24/2021 9:06 AM, 27266 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\SimpleStar\Simple Malware Protector In the existing folder C:\Users\{username}\Desktop Adds the file k9-pcfixer_QwuQ-B1.exe"="2/24/2021 9:03 AM, 2550808 bytes, A In the existing folder C:\Users\{username}\Downloads Adds the file k9-pcfixer.exe"="2/24/2021 9:04 AM, 3551552 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file K9-PCFixer.lnk"="2/24/2021 9:05 AM, 1031 bytes, A In the existing folder C:\Windows\System32 Adds the file roboot64.exe"="3/9/2015 6:37 PM, 19728 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file K9-PCFixer"="2/24/2021 9:05 AM, 3096 bytes, A Adds the file K9-PCFixer_DEFAULT"="2/24/2021 9:05 AM, 2888 bytes, A Adds the file K9-PCFixer_UPDATES"="2/24/2021 9:05 AM, 3044 bytes, A Adds the file K9-PCP"="2/24/2021 9:05 AM, 3338 bytes, A In the existing folder C:\Windows\Tasks Adds the file K9-PCFixer_DEFAULT.job"="2/24/2021 9:05 AM, 278 bytes, A Adds the file K9-PCFixer_UPDATES.job"="2/24/2021 9:05 AM, 286 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures] "K9-PCFixer_DEFAULT.job"="REG_BINARY, ................................ "K9-PCFixer_DEFAULT.job.fp"="REG_DWORD", 808380961 "K9-PCFixer_UPDATES.job"="REG_BINARY, ................................ "K9-PCFixer_UPDATES.job.fp"="REG_DWORD", 178312179 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\K9\PC\Fixer\Key\6] "(Default)"="REG_BINARY, ........................................................................................................... [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\K9-PCFixer] "AppVersion"="REG_SZ", "1.8.243.209" "aspurl"="REG_SZ", "http://d2uu7l47sbf1ja.cloudfront.net/k9pcp/k9pcp_default.exe" "Expired"="REG_DWORD", 0 "FirstTimeASPFired"="REG_DWORD", 1 "InstallASP"="REG_DWORD", 1 "LaunchASP"="REG_DWORD", 1 "MaxFixLimit"="REG_DWORD", 15 "RCPURL"="REG_SZ", "http://www.k9pcfixer.com/pcfixer/price.asp?utm_source=site&utm_campaign=default&utm_medium=newbuild" "RENEWALURL"="REG_SZ", "http://www.k9pcfixer.com/pcfixer/renewal.asp?utm_source=site&utm_campaign=default&utm_medium=newbuild" "TELNO"="REG_SZ", "(855) 716-7017" "utm_campaign"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "site" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\K9-PCFixer\LANG] "LangID"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\K9Tools\Params] "affiliateid"="REG_SZ", "" "delayASP"="REG_DWORD", 1 "utm_campaign"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "site" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\K9 PCFixer_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe" "DisplayName"="REG_SZ", "K9 PCFixer" "DisplayVersion"="REG_SZ", "1.8" "EstimatedSize"="REG_DWORD", 12759 "HelpLink"="REG_SZ", "http://www.k9pcfixer.com/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\K9-PCFixer" "Inno Setup: Icon Group"="REG_SZ", "K9-PCFixer" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.5 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20210224" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\K9-PCFixer\" "MajorVersion"="REG_DWORD", 1 "MinorVersion"="REG_DWORD", 8 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "K9 Tools" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\K9-PCFixer\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\K9-PCFixer\unins000.exe" /silent" "URLInfoAbout"="REG_SZ", "http://www.k9pcfixer.com/" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application] "AutoBackupLogFiles"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Simple Malware Protector] "EventMessageFile"="REG_EXPAND_SZ, "C:\Windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll" [HKEY_CURRENT_USER\Software\K9\PC\Fixer\Key\6] "(Default)"="REG_BINARY, .................................................................................................................... [HKEY_CURRENT_USER\Software\K9-PCFixer] "AutoRepair"="REG_DWORD", 0 "ConfirmBkUps"="REG_DWORD", 1 "CurrentScanTime"="REG_BINARY, ........ "ErrorCount"="REG_DWORD", 68 "FirstRun"="REG_DWORD", 1 "GoToSystemTrayOnClose"="REG_DWORD", 0 "ImprovementProgram"="REG_DWORD", 1 "NumTimesRCPRunned"="REG_DWORD", 1 "RegErrFoundTillDate"="REG_DWORD", 0 "RegErrsFixedLast"="REG_DWORD", 0 "RegErrsFixedTillDate"="REG_DWORD", 0 "ScheduledTime"="REG_SZ", "" "SetChkDontShowRedTrayPopup"="REG_DWORD", 0 "SetChkREmovableMedia"="REG_DWORD", 1 "SetChkSkipEmptyKeys"="REG_DWORD", 1 "SetEnableSound"="REG_DWORD", 1 "StartAutoScanOnLaunch"="REG_DWORD", 0 "StartAutoScanPMUI"="REG_DWORD", 0 "StartAutoTutorial"="REG_DWORD", 1 "StartMinimized"="REG_DWORD", 0 "StartScan"="REG_DWORD", 0 "StartWhenWinBoots"="REG_DWORD", 1 "StrLastOptimizeTime"="REG_SZ", "" "StrLastScan"="REG_SZ", "Wed. February 24, 2021. 09:06 AM" "StrLastScanResults"="REG_SZ", "68" "StrLastStartupOpt"="REG_SZ", "" "StrLatestRegDefrag"="REG_SZ", "" "StrLatestRestorePoint"="REG_SZ", "" [HKEY_CURRENT_USER\Software\K9-PCFixer\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 2/24/21 Scan Time: 9:15 AM Log File: 86dfaafe-7678-11eb-a3c7-080027235d76.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1173 Update Package Version: 1.0.37425 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username}-PC\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 233361 Threats Detected: 37 Threats Quarantined: 36 Time Elapsed: 3 min, 49 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\K9-PCFIXER\K9-PCFIXER.EXE, Quarantined, 541, 886280, , , , , E1E81F084D7FB244F664C83A652BA0D0, 3400723D3A550400313E0B8F7F57364A02B6C8AA59E3C07DD339EF53DD2B4F0E Module: 1 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\K9-PCFIXER\K9-PCFIXER.EXE, Quarantined, 541, 886280, , , , , E1E81F084D7FB244F664C83A652BA0D0, 3400723D3A550400313E0B8F7F57364A02B6C8AA59E3C07DD339EF53DD2B4F0E Registry Key: 16 PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\K9-PCFixer, Quarantined, 541, 886287, 1.0.37425, , ame, , , PUP.Optional.AdvancedSystemProtector, HKCU\SOFTWARE\K9-PCFixer, Quarantined, 541, 886289, 1.0.37425, , ame, , , PUP.Optional.AdvancedSystemProtector, HKCU\SOFTWARE\K9\PC\Fixer, Quarantined, 541, 886290, 1.0.37425, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\K9\PC\Fixer, Quarantined, 541, 886286, 1.0.37425, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\K9-PCFixer_DEFAULT, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A0EBD465-E4CE-4065-BE74-9CE2D4854968}, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{A0EBD465-E4CE-4065-BE74-9CE2D4854968}, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\K9-PCP, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4AF29C44-87EB-4F0D-84C2-888B2801BFD0}, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{4AF29C44-87EB-4F0D-84C2-888B2801BFD0}, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\K9-PCFixer, Quarantined, 541, 886280, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8045A3E0-0AEF-4EC9-A9B4-C606535DEBD7}, Quarantined, 541, 886280, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{8045A3E0-0AEF-4EC9-A9B4-C606535DEBD7}, Quarantined, 541, 886280, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\K9-PCFixer_UPDATES, Quarantined, 541, 886280, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{465B49A1-8C4D-4DE4-B050-21FCA4DC01EA}, Quarantined, 541, 886280, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{465B49A1-8C4D-4DE4-B050-21FCA4DC01EA}, Quarantined, 541, 886280, , , , , , Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 