Search the Community

What is Photos Exif Editor? Photos Exif Editor is a file utility that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog. How do I know if I am affected by Photos Exif Editor? This is how the main screen of the exif editor looks: You will find these icons in your taskbar, your startmenu, and on your desktop: and see this type of windows during install: and this type of screens during operations: You may see this entry in your list of installed programs: How did Photos Exif Editor get on my computer? These potentially unwanted programs use different methods of getting installed. This particular one was downloaded from their website. How do I remove Photos Exif Editor? Our program Malwarebytes can detect and remove this PUP. It is better to use the built-in uninstaller first for a more complete removal. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of Photos Exif Editor? No, Malwarebytes removes Photos Exif Editor completely. What if I want to keep Photos Exif Editor? Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you in dealing with this exif editor. As you can see below the full version of Malwarebytes would have warned you against the Photos Exif Editor installer. Technical details for experts You may see these entries in FRST logs: (SYSTWEAK SOFTWARE PVT. LTD. -> Systweak) C:\Program Files (x86)\Photos Exif Editor\PhotosExifEditor.exe C:\Users\Public\Desktop\Photos Exif Editor.lnk C:\ProgramData\Desktop\Photos Exif Editor.lnk C:\Users\{username}\AppData\Roaming\Systweak C:\Users\{username}\AppData\Roaming\SPEXD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photos Exif Editor C:\Program Files (x86)\Photos Exif Editor (Systweak ) C:\Users\{username}\Desktop\WinExifEditorInstaller.exe Photos Exif Editor (HKLM-x32\...\Photos Exif Editor_is1) (Version: 1.0.0.9331 - Systweak) <==== ATTENTION Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Photos Exif Editor Adds the file countries.json"="5/7/2019 5:56 PM, 13034 bytes, A Adds the file eng_pee_en.ini"="12/5/2019 5:19 PM, 74406 bytes, A Adds the file Exiv2Net.dll"="12/23/2019 4:03 PM, 2143456 bytes, A Adds the file Newtonsoft.Json.dll"="5/7/2019 5:56 PM, 319488 bytes, A Adds the file PhotosExifEditor.exe"="12/23/2019 4:03 PM, 4642016 bytes, A Adds the file PhotosExifEditor.exe.config"="12/3/2019 10:11 AM, 3266 bytes, A Adds the file SQLite.Interop.dll"="5/7/2019 5:56 PM, 1480192 bytes, A Adds the file System.Data.SQLite.dll"="5/7/2019 5:56 PM, 331776 bytes, A Adds the file System.Threading.dll"="5/7/2019 5:56 PM, 387408 bytes, A Adds the file unins000.dat"="5/31/2021 8:27 AM, 94573 bytes, A Adds the file unins000.exe"="5/31/2021 8:26 AM, 2860768 bytes, A Adds the file unins000.msg"="5/31/2021 8:27 AM, 22829 bytes, A Adds the file WPFToolkit.dll"="3/5/2018 10:10 AM, 467288 bytes, A Adds the file Xceed.Wpf.Toolkit.dll"="3/5/2018 10:10 AM, 1106944 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photos Exif Editor Adds the file Photos Exif Editor.lnk"="5/31/2021 8:27 AM, 1135 bytes, A Adds the file Uninstall Photos Exif Editor.lnk"="5/31/2021 8:27 AM, 1095 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\SPEXD Adds the file backup6.bin"="5/31/2021 8:27 AM, 513 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\Photos Exif Editor Adds the file ExifEditor.db"="5/31/2021 8:27 AM, 32768 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\Photos Exif Editor\1.0.0.9331 Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\Photos Exif Editor\Logs Adds the file PhotosExifEditor.txt"="5/31/2021 8:27 AM, 2454 bytes, A Adds the file PhotosExifEditor_1.txt"="5/31/2021 8:27 AM, 499 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file Photos Exif Editor.lnk"="5/31/2021 8:27 AM, 1117 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\SPEXD\key\6] "(Default)"="REG_BINARY, .......................................................................................................................o............................................................................................................................H........... [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Photos Exif Editor_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Photos Exif Editor\PhotosExifEditor.exe" "DisplayName"="REG_SZ", "Photos Exif Editor" "DisplayVersion"="REG_SZ", "1.0.0.9331" "EstimatedSize"="REG_DWORD", 13505 "HelpLink"="REG_SZ", "http://www.systweak.com/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Photos Exif Editor" "Inno Setup: Icon Group"="REG_SZ", "Photos Exif Editor" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "6.0.2 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20210531" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Photos Exif Editor\" "MajorVersion"="REG_DWORD", 1 "MinorVersion"="REG_DWORD", 0 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Systweak" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Photos Exif Editor\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Photos Exif Editor\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.systweak.com/" "VersionMajor"="REG_DWORD", 1 "VersionMinor"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\Params] "affiliateid"="REG_SZ", "" "utm_campaign"="REG_SZ", "inExifEditorInstaller" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "inExifEditorInstaller" "x-at"="REG_SZ", "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\Photos Exif Editor] "affiliateid"="REG_SZ", "" "afterInstallUrl"="REG_SZ", "https://www.exifedit.com/after-install-windows?newwinexifeditor=1&utm_content=AfterInstall&utm_term=Setup&page=install&" "BuyNowURL"="REG_SZ", "http://www.systweak.com/" "CplURL"="REG_SZ", "http://www.systweak.com/" "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Photos Exif Editor" "isphone"="REG_SZ", "1" "issilent"="REG_DWORD", 1 "RenewNowURL"="REG_SZ", "http://www.systweak.com/" "setup_name"="REG_SZ", "WinExifEditorInstaller" "utm_campaign"="REG_SZ", "inExifEditorInstaller" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "inExifEditorInstaller" "x-at"="REG_SZ", "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\Photos Exif Editor\LANG] "LangCode"="REG_SZ", "" [HKEY_CURRENT_USER\Software\SPEXD\key\6] "(Default)"="REG_BINARY, .......................................................................................................................o............................................................................................................................H........... [HKEY_CURRENT_USER\Software\Systweak\Photos Exif Editor] "affiliateid"="REG_SZ", "" "DaysRemaining"="REG_SZ", "0" "Expired"="REG_DWORD", 0 "InstallDate"="REG_SZ", "1622442462" "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Photos Exif Editor" "Key"="REG_SZ", "" "LastUsed"="REG_SZ", "1622442462" "MaxFixLimit"="REG_DWORD", 0 "REGVER"="REG_DWORD", 0 "REGVER-UNINSTALL"="REG_DWORD", 0 "setup_name"="REG_SZ", "WinExifEditorInstaller" "utm_campaign"="REG_SZ", "inExifEditorInstaller" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "inExifEditorInstaller" "x-at"="REG_SZ", "" [HKEY_CURRENT_USER\Software\Systweak\Photos Exif