1 PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\APPDATA\ROAMING\K9-PCFIXER, Removal Failed, 541, 886283, 1.0.37425, , ame, , , File: 18 PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, Quarantined, 2881, 395666, 1.0.37425, , ame, , CB134A73A439669F0C7D5C074D70B412, 0B674CB506BC93C63965BA3E70918B2D21DFED6CD75AA8672F26D9D98431C973 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Roaming\K9-PCFixer\backup6.bin, Quarantined, 541, 886283, , , , , 6CBDFA4EF463B5D015AFC5CDC17B5C38, E34EF16ED63052F64ACF0765DF51F2414C829B37C697ACE295C19E139BF246C4 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Roaming\K9-PCFixer\eng_rcp.dat, Quarantined, 541, 886283, , , , , D5CC56D57C0D3B931C33F4B1CE748D43, 634402B60C3A6C8D250A700846391C3C8A15B0FFF687ED27692085F78301A088 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Roaming\K9-PCFixer\log_02-24-2021.log, Quarantined, 541, 886283, , , , , EB7D371AA461E39851FF476E2DBACB84, 6100D32BFD6B2DBC408EE15BCBBBFE8DE5D946B4130974A0E1CA85CDA8CF3F4F PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Roaming\K9-PCFixer\results.rcp, Quarantined, 541, 886283, , , , , 3F80BC3D5D4D73FFF4D4A025446B5A8A, 9B7D2612DB6F0FE3DB72ABA026AB33C512722125CFAE6C575018DF881C7511BF PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\TASKS\K9-PCFixer_DEFAULT.job, Quarantined, 541, 886284, , , , , 8CE629CA2E1F60D9BC64F50693AD8C7F, 7E5E3D5B7289AEB3B0B1544B88272653D16208505A09A12032ADC1D596BB49AA PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\K9-PCFixer_DEFAULT, Quarantined, 541, 886284, 1.0.37425, , ame, , 05E78681F070782746B32B85018B301A, F62F004140856C1C8F185232C4D1DE9A66FFEE4E28DD3D5DD7FE06D3DBD64D20 PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\K9-PCP, Quarantined, 541, 886284, 1.0.37425, , ame, , EE75E9A7708CC879AF6897AACFD50B99, 1894015D5DC75BE3E9434FA5F97180A0C85B24C95B0561C434CF9732D68BF7DB PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\K9-PCFixer, Quarantined, 541, 886280, , , , , 374B1411CF739F7A02DDA3E2DB38F609, 664EC84AF5F4399DAC33A8853611FD77A1AFB18F39F941D66EC43A2A1627AAFD PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\TASKS\K9-PCFixer_UPDATES.job, Quarantined, 541, 886280, , , , , BF745A82D3C1551D652CC9E410B3473A, 5345581391CDCBD5A90D7CC23075F2967E28EB50D5CAEAEE727B42778CA299FB PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\K9-PCFixer_UPDATES, Quarantined, 541, 886280, , , , , EA1E1716576D39DAE9CE9AD50C1E4E41, 36DAF44CDD61DC78BE1590CBACF0341E5CB3C35784C506BAAA7F3C99C7E8E86F PUP.Optional.AdvancedSystemProtector, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\K9-PCFixer.lnk, Quarantined, 541, 886280, , , , , 74D71FAFD47B4CCB9BB095125584C356, BA46E58061F1C420AA57942E4E09A2CECAA19405672235E296218F5D608F1BFC PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\K9-PCFIXER\K9-PCFIXER.EXE, Quarantined, 541, 886280, 1.0.37425, F0CCB8FDE1613214406FA151, dds, 01128759, E1E81F084D7FB244F664C83A652BA0D0, 3400723D3A550400313E0B8F7F57364A02B6C8AA59E3C07DD339EF53DD2B4F0E PUP.Optional.SysTweak, C:\PROGRAM FILES (X86)\K9-PCFIXER\CLEANSCHEDULE.EXE, Quarantined, 2881, 310352, 1.0.37425, , ame, , ADD9853C7FADC61255F4CEB403A210E4, D9ADFC3AC5CD8FDEF98B3F48218D51D104FF6A947557641C1069AD8A24489EAC PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\DESKTOP\MALWAREPROTECTOR.EXE, Quarantined, 541, 911866, 1.0.37425, , ame, , 20B90A718CF55D95616A79342DBA5D06, C88800519501E455CF6A45CD88776E54CE094A90B03312CF5ACBC796932E3A42 Generic.Malware/Suspicious, C:\USERS\{username}\DOWNLOADS\K9-PCFIXER.EXE, Quarantined, 0, 392686, 1.0.37425, , shuriken, , 2672EA75CA6E136CAC7AE0156C6343F5, 899714C40EC2EFD1205726231B6A29F062B61D4A01BACD10EC80A9480A3143D7 PUP.Optional.InstallCore.Generic, C:\USERS\{username}\DESKTOP\K9-PCFIXER_QWUQ-B1.EXE, Quarantined, 9665, 511908, 1.0.37425, , ame, , 8013CA3E372D0A31C2944B502828EC3C, 063840AB837FC5B03A8477ECB4403A8416447F2D34EE9B01841EEA3BE6A9B606 PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\DOWNLOADS\MALWAREPROTECTOR.EXE, Quarantined, 541, 911866, 1.0.37425, , ame, , 20B90A718CF55D95616A79342DBA5D06, C88800519501E455CF6A45CD88776E54CE094A90B03312CF5ACBC796932E3A42 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this potentially unwanted program. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  5. What is Tuneup Pro? The Malwarebytes research team has determined that Tuneup Pro is a "system optimizer". These so-called "system optimizers" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems. More information can be found on our Malwarebytes Labs blog. How do I know if I am infected with Tuneup Pro? This is how the main screen of the sytem optimizer looks: You will find these icons in your taskbar, your startmenu, and on your desktop: and see these warnings during install: and these screens during "operations": You may see this entry in your list of installed programs: and these tasks in your list of Scheduled Tasks: How did Tuneup Pro get on my computer? These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website: How do I remove Tuneup Pro? Our program Malwarebytes can detect and remove this potentially unwanted application. Please download Malwarebytes to your desktop. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program. Then click Finish. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure. When the scan is complete, make sure that all Threats are selected, and click Remove Selected. Restart your computer when prompted to do so. Is there anything else I need to do to get rid of Tuneup Pro? No, Malwarebytes removes Tuneup Pro completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you eradicate this system optimizer. As you can see below the full version of Malwarebytes would have protected you against the Tuneup Pro installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. and we block access to their domain. Technical details for experts You may see these entries in FRST logs: (Tuneup Pro) C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe C:\Windows\System32\Tasks\Tuneup Pro C:\Windows\System32\Tasks\Tuneup Pro_UPDATES C:\Windows\System32\Tasks\Tuneup Pro_DEFAULT C:\Windows\Tasks\Tuneup Pro_UPDATES.job C:\Windows\Tasks\Tuneup Pro_DEFAULT.job C:\Users\{username}\AppData\Roaming\Tuneup Pro C:\Users\Public\Desktop\Tuneup Pro.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuneup Pro C:\Program Files (x86)\Tuneup Pro () C:\Windows\system32\roboot64.exe Tuneup Pro (HKLM-x32\...\Tuneup Pro_is1) (Version: 1.08 - tuneuppro.com) Task: {20E84FB8-3016-43EC-B53A-0FB1CE6DB57A} - System32\Tasks\Tuneup Pro_UPDATES => C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe [2015-11-20] (Tuneup Pro) Task: {4967A038-BB35-4F2B-8837-385BB62B2C53} - System32\Tasks\Tuneup Pro => C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe [2015-11-20] (Tuneup Pro) Task: {ACDFF398-EFBF-4838-9D65-DE5339FC203F} - System32\Tasks\Tuneup Pro_DEFAULT => C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe [2015-11-20] (Tuneup Pro) Task: C:\Windows\Tasks\Tuneup Pro_DEFAULT.job => C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe Task: C:\Windows\Tasks\Tuneup Pro_UPDATES.job => C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Tuneup Pro Adds the file Chinese_rcp.ini"="7/3/2015 1:59 PM, 48430 bytes, A Adds the file Chinese_uninst.ini"="7/3/2015 1:59 PM, 2688 bytes, A Adds the file CleanSchedule.exe"="11/20/2015 2:47 PM, 116208 bytes, A Adds the file