Editor\1.0.0.9331] [HKEY_CURRENT_USER\Software\Systweak\Photos Exif Editor\LANG] "LangCode"="REG_SZ", "" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/31/21 Scan Time: 8:37 AM Log File: 9fa3a7a4-c1da-11eb-bb95-080027235d76.json -Software Information- Version: 4.4.0.117 Components Version: 1.0.1308 Update Package Version: 1.0.41161 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username}-PC\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 234553 Threats Detected: 3 Threats Quarantined: 3 Time Elapsed: 1 min, 37 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 3 PUP.Optional.SysTweak, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Photos Exif Editor.lnk, Quarantined, 878, 944070, , , , , A257ADAF25CEB03EAE2D22D5EA62EC8A, 84022F1CFE52886056884EB990BE86C08F536319192FF33C47C85307C746AA5D PUP.Optional.SysTweak, C:\PROGRAM FILES (X86)\PHOTOS EXIF EDITOR\PHOTOSEXIFEDITOR.EXE, Quarantined, 878, 944070, 1.0.41161, , ame, , E2C59EA0B8DA4D3D78552D54932558CF, E3AB8C4672AFADD43C1111B90D3B4322AF320C96C1404DFFD03F003BF3D52754 PUP.Optional.SysTweak, C:\USERS\{username}\DESKTOP\WINEXIFEDITORINSTALLER.EXE, Quarantined, 878, 944071, 1.0.41161, , ame, , 65F859583AD1E0C3CE42C253C9DB2148, D6E2EE9D1EE4F89C7BE7CBF3B7FFEE8845171F2BFD15B31320CBB1D6DFFBF7F8 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this potentially unwanted program. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.

What is Advanced System Optimizer?Advanced System Optimizer is a system optimizer that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog.How do I know if I am affected by Advanced System Optimizer?This is how the main screen of the system optimizer looks:You will find these icons in your taskbar, your startmenu, and on your desktop:and see this type of windows during install:and this type of screens during operations:You may see this entry in your list of installed programs:and these tasks in your list of Scheduled Tasks:How did Advanced System Optimizer get on my computer?These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website.How do I remove Advanced System Optimizer?Our program Malwarebytes can detect and remove this PUP. For a more complete removal it's advisable to use the built-in uninstaller first. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of Advanced System Optimizer? No, Malwarebytes removes Advanced System Optimizer completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. What if I want to keep Advanced System Optimizer?Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access.How would the full version of Malwarebytes help protect me?We hope our application and this guide have helped you in dealing with this system optimizer.As you can see below the full version of Malwarebytes would have warned you against the Advanced System Optimizer installer. Technical details for expertsYou may see these entries in FRST logs: Task: {016CD71E-27F9-49C7-BB1C-82437502F6B8} - System32\Tasks\Advanced System Optimizer => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [4153984 2021-02-13] (SYSTWEAK SOFTWARE -> Systweak Software) <==== ATTENTION Task: {734B8F01-18BD-4F2B-B73D-A3D02732E7D3} - System32\Tasks\ASO-AutoCheckUpdate7Days => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe [3257984 2021-02-13] (SYSTWEAK SOFTWARE -> Systweak Software) Task: C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe C:\Windows\system32\Tasks\ASO-AutoCheckUpdate7Days C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job C:\Program Files (x86)\Advanced System Optimizer 3 C:\Windows\system32\Tasks\Advanced System Optimizer C:\Users\Public\Desktop\Smart PC Care.lnk C:\ProgramData\Desktop\Smart PC Care.lnk C:\Users\Public\Desktop\Advanced System Optimizer.lnk C:\ProgramData\Desktop\Advanced System Optimizer.lnk C:\Users\{username}\AppData\Roaming\Systweak C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3 (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe (Systweak Software ) C:\Users\{username}\Downloads\aso3setup_systweak-default.exe Advanced System Optimizer (HKLM-x32\...\{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1) (Version: 3.9.3700.18392 - Systweak Software) <==== ATTENTION ContextMenuHandlers1-x32: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => C:\Program Files (x86)\Advanced System Optimizer 3\SecureShell.dll [2021-02-13] (SYSTWEAK SOFTWARE -> Systweak Software) ContextMenuHandlers2-x32: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => C:\Program Files (x86)\Advanced System Optimizer 3\SecureShell.dll [2021-02-13] (SYSTWEAK SOFTWARE -> Systweak Software) ContextMenuHandlers6-x32: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => C:\Program Files (x86)\Advanced System Optimizer 3\SecureShell.dll [2021-02-13] (SYSTWEAK SOFTWARE -> Systweak Software) Significant alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Advanced System Optimizer 3 Adds the file Advanced System Optimizer Help.url"="10/23/2020 4:47 PM, 432 bytes, A Adds the file ASEng.dll"="2/13/2021 4:20 PM, 363584 bytes, A Adds the file AsInvoker.exe"="2/13/2021 4:19 PM, 89728 bytes, A Adds the file ASO3.exe"="2/13/2021 4:19 PM, 4153984 bytes, A Adds the file ASO3DefragSrv.exe"="2/13/2021 4:19 PM, 265856 bytes, A Adds the file ASO3DefragSrv64.exe"="2/13/2021 4:19 PM, 289408 bytes, A Adds the file aso3sys.dll"="2/13/2021 4:19 PM, 1503872 bytes, A Adds the file ASOHelper.dll"="2/13/2021 4:19 PM, 1255552 bytes, A Adds the file asohtm.dll"="2/13/2021 4:19 PM, 333440 bytes, A Adds the file asores.dll"="2/13/2021 4:19 PM, 8833664 bytes, A Adds the file atl90.dll"="10/23/2020 4:46 PM, 161784 bytes, A Adds the file BackupManager.exe"="2/13/2021 4:20 PM, 3077248 bytes, A Adds the file Buy Advanced System Optimizer.url"="10/23/2020 4:47 PM, 331 bytes, A Adds the file CheckUpdate.exe"="2/13/2021 4:20 PM, 3257984 bytes, A Adds the file database.dat"="10/23/2020 4:44 PM, 32748 bytes, A Adds the file DefragServiceManager.exe"="2/13/2021 4:19 PM, 96384 bytes, A Adds the file demo.log"="5/4/2021 10:07 AM, 42 bytes, A Adds the file DiskDoctor.exe"="2/13/2021 4:20 PM, 398976 bytes, A Adds the file DiskExplorer.exe"="2/13/2021 4:20 PM, 930944 bytes, A Adds the file DiskOptimizer.exe"="2/13/2021 4:19 PM, 334464 bytes, A Adds the file Downloader.dll"="2/13/2021 4:19 PM, 97408 bytes, A Adds the file DuplicateFilesRemover.exe"="2/13/2021 4:20 PM, 344704 bytes, A Adds the file GameOptimizer.exe"="2/13/2021 4:19 PM, 124544 bytes, A Adds the file GameOptLauncher.exe"="2/13/2021 4:20 PM, 343168 bytes, A Adds the file GameOptLauncher64.exe"="2/13/2021 4:20 PM, 400000 bytes, A Adds the file GOHelper.exe"="2/13/2021 4:19 PM, 62592 bytes, A Adds the file Help.ico"="10/23/2020 4:47 PM, 1150 bytes, A Adds the file HighestAvailable.exe"="2/13/2021 4:19 PM, 114816 bytes, A Adds the file HookDll.dll"="2/13/2021 4:19 PM, 63104 bytes, A Adds the file HookDll64.dll"="2/13/2021 4:19 PM, 64128 bytes, A Adds the file info.ico"="10/23/2020 4:47 PM, 1150 bytes, A Adds the file KillASOProcesses.exe"="2/13/2021 4:20 PM, 121472 bytes, A Adds the file launcher.exe"="2/13/2021 4:20 PM, 72832 bytes, A Adds the file MemoryOptimizer.exe"="2/13/2021 4:20 PM, 193152 bytes, A Adds the file MFC90CHS.dll"="10/23/2020 4:46 PM, 38912 bytes, A Adds the file MFC90CHT.dll"="10/23/2020 4:46 PM, 39936 bytes, A Adds the file MFC90DEU.dll"="10/23/2020 4:46 PM, 66560 bytes, A Adds the file MFC90ENU.dll"="10/23/2020 4:46 PM, 56832 bytes, A Adds the file MFC90ESN.dll"="10/23/2020 4:46 PM, 65024 bytes, A Adds the file MFC90ESP.dll"="10/23/2020 4:46 PM, 65024 bytes, A Adds the file MFC90FRA.dll"="10/23/2020 4:46 PM, 66048 bytes, A Adds the file MFC90ITA.dll"="10/23/2020 4:46 PM, 64512 bytes, A Adds the file MFC90JPN.dll"="10/23/2020 4:46 PM, 46592 bytes, A Adds the file MFC90KOR.dll"="10/23/2020 4:46 PM, 46080 bytes, A Adds the file mfc90u.dll"="10/23/2020 4:46 PM, 3783672 bytes, A Adds the file Microsoft.VC90.ATL.manifest"="10/23/2020 4:46 PM, 353 bytes, A Adds the file Microsoft.VC90.CRT.manifest"="10/23/2020 4:46 PM, 391 bytes, A Adds the file Microsoft.VC90.MFC.manifest"="10/23/2020 4:46 PM, 349 bytes, A Adds the file Microsoft.VC90.MFCLOC.manifest"="10/23/2020 4:46 PM, 670 bytes, A Adds the file msvcp90.dll"="10/23/2020 4:46 PM, 572928 bytes, A Adds the file msvcr90.dll"="10/23/2020 4:46 PM, 655872 bytes, A Adds the file Network.dll"="2/13/2021 4:19 PM, 377472 bytes, A Adds the file NewScheduler.exe"="2/13/2021 4:20 PM, 736384 bytes, A Adds the file Order.ico"="10/23/2020 4:47 PM, 1150 bytes, A Adds the file PCFixer.exe"="2/13/2021 4:19 PM, 1288832 bytes, A Adds the file PrivacyProtector.exe"="2/13/2021 4:19 PM, 1590400 bytes, A Adds the file PTBWin7.exe"="2/13/2021 4:19 PM, 27264 bytes, A Adds the file RegClean.exe"="2/13/2021 4:19 PM, 1172608 bytes, A Adds the file RegistryOptimizer.exe"="2/13/2021 4:19 PM, 274048 bytes, A Adds the file RequireAdministrator.exe"="2/13/2021 4:19 PM, 89728 bytes, A Adds the file rw.dat"="10/23/2020 4:47 PM, 1371329 bytes, A Adds the file rw.ini"="10/23/2020 4:47 PM, 54694 bytes, A Adds the file SecureDelete.exe"="2/13/2021 4:19 PM, 1231488 bytes, A Adds the file SecureEncryptor.exe"="2/13/2021 4:20 PM, 380032 bytes, A Adds the file SecureShell.dll"="2/13/2021 4:20 PM, 324224 bytes, A Adds the file single_click_care.ico"="10/23/2020 4:47 PM, 15086 bytes, A Adds the file sqlite3.dll"="2/13/2021 4:19 PM, 575000 bytes, A Adds the file StartupManager.exe"="2/13/2021 4:20 PM, 278656 bytes, A Adds the file SysFileBakRes.exe"="2/13/2021 4:20 PM, 607872 bytes, A Adds the file SystemAnalyzerAndAdvisor.exe"="2/13/2021 4:20 PM, 789120 bytes, A Adds the file SystemCleaner.exe"="2/13/2021 4:20 PM, 2510464 bytes, A Adds the file Systweak Software Website.url"="10/23/2020 4:47 PM, 245 bytes, A Adds the file UndeleteDLL.dll"="2/13/2021 4:19 PM, 249984 bytes, A Adds the file unins000.dat"="5/4/2021 10:04 AM, 164231 bytes, A Adds the file unins000.exe"="5/4/2021 10:04 AM, 1187968 bytes, A Adds the file unins000.msg"="5/4/2021 10:04 AM, 22701 bytes, A Adds the file UninstallManager.exe"="2/13/2021 4:20 PM, 141440 bytes, A Adds the file unrar.dll"="2/13/2021 3:48 PM, 182400 bytes, A Adds the file VolumeControl.exe"="2/13/2021 4:19 PM, 74880 bytes, A Adds the file VolumeControl64.exe"="2/13/2021 4:19 PM, 73856 bytes, A Adds the file website.ico"="10/23/2020 4:47 PM, 1150 bytes, A Adds the file XceedZip.dll"="2/13/2021 4:20 PM, 504520 bytes, A Adds the file xmllite.dll"="2/13/2021 4:19 PM, 139904 bytes, A Adds the file zlibwapi.dll"="2/13/2021 3:48 PM, 127616 bytes, A Adds the folder C:\Program Files (x86)\Advanced System Optimizer 3\da Adds the folder C:\Program Files (x86)\Advanced System Optimizer 3\de Adds the folder C:\Program Files (x86)\Advanced System Optimizer 3\DefragReport Adds the folder C:\Program Files (x86)\Advanced System Optimizer 3\eng Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3 Adds the file Advanced System Optimizer Help.lnk"="5/4/2021 10:04 AM, 1444 bytes, A Adds the file Buy Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1439 bytes, A Adds the file Smart PC Care.lnk"="5/4/2021 10:04 AM, 1496 bytes, A Adds the file Start Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1332 bytes, A Adds the file Systweak Software Website.lnk"="5/4/2021 10:04 AM, 1415 bytes, A Adds the file Uninstall Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1304 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Backup and Recovery Adds the file Backup Manager.lnk"="5/4/2021 10:04 AM, 1504 bytes, A Adds the file System Files Backup and Restore.lnk"="5/4/2021 10:04 AM, 1385 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Common Issue Fixers Adds the file Duplicate File Remover.lnk"="5/4/2021 10:04 AM, 1423 bytes, A Adds the file PC Fixer.lnk"="5/4/2021 10:04 AM, 1295 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup Adds the file Disk Explorer.lnk"="5/4/2021 10:04 AM, 1498 bytes, A Adds the file Disk Optimizer.lnk"="5/4/2021 10:04 AM, 1524 bytes, A Adds the file Disk Tools.lnk"="5/4/2021 10:04 AM, 1504 bytes, A Adds the file System Cleaner.lnk"="5/4/2021 10:04 AM, 1504 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Registry Tuneup Adds the file Registry Cleaner.lnk"="5/4/2021 10:04 AM, 1508 bytes, A Adds the file Registry Optimizer.lnk"="5/4/2021 10:04 AM, 1548 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Regular Maintenance Adds the file Scheduler.lnk"="5/4/2021 10:04 AM, 1334 bytes, A Adds the file Startup Manager.lnk"="5/4/2021 10:04 AM, 1510 bytes, A Adds the file Uninstall Manager.lnk"="5/4/2021 10:04 AM, 1378 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Security and Privacy Adds the file Privacy Protector.lnk"="5/4/2021 10:04 AM, 1522 bytes, A Adds the file Secure Delete.lnk"="5/4/2021 10:04 AM, 1518 bytes, A Adds the file Secure Encryptor.lnk"="5/4/2021 10:04 AM, 1369 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Windows Optimization Adds the file Game Optimizer.lnk"="5/4/2021 10:04 AM, 1524 bytes, A Adds the file Memory Optimizer.lnk"="5/4/2021 10:04 AM, 1369 bytes, A Adds the file System and Security Advisor.lnk"="5/4/2021 10:04 AM, 1594 bytes, A In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch Adds the file Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1490 bytes, A In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar Adds the file Start Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1332 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3 Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Checking for Updates\AppUpdates Adds the file LatestVersion.htm"="5/4/2021 10:10 AM, 268 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Partial Backups Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Registry Cleaner Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Registry Optimizer Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\ASO3\System Files Backup and Restore In the existing folder C:\Users\Public\Desktop Adds the file Advanced System Optimizer.lnk"="5/4/2021 10:04 AM, 1466 bytes, A Adds the file Smart PC Care.lnk"="5/4/2021 10:04 AM, 1498 bytes, A Adds the folder C:\Windows\Repair\ASO3\4-5-2021_10-5 Adds the file .default"="5/4/2021 10:05 AM, 229376 bytes, A Adds the file bcd00000000"="5/4/2021 10:05 AM, 28672 bytes, A Adds the file hardware"="5/4/2021 