Danish_rcp.ini"="7/3/2015 1:59 PM, 91724 bytes, A Adds the file Danish_uninst.ini"="7/3/2015 1:59 PM, 2982 bytes, A Adds the file Dutch_rcp.ini"="7/3/2015 1:59 PM, 95974 bytes, A Adds the file Dutch_uninst.ini"="7/3/2015 1:59 PM, 2982 bytes, A Adds the file eng_rcp.ini"="7/3/2015 1:59 PM, 85142 bytes, A Adds the file eng_uninst.ini"="7/3/2015 1:59 PM, 2896 bytes, A Adds the file FileList.rcp"="7/3/2015 1:59 PM, 13612 bytes, A Adds the file Finnish_rcp_fi.ini"="7/3/2015 1:59 PM, 89180 bytes, A Adds the file Finnish_uninst_fi.ini"="7/3/2015 1:59 PM, 3062 bytes, A Adds the file French_rcp.ini"="7/3/2015 1:59 PM, 102004 bytes, A Adds the file French_uninst.ini"="7/3/2015 1:59 PM, 3022 bytes, A Adds the file German_rcp.ini"="7/3/2015 1:59 PM, 101456 bytes, A Adds the file German_uninst.ini"="7/3/2015 1:59 PM, 3158 bytes, A Adds the file greek_rcp_el.ini"="7/3/2015 1:59 PM, 100648 bytes, A Adds the file greek_uninst_el.ini"="7/3/2015 1:59 PM, 3264 bytes, A Adds the file install_left_image.bmp"="7/3/2015 1:59 PM, 156296 bytes, A Adds the file isxdl.dll"="11/20/2015 2:47 PM, 156656 bytes, A Adds the file Italian_rcp.ini"="7/3/2015 1:59 PM, 98330 bytes, A Adds the file Italian_uninst.ini"="7/3/2015 1:59 PM, 2986 bytes, A Adds the file Japanese_rcp.ini"="7/3/2015 1:59 PM, 61262 bytes, A Adds the file Japanese_uninst.ini"="7/3/2015 1:59 PM, 2768 bytes, A Adds the file korean_rcp_ko.ini"="7/3/2015 1:59 PM, 69810 bytes, A Adds the file korean_uninst_ko.ini"="7/3/2015 1:59 PM, 2752 bytes, A Adds the file Norwegian_rcp.ini"="7/3/2015 1:59 PM, 88116 bytes, A Adds the file Norwegian_uninst.ini"="7/3/2015 1:59 PM, 2926 bytes, A Adds the file polish_rcp_pl.ini"="7/3/2015 1:59 PM, 91672 bytes, A Adds the file polish_uninst_pl.ini"="7/3/2015 1:59 PM, 3104 bytes, A Adds the file portugese_rcp_pt.ini"="7/3/2015 1:59 PM, 94970 bytes, A Adds the file portugese_uninst_pt.ini"="7/3/2015 1:59 PM, 2988 bytes, A Adds the file Portuguese_rcp.ini"="7/3/2015 1:59 PM, 92590 bytes, A Adds the file Portuguese_uninst.ini"="7/3/2015 1:59 PM, 2988 bytes, A Adds the file RegList.rcp"="7/3/2015 1:59 PM, 92920 bytes, A Adds the file russian_rcp_ru.ini"="7/3/2015 1:59 PM, 94932 bytes, A Adds the file russian_uninst_ru.ini"="7/3/2015 1:59 PM, 3252 bytes, A Adds the file Spanish_rcp.ini"="7/3/2015 1:59 PM, 96560 bytes, A Adds the file spanish_uninst.ini"="7/3/2015 1:59 PM, 3132 bytes, A Adds the file Swedish_rcp.ini"="7/3/2015 1:59 PM, 86868 bytes, A Adds the file swedish_uninst.ini"="7/3/2015 1:59 PM, 2996 bytes, A Adds the file TPS.ico"="7/3/2015 1:59 PM, 34494 bytes, A Adds the file TraditionalCn_rcp_zh-tw.ini"="7/3/2015 1:59 PM, 48496 bytes, A Adds the file traditionalcn_uninst_zh-tw.ini"="7/3/2015 1:59 PM, 2692 bytes, A Adds the file TuneupPro.exe"="11/20/2015 2:47 PM, 7634416 bytes, A Adds the file TuppUns.exe"="7/3/2015 1:59 PM, 542744 bytes, A Adds the file turkish_rcp_tr.ini"="7/3/2015 1:59 PM, 92442 bytes, A Adds the file Turkish_uninst_tr.ini"="7/3/2015 1:59 PM, 3098 bytes, A Adds the file unins000.dat"="1/15/2018 9:39 AM, 35961 bytes, A Adds the file unins000.exe"="1/15/2018 9:39 AM, 1196528 bytes, A Adds the file unins000.msg"="1/15/2018 9:39 AM, 22357 bytes, A Adds the file xmllite.dll"="7/3/2015 1:59 PM, 126976 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuneup Pro Adds the file Register Tuneup Pro.lnk"="1/15/2018 9:39 AM, 1070 bytes, A Adds the file Tuneup Pro.lnk"="1/15/2018 9:39 AM, 1044 bytes, A Adds the file Uninstall Tuneup Pro.lnk"="1/15/2018 9:39 AM, 1039 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Tuneup Pro Adds the file backup6.bin"="1/15/2018 9:39 AM, 577 bytes, A Adds the file eng_rcp.dat"="1/15/2018 9:40 AM, 32700 bytes, A Adds the file log_01-15-2018.log"="1/15/2018 