10:05 AM, 28672 bytes, A Adds the file info.arb"="5/4/2021 10:05 AM, 34360 bytes, A Adds the file s-1-5-19"="5/4/2021 10:05 AM, 245760 bytes, A Adds the file s-1-5-20"="5/4/2021 10:05 AM, 253952 bytes, A Adds the file s-1-5-21-1350903546-318028887-1286703239-1003"="5/4/2021 10:05 AM, 851968 bytes, A Adds the file s-1-5-21-1350903546-318028887-1286703239-1003_classes"="5/4/2021 10:05 AM, 2297856 bytes, A Adds the file sam"="5/4/2021 10:05 AM, 65536 bytes, A Adds the file security"="5/4/2021 10:05 AM, 24576 bytes, A Adds the file software"="5/4/2021 10:05 AM, 94400512 bytes, A Adds the file system"="5/4/2021 10:05 AM, 11616256 bytes, A In the existing folder C:\Windows\System32 Adds the file roboot64.exe"="2/13/2021 4:20 PM, 26240 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file Advanced System Optimizer"="5/4/2021 10:04 AM, 3158 bytes, A Adds the file ASO-AutoCheckUpdate7Days"="5/4/2021 10:05 AM, 3348 bytes, A In the existing folder C:\Windows\Tasks Adds the file ASO-AutoCheckUpdate7Days.job"="5/4/2021 10:05 AM, 468 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C42CB13B-CA97-468D-9F93-AD1220004E62}] "(Default)"="REG_SZ", "SecureShell" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\SecureShell.dll] "AppID"="REG_SZ", "{C42CB13B-CA97-468D-9F93-AD1220004E62}" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe" "DisplayName"="REG_SZ", "Advanced System Optimizer" "DisplayVersion"="REG_SZ", "3.9.3700.18392" "EstimatedSize"="REG_DWORD", 191750 "HelpLink"="REG_SZ", "http://www.systweak.com/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Advanced System Optimizer 3" "Inno Setup: Icon Group"="REG_SZ", "Advanced System Optimizer 3" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.6 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20210504" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Advanced System Optimizer 3\" "MajorVersion"="REG_DWORD", 3 "MinorVersion"="REG_DWORD", 9 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Systweak Software" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Advanced System Optimizer 3\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Advanced System Optimizer 3\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.systweak.com/" "URLUpdateInfo"="REG_SZ", "http://www.systweak.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\ASO3] "ASO3AFFILIATE"="REG_SZ", "" "ASO3CAM"="REG_SZ", "default" "ASOBUILDFOR"="REG_SZ", "systweak" "BUILD_CATEGORY"="REG_DWORD", 0 "BuyNowURL"="REG_SZ", "https://www.systweak.com/advanced-system-optimizer/price?isasof=1&" "G_COMPANY_URL"="REG_SZ", "www.systweak.com" "G_HELP_EMAIL_URL"="REG_SZ", "mailto:support@systweak.com" "G_HELP_URL"="REG_SZ", "http://www.systweak.com/aso/help/showhelp.aspx?" "G_PRODUCT_URL"="REG_SZ", "https://www.systweak.com/advanced-system-optimizer/" "G_SUPPORT_PHONE_NUM"="REG_SZ", "" "G_SUPPORT_PHONE_NUM_FR"="REG_SZ", "" "G_SUPPORT_URL"="REG_SZ", "support@systweak.com" "G_TRIALPAY_URL"="REG_SZ", "http://www.systweak.com/aso/trialpay/?" "G_TUTORIAL_SITE_URL"="REG_SZ", "https://www.systweak.com/advanced-system-optimizer/?" "G_WEBSITE_URL"="REG_SZ", "http://www.systweak.com/?" "installed_date"="REG_SZ", "04-05-2021" "KeyExpired"="REG_DWORD", 0 "MachineHashID"="REG_SZ", "-3167270725993147789" "RegisteredPass"="REG_SZ", "" "RegisteredUser"="REG_SZ", "" "REGISTEREDVERFOUNINSTALL"="REG_DWORD", 1 "ReNewURL"="REG_SZ", "https://www.systweak.com/advanced-system-optimizer/renewal?isasof=1&" "utm_days"="REG_SZ", "0" "utm_xcid"="REG_SZ", "default" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/4/21 Scan Time: 10:23 AM Log File: f83ac26e-acb1-11eb-8000-080027235d76.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1273 Update Package Version: 1.0.40123 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username}-PC\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 238530 Threats Detected: 494 Threats Quarantined: 494 Time Elapsed: 4 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 24 PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\SecureShell.SecureShellExt, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\SecureShell.SecureShellExt.1, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\TYPELIB\{2A03A149-3CD3-429D-B4A4-28D9D2974874}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\INTERFACE\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2A03A149-3CD3-429D-B4A4-28D9D2974874}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{2A03A149-3CD3-429D-B4A4-28D9D2974874}, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}\InprocServer32, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}\InprocServer32, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASO-AutoCheckUpdate7Days, Quarantined, 3574, 184083, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{734B8F01-18BD-4F2B-B73D-A3D02732E7D3}, Quarantined, 3574, 184083, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{734B8F01-18BD-4F2B-B73D-A3D02732E7D3}, Quarantined, 3574, 184083, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advanced System Optimizer, Quarantined, 3574, 184082, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{016CD71E-27F9-49C7-BB1C-82437502F6B8}, Quarantined, 3574, 184082, , , , , , PUP.Optional.AdvancedSystemOptimizer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{016CD71E-27F9-49C7-BB1C-82437502F6B8}, Quarantined, 3574, 184082, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\ASO3_JUMP_LIST, Quarantined, 884, 324616, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKCU\SOFTWARE\SYSTWEAK\ASO3, Quarantined, 884, 324154, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ASO3, Quarantined, 884, 324153, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}, Quarantined, 884, 351523, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}, Quarantined, 884, 351523, 1.0.40123, , ame, , , Registry Value: 5 PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\.DOC\OPENWITHPROGIDS|ASO3_JUMP_LIST, Quarantined, 884, 327153, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\.TXT\OPENWITHPROGIDS|ASO3_JUMP_LIST, Quarantined, 884, 327154, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\ASO3_JUMP_LIST|FRIENDLYTYPENAME, Quarantined, 884, 324616, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKCU\SOFTWARE\SYSTWEAK\ASO3|ASO3CAM, Quarantined, 884, 324154, 1.0.40123, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ASO3|ASO3CAM, Quarantined, 884, 324153, 1.0.40123, , ame, , , Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 31 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DefragReport, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\pt-br, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\zh-cn, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\eng, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\da, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\de, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\es, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\fi, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\fr, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\it, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ja, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\nl, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\no, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ru, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\sv, Quarantined, 3574, 184080, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Security and Privacy, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Windows Optimization, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Backup and Recovery, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Common Issue Fixers, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Regular Maintenance, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Registry Tuneup, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup, Quarantined, 3574, 182041, , , , , , PUP.Optional.AdvancedSystemOptimizer, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Advanced System Optimizer 3, Quarantined, 3574, 182041, 1.0.40123, , ame, , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Checking for Updates\AppUpdates, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\System Files Backup and Restore, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Checking for Updates, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Registry Optimizer, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Registry Cleaner, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Partial Backups, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3, Quarantined, 875, 184122, , , , , , PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\ROAMING\SYSTWEAK, Quarantined, 875, 184122, 1.0.40123, , ame, , , File: 434 PUP.Optional.AdvancedSystemOptimizer, C:\PROGRAM FILES (X86)\Advanced System Optimizer 3\unins000.dat, Quarantined, 3574, 184080, 1.0.40123, , ame, , 9D50E5DFA3350C223A715DBB1C982007, C0FFFD205B6B37C11E8A91A1AFC5368C277490DC0B27CFF60253F2D2C3560BDA PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Advanced System Optimizer Help.url, Quarantined, 3574, 184080, , , , , E7B38961D0F7EACC91363F5058800BB1, 8DCF06ECD3321DB902C2775D9F0E3A2FD847F7477ED5CE5B517A01EB23CEC436 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ASEng.dll, Quarantined, 3574, 184080, , , , , EF22E41BC9CD11AE18ECC4A4B556296F, 2A005913A2045EBF37C1855755DE55C527E4574A2002BE47FF8BA786EBD46B5C PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\AsInvoker.exe, Quarantined, 3574, 184080, , , , , F166B4A50D64C3212742A07BDFC990AF, 7F96BB572D6647C23DD681DFE74CD473F1828D5D23601D070BA2452B8CF39778 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe, Quarantined, 3574, 184080, , , , , 8C4CFDE11A5BEDAF3BBCDA465098489B, E4096455826E3152DEBE4DBCEED6F23D3772B4E8F92B37553EE4C1A37D37C6D7 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv.exe, Quarantined, 3574, 184080, , , , , 57EA7FFD3D89E3219F0ACAC9C725D8A5, 30ED7DE211C20171581C16E7467EB97EA3C77F5D1619AC6EB4A7305C3A475187 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe, Quarantined, 3574, 184080, , , , , 3456B682982808DE14728D03162EC2EB, 3B4E6645F0AB92AD792043EE995490AD0C7DD6A7270A2F7E2A68A91887010AA0 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\aso3sys.dll, Quarantined, 3574, 184080, , , , , 72499463594B4ABCAF507BBA0C5F96FE, 246BCD3E11ADE3FB5F2655FED97AD39EDD555852379495E188C80A042C1493A5 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\ASOHelper.dll, Quarantined, 3574, 184080, , , , , 0FEA08AB9D1345EB60BAC7AB23326F25, EDFA730236986FD2818B46F69FF83173387A76A4A2989854E4855341BB6353F2 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\asohtm.dll, Quarantined, 3574, 184080, , , , , 6E96C71C8D03495F1CCA4B2B21A0C997, D209D97C31E4FBC96BA0EDCB8BD0C5ADAE5FE45E769DBFC85CC6244C795EA250 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\asores.dll, Quarantined, 3574, 184080, , , , , 62B23977F95D6F37800F7B75A2315D4C, 9F76AB6F721FB050A05D574A628A5E5BC86E176E459C242AC0DFFF8979244CC7 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\BackupManager.exe, Quarantined, 3574, 184080, , , , , 5E7856FA61AF4ECF9B8B2837F9A6F374, E84A90061D4A1F63271E3C04A65937276B6D66FFFB3728AC3DCB2517FF3182BE PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Buy Advanced System Optimizer.url, Quarantined, 3574, 184080, , , , , ED2AC7685D1C07C78D92A48B374712B6, 5CB98360A7E1E7B2695DA718BD2A866135B72095BC062A8FEFFE7228DBB06053 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe, Quarantined, 3574, 184080, , , , , DECD7B3924F9112488B999893C173279, 2E176CED2130EF47D6EF983C5CA9D3CBC5AACFF604C56CA5456FA9CE2D4DF9CE PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\database.dat, Quarantined, 3574, 184080, , , , , E6D3E82BD5BC0E93ED17164D68F0C872, 681F493E02CB4001D08FFBAC9F62C1710DC9C44B8D9E8966E108909AC3DE2F44 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DefragServiceManager.exe, Quarantined, 3574, 184080, , , , , 997CCBD0D348A4CB9672A6BC1BB947E3, 3047D6B2CEDAD833ACD7736CAA427E72022D292B141EB55DE24D5AEAE28F92E8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\demo.log, Quarantined, 3574, 184080, , , , , 2C251534C182CFC73104D95461525FCF, 23BEA73F9AB48E78D60EDA98C66E51C6DDB978A1FCB64092BCECADF1AD345EB7 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DiskDoctor.exe, Quarantined, 3574, 184080, , , , , 7E6A3AE047F1ECA2C84026B869076332, 4406F70151E7A1322FCEDDA9874D7C80A98D5DEF39288D061E1851983DD667EB PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DiskExplorer.exe, Quarantined, 3574, 184080, , , , , 98C3D9546A676854391F141B626BF970, 7B0067FDA6B5E1F7382A8FD37542820E0CCA466DFEB37D392204DBC91A93B6B5 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DiskOptimizer.exe, Quarantined, 3574, 184080, , , , , 914EF2CD1228654A4BB948752871BC27, E194DDCA5AD9999DFCBAD4DA9E0F0EF15AB372633CFB6F711982E365C8DFDF8A PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Downloader.dll, Quarantined, 3574, 184080, , , , , 58D0D388DC9B1C9A448F455659B46D90, 57696048BBBB9797ED438A43B7FB78F1EFED0CB87C8C5BE4DB64D382DBB300E4 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\DuplicateFilesRemover.exe, Quarantined, 3574, 184080, , , , , 0E07C2020C46A43EEC17FB23557C8F44, 4D966D3C37F0DFCE0BD509795F015E763A250A1E23249A7D938C1D5E3E2C63A7 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\GameOptimizer.exe, Quarantined, 3574, 184080, , , , , 14CC49F139234053DF80C28CD80D848F, 4BEB7365696FEDA1422E0A5CB6ECC2BC404BBD7921A40EDA129B56023B00AFE5 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\GameOptLauncher.exe, Quarantined, 3574, 184080, , , , , 889875DA1AAA4C695E99A690B8BCA3FF, 6C04C06409FB62B1B662AB2BD52A12D4CF1CBEB470DB21F865277292F262F9AD PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\GameOptLauncher64.exe, Quarantined, 3574, 184080, , , , , 9AFADED72B429B639295CBA709BFECF0, 432843DBB0DA475135F127B17D076390381894C9425ABB731985B885C88DAB49 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\GOHelper.exe, Quarantined, 3574, 184080, , , , , 34645C81869C3096EF94B7B28B8B3416, 8B47D86787C932EF597203391CA5968F72F53AB4EB1CBDA650F45C4250754CE4 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Help.ico, Quarantined, 3574, 184080, , , , , 5697B752200CF82615E9143F678AFBD4, 