9:39 AM, 0 bytes, A Adds the file results.rcp"="1/15/2018 9:41 AM, 9644 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file Tuneup Pro.lnk"="1/15/2018 9:39 AM, 1026 bytes, A In the existing folder C:\Windows\System32 Adds the file roboot64.exe"="11/20/2015 2:47 PM, 19440 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file Tuneup Pro"="1/15/2018 9:40 AM, 3100 bytes, A Adds the file Tuneup Pro_DEFAULT"="1/15/2018 9:40 AM, 2886 bytes, A Adds the file Tuneup Pro_UPDATES"="1/15/2018 9:40 AM, 3042 bytes, A In the existing folder C:\Windows\Tasks Adds the file Tuneup Pro_DEFAULT.job"="1/15/2018 9:40 AM, 276 bytes, A Adds the file Tuneup Pro_UPDATES.job"="1/15/2018 9:40 AM, 284 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures] "Tuneup Pro_DEFAULT.job"="REG_BINARY, ................................ "Tuneup Pro_DEFAULT.job.fp"="REG_DWORD", -2080394519 "Tuneup Pro_UPDATES.job"="REG_BINARY, ................................ "Tuneup Pro_UPDATES.job.fp"="REG_DWORD", -515017080 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tuneup Pro_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe" "DisplayName"="REG_SZ", "Tuneup Pro" "DisplayVersion"="REG_SZ", "1.08" "EstimatedSize"="REG_DWORD", 11583 "HelpLink"="REG_SZ", "http://www.tuneuppro.com/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Tuneup Pro" "Inno Setup: Icon Group"="REG_SZ", "Tuneup Pro" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.1 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20180115" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Tuneup Pro\" "MajorVersion"="REG_DWORD", 1 "MinorVersion"="REG_DWORD", 8 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "tuneuppro.com" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Tuneup Pro\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Tuneup Pro\unins000.exe" /silent" "URLInfoAbout"="REG_SZ", "http://www.tuneuppro.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Tune\up\pro\key\6] "(Default)"="REG_BINARY, ................................................................. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Tuneup Pro] "Expired"="REG_DWORD", 0 "FirstTimeASPFired"="REG_DWORD", 1 "MaxFixLimit"="REG_DWORD", 15 "RCPURL"="REG_SZ", "http://www.tuneuppro.com/tupp/price.asp?utm_source=site&utm_campaign=default&utm_medium=newbuild" "RENEWALURL"="REG_SZ", "http://www.tuneuppro.com/tupp/renewal.asp?utm_source=site&utm_campaign=default&utm_medium=newbuild" "ShowExitPage"="REG_DWORD", 1 "TELNO"="REG_SZ", "(855) 973-2093" "utm_campaign"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "site" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Tuneup Pro\LANG] "LangID"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Tune\up\pro\key\6] "(Default)"="REG_BINARY, ................................................................... [HKEY_CURRENT_USER\Software\Tuneup Pro] "AutoRepair"="REG_DWORD", 0 "ConfirmBkUps"="REG_DWORD", 1 "CurrentScanTime"="REG_BINARY, .....)&. "ErrorCount"="REG_DWORD", 24 "FirstRun"="REG_DWORD", 1 "GoToSystemTrayOnClose"="REG_DWORD", 0 "ImprovementProgram"="REG_DWORD", 1 "NumTimesRCPRunned"="REG_DWORD", 1 "RegErrFoundTillDate"="REG_DWORD", 0 "RegErrsFixedLast"="REG_DWORD", 0 "RegErrsFixedTillDate"="REG_DWORD", 0 "ScheduledTime"="REG_SZ", "" "SetChkDontShowRedTrayPopup"="REG_DWORD", 0 "SetChkREmovableMedia"="REG_DWORD", 1 "SetChkSkipEmptyKeys"="REG_DWORD", 1 "SetEnableSound"="REG_DWORD", 1 "StartAutoScanOnLaunch"="REG_DWORD", 0 "StartAutoScanPMUI"="REG_DWORD", 0 "StartAutoTutorial"="REG_DWORD", 1 "StartMinimized"="REG_DWORD", 0 "StartScan"="REG_DWORD", 0 "StartWhenWinBoots"="REG_DWORD", 1 "StrLastOptimizeTime"="REG_SZ", "" "StrLastScan"="REG_SZ", "Mon. January 15, 2018. 09:41 AM" "StrLastScanResults"="REG_SZ", "24" "StrLastStartupOpt"="REG_SZ", "" "StrLatestRegDefrag"="REG_SZ", "" "StrLatestRestorePoint"="REG_SZ", "" "TrialType"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Tuneup Pro\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 1/15/18 Scan Time: 9:48 AM Log File: ea77a260-f9d0-11e7-bc15-080027750297.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3698 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 240993 Threats Detected: 86 Threats Quarantined: 85 Time Elapsed: 6 min, 24 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe, Quarantined, [701], [478972],1.0.3698 Module: 3 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\isxdl.dll, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\xmllite.dll, Quarantined, [701], [478972],1.0.3698 Registry Key: 14 PUP.Optional.TuneupPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Tuneup Pro, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4967A038-BB35-4F2B-8837-385BB62B2C53}, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{4967A038-BB35-4F2B-8837-385BB62B2C53}, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Tuneup Pro_DEFAULT, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ACDFF398-EFBF-4838-9D65-DE5339FC203F}, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{ACDFF398-EFBF-4838-9D65-DE5339FC203F}, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Tuneup Pro_UPDATES, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{20E84FB8-3016-43EC-B53A-0FB1CE6DB57A}, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{20E84FB8-3016-43EC-B53A-0FB1CE6DB57A}, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Tuneup Pro_is1, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\WOW6432NODE\Tuneup Pro, Quarantined, [701], [478983],1.0.3698 PUP.Optional.TuneupPro, HKCU\SOFTWARE\Tuneup Pro, Quarantined, [701], [478985],1.0.3698 PUP.Optional.TuneupPro, HKCU\SOFTWARE\TUNE\up, Quarantined, [701], [478984],1.0.3698 PUP.Optional.TuneupPro, HKLM\SOFTWARE\WOW6432NODE\TUNE\up, Quarantined, [701], [478982],1.0.3698 Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 3 PUP.Optional.TuneupPro, C:\PROGRAM FILES (X86)\TUNEUP PRO, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\TUNEUP PRO, Quarantined, [701], [478973],1.0.3698 PUP.Optional.TuneupPro, C:\USERS\{username}\APPDATA\ROAMING\TUNEUP PRO, Removal Failed, [701], [478975],1.0.3698 File: 65 PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, Quarantined, [210], [395666],1.0.3698 PUP.Optional.TuneupPro, C:\USERS\PUBLIC\DESKTOP\TUNEUP PRO.LNK, Quarantined, [701], [478974],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\FileList.rcp, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\isxdl.dll, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\RegList.rcp, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Chinese_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Chinese_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\CleanSchedule.exe, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Danish_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Danish_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Dutch_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Dutch_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\eng_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\eng_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Italian_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Italian_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Japanese_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Japanese_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\korean_rcp_ko.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\korean_uninst_ko.