32F56BC79BB493F9F9F26BEF94BB92E9F45D2353557F4BAF94A41D6933495FF4 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\HighestAvailable.exe, Quarantined, 3574, 184080, , , , , 3EE222E43E89F8C436AEDD0D935D1A9B, 18F457ECD230EABBEE7B489C0DB8A7449D51F0B5F2B929CDF23F5BAF730B31F3 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\HookDll.dll, Quarantined, 3574, 184080, , , , , F16993ABA22DB333FB2880E094F4FCFD, 4551F12F863D5E9EECCFD3C91437D7C89B72C8931D97AED8C7C9E417A26EF35D PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\HookDll64.dll, Quarantined, 3574, 184080, , , , , 643AEB0EA8003089E211E0C54B01EA13, AB6422E046940100E83982E47B8354661CCCE9039A07569E1EE138A2C1C08F78 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\info.ico, Quarantined, 3574, 184080, , , , , 3B1C489DA41E6286FC9E6E7C7FD5EC9B, 8F82A1E2856B58D405F4EC893CC6BA10D4DF2DD9014D014F2FD8E00D18F00A31 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\KillASOProcesses.exe, Quarantined, 3574, 184080, , , , , 8365F3775085680D69185C938D4AFDFD, C0B29198BC4B47F8E274CEB570CB3CCD9D6412C6EDA14C0D806A5F779A9D96DE PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\launcher.exe, Quarantined, 3574, 184080, , , , , E901F5DA770A13BEC85161E09A6BD6C5, C14489C4A59AE32E5ECCC32058919ADD10CF3D56F8C82E5072E8B5496DE25127 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\MemoryOptimizer.exe, Quarantined, 3574, 184080, , , , , 7639197CD5F60C6D7048A0C527C0DB7B, D52336DA03F9283E471AD736A8569062DC9E18A026C3DCCF7DA44651426F8EC6 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Microsoft.VC90.ATL.manifest, Quarantined, 3574, 184080, , , , , 740631036E6FD381CE8D2005C69BBACF, FB7DC909360397ED397119639728B1D33B0F3F985285FFA2C422FED41A6DA94B PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Microsoft.VC90.CRT.manifest, Quarantined, 3574, 184080, , , , , A14E590E0DFBB2DF0FB77768F993FC79, E9D66E9E851F0612A6EF8ACEA86724970FF2335378D506499A3C86DB2F674531 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Microsoft.VC90.MFC.manifest, Quarantined, 3574, 184080, , , , , B9CA9C15F4FC967B95217464F83900E5, E7332E45362AB7DC85E4FF2E66B5F7C50D11DBCC9BBF5B3BC4E9C32557E1035D PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Microsoft.VC90.MFCLOC.manifest, Quarantined, 3574, 184080, , , , , 7A7C6CD751B2E9A0088A825B10D60E53, E34C3DDF56B7AA53F0C787643030568EC0F37C2E53ECDB8138C809BE9C71D0B8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Network.dll, Quarantined, 3574, 184080, , , , , F4FEAC1EE9A1AEB7834F15FE83ED5F75, 4D9C6075C330E724C49E167467BA11299B9B55A70EA958459BAB3A18D90344B8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\NewScheduler.exe, Quarantined, 3574, 184080, , , , , A38381F4FD121D7FC21032DEDA972AB3, A06AD8C8CF94CE1B5F27248D6ABDB98AFCE3EFA344AC5166B893B9ECA8B39589 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Order.ico, Quarantined, 3574, 184080, , , , , 15A1352769B0A5CDDF8458B000544B36, FBB63525D5D171311F20966517E55041C2397EA84DE3BA91DCB0135332F227E5 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\PCFixer.exe, Quarantined, 3574, 184080, , , , , C74DAA41529465F7ECA163BF6C940DD7, 5F379FBEF44B554CC1BCB725D2BF363DE06B03EE1A8FFDDF1FBB8C5ADA32E7E9 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\PrivacyProtector.exe, Quarantined, 3574, 184080, , , , , 81BEAFA62807D1298B9F5B3BCDD0A40C, C2E98E074C62194D8CBFF7A09472551C1C7100E2E6AFF7CA0CD9A0795E80611E PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\PTBWin7.exe, Quarantined, 3574, 184080, , , , , C2D04E4FC3D6557831974BB3C125B003, 73D1E5B7F0A923DF1FE249B7FE068A5DA804761497FB0A6DB736D6272AF65A1B PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\RegClean.exe, Quarantined, 3574, 184080, , , , , CD75779C46E8FA0A225BE223C63864F1, D52BB696A308A05F48C8C19AF8AC01B47EC61552483D56397AC0750630C3AD3B PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\RegistryOptimizer.exe, Quarantined, 3574, 184080, , , , , EF8340971C4F08826D664375EF0387BD, A205D6A6B65265A9B49B8618C3F8C96D536FC13987D618D832FA985F61E241B9 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\RequireAdministrator.exe, Quarantined, 3574, 184080, , , , , B99393750868835D0A37FA05BC3B8D18, 9D1FEC367CFD8F118E352EB8ADF7C81494A709FBDA3C44E2B98EE13F570D2C6E PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\rw.dat, Quarantined, 3574, 184080, , , , , 9B3F874215648E8F992948A93E8EC3B6, 34E0AC12C7D6B26CFAE79E64D4F2BD18085D6B30E77C144C7DF91799AF1B0F38 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\rw.ini, Quarantined, 3574, 184080, , , , , EFAF01408DE02752A8CB7CCD2EA79AF6, 053BED1FE8765D8BA496BE2A58143D7D354F095CD6D2B5EEF2E227BC408F64DB PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SecureDelete.exe, Quarantined, 3574, 184080, , , , , CA06DBE2BF30A9663AAB250D07A22FA0, BD5CF44F691FD742CB3CFB7697AF08BBCD6042AD30E14163598DD6C8CBB331E8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SecureEncryptor.exe, Quarantined, 3574, 184080, , , , , ED2F00DDE97849C080B08A64A45066EE, 7EA6705799FE1F7B03CB11B322E9439B12FDAF9F6CE55B3D49070D5E9FCB235D PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SecureShell.dll, Quarantined, 3574, 184080, , , , , 1E9A3D77346986DB1E208281471552AA, 932935F6573B8653CC87FBDF4B65E07CB75FB3AF3C5435494C413156FA36BB4D PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\single_click_care.ico, Quarantined, 3574, 184080, , , , , EAB151D0B51D5DA45F38A9D4FBAB6169, 3104ECAB5B375C601D7960064E9909D1E502701683169F19C22F3D6C2954A08B PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\sqlite3.dll, Quarantined, 3574, 184080, , , , , FEA76C4AAE247AA7316CB1A17B8B82B4, 220708CFC4871FC6A710F459A2C22E12824E13F2DA274D5C14D0BEB5841FF919 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\StartupManager.exe, Quarantined, 3574, 184080, , , , , 18AB82E805DA28BB3C0F1EC2F18E82A4, 98457DE1561824961EEC12DFF8E6883DA0C71DDCC3EF3B8C6784353A67CE50BC PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SysFileBakRes.exe, Quarantined, 3574, 184080, , , , , 253F6813608C1A0525852723E46B3B38, 8BF70C87EDE8BA69F26EE609E04CDFFABD400E50D2C80004FFE9667755E57A92 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SystemAnalyzerAndAdvisor.exe, Quarantined, 3574, 184080, , , , , 6CAFC139544A7D9707FAA8406D81223C, 0AEBCD9249F44231457DA1C7683D8A7F057AF11BA2AF5D6AFF0368FFDD2521B8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\SystemCleaner.exe, Quarantined, 3574, 184080, , , , , F723208F11CCD51109DCD73313D9DEE5, 4F62FC09B2C3BAFCF744A2D3F8CAAA80F94F468EEDA5E2F7357F0048D7A93B17 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\Systweak Software Website.url, Quarantined, 3574, 184080, , , , , 6AF3D9C77BA821B14FA5E146AC65C72C, E3D92B9AD4B80DF495B5BF7AB16E8BB061DCD0EE94C8BF3439DEF3A681CBE8D8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\UndeleteDLL.dll, Quarantined, 3574, 184080, , , , , 739D5F64EF184DB033BBFE0F1FA9E4F2, 3B8FD5EA06A6D81061FA64A3B498B3800A42A55F4614DA424E7D1605A2C21818 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\unins000.exe, Quarantined, 3574, 184080, , , , , 732AB3A914069E78BF525E9561D3404C, 10681AFEF258C1EB11B1B3174052A99CF19C9DE838FF49A961D0A13435381971 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\unins000.msg, Quarantined, 3574, 184080, , , , , 5F38274FC51EC35B61E925153E26EF1C, 946195C199C2F798ED0AB3DC8AE4511BE30AD70E5FB994D677BEEE0AE249DEC8 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\UninstallManager.exe, Quarantined, 3574, 184080, , , , , 0B938297E2834748A8F0BE184725F7B0, BBBEB52A97566353DFB866D3452C2EC345327BAABE4A1B538BC34E67FBCB112B PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\unrar.dll, Quarantined, 3574, 184080, , , , , 9DD783542AD1168FD2C7E3D245B531CE, AA00A045D1A1010B9497825794F6BE8D75ECC8C3F00A15E9EED0C0A0E2A254A9 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\VolumeControl.exe, Quarantined, 3574, 184080, , , , , C53D47208E8DFE98EEDA41C082798A5F, 0A79A1DB5ED2BABBA6B38155304A5E7FF09D938322CE822BA7BCD7E2A18D0DA4 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\VolumeControl64.exe, Quarantined, 3574, 184080, , , , , 8B46A050CDBE170B4F52AD4E3966E7C9, 38FA6A9603CAEE0C45B48DE818035F98482599CEB5B0E640D0CC491FF5920BD2 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\website.ico, Quarantined, 3574, 184080, , , , , B2A9DD9BD0B6C373F26D8B102B514761, 7C6C7BE3B768FB64DCD1B54B8201B67F807A4884F4AC8082FDC0D97F80B84318 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\XceedZip.dll, Quarantined, 3574, 184080, , , , , 6790F95F8C340110940EF92100C8FBED, 354AD2F5AF9460878D6C641231B2BEB43763A1548256782950EAAF27FB156491 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\xmllite.dll, Quarantined, 3574, 184080, , , , , 47176C26B3BC164CCB0354694D684E7B, 2FF76AA25ECD5B4CE6344CC2F9E569875123FA891E48A06AFEC4BEB9439766C6 PUP.Optional.AdvancedSystemOptimizer, C:\Program Files (x86)\Advanced System Optimizer 3\zlibwapi.dll, Quarantined, 3574, 184080, , , , , F1B0EF23946D1D6CB40DDD8EE93A8053, D25F33DFE1BF507D537C56A12E8A486C5B900FB56738180EAE7848B780E9B5D8 PUP.Optional.AdvancedSystemOptimizer, C:\USERS\{username}\APPDATA\LOCAL\TEMP\Start Advanced System Optimizer.lnk, Quarantined, 3574, 184080, , , , , D04E69DE5EAA7E116ECE1744CCCA9310, 24942317BDB9A92110C69E6F47227C6ACB25AF1F3D584E8C7D4592CD9CDF65C4 PUP.Optional.AdvancedSystemOptimizer, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\User Pinned\TaskBar\Start Advanced System Optimizer.lnk, Quarantined, 3574, 184080, , , , , D04E69DE5EAA7E116ECE1744CCCA9310, 24942317BDB9A92110C69E6F47227C6ACB25AF1F3D584E8C7D4592CD9CDF65C4 PUP.Optional.AdvancedSystemOptimizer, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\ADVANCED SYSTEM OPTIMIZER.LNK, Quarantined, 3574, 184081, 1.0.40123, , ame, , 22004A27CB3D66A5BD14322539BB81CA, 564F1CD8FCCAE85875367710B199F2E3637A0731EF235E5AA09F73839F10614A PUP.Optional.AdvancedSystemOptimizer, C:\WINDOWS\TASKS\ASO-AutoCheckUpdate7Days.job, Quarantined, 3574, 184083, , , , , 28F6E5FA5F752F34B6162169DD121E4B, 64C0F831DBC9EEFB657A7BADC0A1ADFE84B1F6341ADFBDCDC284D04CBE67B534 PUP.Optional.AdvancedSystemOptimizer, C:\WINDOWS\SYSTEM32\TASKS\ASO-AutoCheckUpdate7Days, Quarantined, 3574, 184083, 1.0.40123, , ame, , 6BECD62322C0D1AF7159C36ED826370D, 088B265CA25E3AC253C58B0802B853F961D86646681E8ECB2484FC231B758E0D PUP.Optional.SmartPCCare, C:\USERS\PUBLIC\DESKTOP\SMART PC CARE.LNK, Quarantined, 3646, 184115, 1.0.40123, , ame, , 46C31AE4EA32680EE1F5281D933930DE, 3E5EE9188D3DAE3A9CEA26482CAB3C1B28AA7425C8116D6BCE5FA01C780DE88A PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Backup and Recovery\Backup Manager.lnk, Quarantined, 3574, 182041, , , , , 38F4C73AA543C7D4B4F301E1FA96A585, 15D919DAA4E76F557A2D77EED519F40701E733B7F43137CA798549A7344DCE9F PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Backup and Recovery\System Files Backup and Restore.lnk, Quarantined, 3574, 182041, , , , , F42D80D3A18A74C769CB99263A276D59, 03C83836827AA9451D2475FA01B4C43E718F9DE6029A84607A47DCA05BAD116D PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Common Issue Fixers\Duplicate File Remover.lnk, Quarantined, 3574, 182041, , , , , F27D29121821B3AE2878AAB82C5CF585, 6CF9950C6888465DA0C9A254BD5AB4C7C8D8D022CD09C5C8132BE91E7272A18B PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Common Issue Fixers\PC Fixer.lnk, Quarantined, 3574, 182041, , , , , 9F92C94C6443FACFCA0EE1A94B415CB9, 00266E294D7312652C64D0C4EB4DB21B5B756BEE5E2986B6EC606C8FA4631854 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup\Disk Explorer.lnk, Quarantined, 3574, 182041, , , , , 1205076907623DC3ECBC8C0719C7B067, 8D0B0B6B5B77FFC97C0D18D8F872C595B9AAE12997A55FEAD4B1F01EDD32C504 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup\Disk Optimizer.lnk, Quarantined, 3574, 182041, , , , , 07A78EB4F25A6B1F0D0791C0AE2D15B8, C36EAEAF2EEE06C65B249554505AA44D639F00031029A5A658F316731E7FB1B9 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup\Disk Tools.lnk, Quarantined, 3574, 182041, , , , , 5E6B84AE73337F1D9B3DF7E162116EAD, 592B151C730C9B80F3AE5888968F46DE44E0349D840099F70ED818ED54EB5359 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Disk Tuneup\System Cleaner.lnk, Quarantined, 3574, 182041, , , , , E576D17B846E1E15018EBAD8FEF4D74E, 2B99BE9721F52BB87AFC695F125660F47BAABE63560F4C3890AFE497D702AA64 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Registry Tuneup\Registry Cleaner.lnk, Quarantined, 3574, 182041, , , , , 077CF448D5F26FA3507D7276CCB4DD5F, AB8ACACB419C2F5AA46FE69C5B7D0E09953372132EB6942CBE9AC2A966729DCE PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Registry Tuneup\Registry Optimizer.lnk, Quarantined, 3574, 182041, , , , , F9D4EC22BD86876007D2E65C905E1963, 17A9728D16A0ECB7CE31D77AC192759DB52749A14AADE0F1F4CC87F1F2838462 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Regular Maintenance\Scheduler.lnk, Quarantined, 3574, 182041, , , , , A690F7C92DF511456FD0B73B65111C98, DB176A052307EA9A3DEB0D073FFCB009825F528880668C8F301468235A516A7C PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Regular Maintenance\Startup Manager.lnk, Quarantined, 3574, 182041, , , , , E81A9928AA90C8A97E86053B45BC5812, 458914D49BC7E2384247F3A46B032068A9F1C74956B8FF421F56D354EFB19B7B PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Regular Maintenance\Uninstall Manager.lnk, Quarantined, 3574, 182041, , , , , 65718D14EBC5642AD79B86581452DA6F, D58F87158321225D67113C8EB79BFD8D14016295186CF46BC8EEA9D0472B3212 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Security and Privacy\Privacy Protector.lnk, Quarantined, 3574, 182041, , , , , 266B765AD4E4379463C83861EB63FD94, 2BB96464C072E1D8D3CE9E9803D00E5A0ADECC2761B129577201D4B3649DB4B7 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Security and Privacy\Secure Delete.lnk, Quarantined, 3574, 182041, , , , , 734AFD89ECD173AE12E26664259716F0, FA22432869016DEB3AEEEC6FB392DF9AD0F21DC083BAE66619098ADB1D5B81BD PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Security and Privacy\Secure Encryptor.lnk, Quarantined, 3574, 182041, , , , , 440244AC84C7C899A7C0176A621EFC53, C97EFDC54B9BD33EE0CAAEBEFFB914762A559D885E4CC41C6A46B21A1655A3DF PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Windows Optimization\Game Optimizer.lnk, Quarantined, 3574, 182041, , , , , 5457B5F9935754081B842AC7704CA3DE, 6BCBCB9C9741E0ADEF86CF453F0889BE75F36A8B22AFAC97D122B9CE12DA74BA PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Windows