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Norwegian_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Norwegian_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\polish_rcp_pl.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\polish_uninst_pl.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\portugese_rcp_pt.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\portugese_uninst_pt.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Portuguese_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Portuguese_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Finnish_rcp_fi.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Finnish_uninst_fi.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\French_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\French_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\German_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\German_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\greek_rcp_el.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\greek_uninst_el.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\install_left_image.bmp, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\russian_rcp_ru.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\russian_uninst_ru.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Spanish_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\spanish_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Swedish_rcp.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\swedish_uninst.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\TPS.ico, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\TraditionalCn_rcp_zh-tw.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\traditionalcn_uninst_zh-tw.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\TuppUns.exe, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\turkish_rcp_tr.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\Turkish_uninst_tr.ini, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\unins000.dat, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\unins000.exe, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\unins000.msg, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\Program Files (x86)\Tuneup Pro\xmllite.dll, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\WINDOWS\SYSTEM32\TASKS\Tuneup Pro, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\WINDOWS\SYSTEM32\TASKS\Tuneup Pro_DEFAULT, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\WINDOWS\SYSTEM32\TASKS\Tuneup Pro_UPDATES, Quarantined, [701], [478972],1.0.3698 PUP.Optional.TuneupPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuneup Pro\Register Tuneup Pro.lnk, Quarantined, [701], [478973],1.0.3698 PUP.Optional.TuneupPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuneup Pro\Tuneup Pro.lnk, Quarantined, [701], [478973],1.0.3698 PUP.Optional.TuneupPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuneup Pro\Uninstall Tuneup Pro.lnk, Quarantined, [701], [478973],1.0.3698 PUP.Optional.TuneupPro, C:\Users\{username}\AppData\Roaming\Tuneup Pro\backup6.bin, Quarantined, [701], [478975],1.0.3698 PUP.Optional.TuneupPro, C:\Users\{username}\AppData\Roaming\Tuneup Pro\eng_rcp.dat, Quarantined, [701], [478975],1.0.3698 PUP.Optional.TuneupPro, C:\Users\{username}\AppData\Roaming\Tuneup Pro\log_01-15-2018.log, Quarantined, [701], [478975],1.0.3698 PUP.Optional.TuneupPro, C:\Users\{username}\AppData\Roaming\Tuneup Pro\results.rcp, Quarantined, [701], [478975],1.0.3698 PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\DESKTOP\TUPPSETUP_SITE_DEFAULT.EXE, Quarantined, [234], [326827],1.0.3698 Physical Sector: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.