Optimization\Memory Optimizer.lnk, Quarantined, 3574, 182041, , , , , FD1422B158BDD6F3E8677A378C38AD9A, 8FBF2C361F3A5D09EDD461F58F7099BCA8BAE61A429C776A30F766B3BBA3ABD2 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Windows Optimization\System and Security Advisor.lnk, Quarantined, 3574, 182041, , , , , D939678D5CDF84B92F5D649EA5C620FF, 22A04A6638B4AAC47DCE08E44E7A2F89B3A1A9EF325C09665104CF48B4B5F952 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Advanced System Optimizer Help.lnk, Quarantined, 3574, 182041, , , , , AD0EC3F6B077340662FC50E6F9552830, 2492DD4D67C045A124E4B90A7E2F10A1F9ADD1781371E89CEDBB4021D363F752 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Buy Advanced System Optimizer.lnk, Quarantined, 3574, 182041, , , , , 21116847AAACCC65DA77FE9750B05BF5, DDB73BCD7638453B20B12E53006CA6A80387746C56C48FAD6644CED2F8523776 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Smart PC Care.lnk, Quarantined, 3574, 182041, , , , , 9CAF0943145ED41780391DD1A7537C59, BF6F8848952DB9C8DF4B7426821A087D2DC299DF2ABA65F47E6DBF152779A2AB PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Start Advanced System Optimizer.lnk, Quarantined, 3574, 182041, , , , , D04E69DE5EAA7E116ECE1744CCCA9310, 24942317BDB9A92110C69E6F47227C6ACB25AF1F3D584E8C7D4592CD9CDF65C4 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Systweak Software Website.lnk, Quarantined, 3574, 182041, , , , , C46257935F387F1FEE39F81F0A7FC046, 8E959EEBB199CF5AFF0EA623A002C713FD8CA719CDA8EBE4622A3B5F20265889 PUP.Optional.AdvancedSystemOptimizer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Uninstall Advanced System Optimizer.lnk, Quarantined, 3574, 182041, , , , , 72ABC62AB12AC7B2E7518B9D0A75E27C, 7F88F550922BE88E5B6768A7267217051A17D94E1E7E375545E282F29B4C7A07 PUP.Optional.AdvancedSystemOptimizer, C:\USERS\PUBLIC\DESKTOP\ADVANCED SYSTEM OPTIMIZER.LNK, Quarantined, 3574, 184079, 1.0.40123, , ame, , E2FCBE1551123600D15B0D6F90E08170, A80AFA5DC0601846C31E6B62CE7152323D5AE3BA6191F4B305D55F467A6F4C8C PUP.Optional.AdvancedSystemOptimizer, C:\WINDOWS\SYSTEM32\TASKS\ADVANCED SYSTEM OPTIMIZER, Quarantined, 3574, 184082, 1.0.40123, , ame, , 3B5D71C91E08D6A666F95CA0175E4B49, 72DB7E7B6256797B630CAF273296579AD6269F368D4EF6474D75576F20886357 PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\ROAMING\SYSTWEAK\ASO3\backup.aso, Quarantined, 875, 184122, 1.0.40123, , ame, , E9137675D4ABC2D8CF6CE32B15B98D42, 0D0791E33E77756724EE0F8ECAEDDC4143E3F904BCFA6056FAE0EB29C42AF9E2 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Checking for Updates\AppUpdates\LatestVersion.htm, Quarantined, 875, 184122, , , , , 7F5146C9DAAA5557783FB96C90B44594, BC56C170FFAD0121BBBCB5C1315400CC406F38F00C462985AC725EB6E4BB6DB8 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Partial Backups\00000001.rmx, Quarantined, 875, 184122, , , , , 5EB5A079E4B0CD48D7B2E9EB682732DB, C8737D59AE076B1FA31039B4080C64974459854A12D6BF99DA9B91D29EFDE43F PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Partial Backups\00000001.rxb, Quarantined, 875, 184122, , , , , CC6AAB8C6553ECE6D93328FA315C58C0, 993967EED892460CB611310FE628F0BCAB4B2352D348E48BC8F1BD6C8B1472A0 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\Registry Cleaner\log_05-04-2021.log, Quarantined, 875, 184122, , , , , 8B1E292271E01034FC9A46C42B79A2B2, 64FC2DF7F5F3229F2B7E8CD09E8EA77F2E57528687FCCFF2BFE0755F7BAE50C7 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\System Files Backup and Restore\LastBkpDateTime.txt, Quarantined, 875, 184122, , , , , 3281685CAD4F1B6A5358367334A2FA4B, 3AC376FFA5BB95984051AF87EABDE1014AFEAF6A6AA9EC120B51304C902B7E96 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\telnostatus.ini, Quarantined, 875, 184122, , , , , 599C43E8C8CEB1CC8CCB24F273D27C8C, 78D60F2EBAE383F40B0773CB4426DBDBAF0AEB0DFB3E8428D15B149C8FA3F416 PUP.Optional.SysTweak, C:\Users\{username}\AppData\Roaming\Systweak\ASO3\TempHLList.aso, Quarantined, 875, 184122, , , , , 7319468847D7B1AEE40DBF5DD963C999, B0F66ADC83641586656866813FD9DD0B8EBB63796075661BA45D1AA8089E1D44 PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\ROAMING\SYSTWEAK\ASO3\ExcludeList.aso, Quarantined, 875, 184122, 1.0.40123, , ame, , 7319468847D7B1AEE40DBF5DD963C999, B0F66ADC83641586656866813FD9DD0B8EBB63796075661BA45D1AA8089E1D44 PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\ROAMING\SYSTWEAK\ASO3\results.aso, Quarantined, 875, 184122, 1.0.40123, , ame, , A302A771EE0E3127B8950F0A67D17E49, 5DCC1B5872DD9FF1C234501F1FEFDA01F664164E1583C3E1BB3DBEA47588AB31 PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, Quarantined, 875, 395666, 1.0.40123, , ame, , B0AF09399578D5E03BE0723A9926F6EE, 0C2C04A98685FE4E95625F7078EAF34A7D85274D90BFA3FD106397A4EB21EC43 PUP.Optional.SysTweak.Generic, C:\DOWNLOADS\ASO3SETUP_SYSTWEAK-DEFAULT.EXE, Quarantined, 5582, 696375, 1.0.40123, , ame, , 81E69DE9C32BC382666B875DBD21494D, 86E1A1BBFF3D733413310CEBA0F12C63F14EA779AC8B0A5F44E611F4F29EE3BC PUP.Optional.SysTweak.Generic, C:\USERS\{username}\DOWNLOADS\ASO3SETUP_SYSTWEAK-DEFAULT.EXE, Quarantined, 5582, 696375, 1.0.40123, , ame, , 81E69DE9C32BC382666B875DBD21494D, 86E1A1BBFF3D733413310CEBA0F12C63F14EA779AC8B0A5F44E611F4F29EE3BC Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this potentially unwanted program.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.

What is Advanced System Protector? Advanced System Protector is a system optimizer that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog. How do I know if I am affected by Advanced System Protector? This is how the main screen of the system optimizer looks: You will find these icons in your taskbar, your startmenu, and on your desktop: and see this type of windows during install: and this type of screens during operations: You may see this entry in your list of installed programs: and these tasks in your list of Scheduled Tasks: How did Advanced System Protector get on my computer? These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website. How do I remove Advanced System Protector? Our program Malwarebytes can detect and remove this PUP. For a more complete removal it is better to run the built-in uninstaller first. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of Advanced System Protector? No, Malwarebytes removes Advanced System Protector completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. What if I want to keep Advanced System Protector? Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you in dealing with this system optimizer. As you can see below the full version of Malwarebytes would have warned you against the Advanced System Protector installer. Technical details for experts You may see these entries in FRST logs: (SYSTWEAK SOFTWARE -> Systweak Software) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe Task: {1DBAD206-30B0-4BCB-B8E1-17C1EEC3BAEE} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\Advanced System Protector\AspManager.exe [1007864 2020-12-16] (SYSTWEAK SOFTWARE -> Systweak Software) Task: {D2AE2E3D-3A88-482F-B743-D48140E07ECD} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [8983288 2020-12-16] (SYSTWEAK SOFTWARE -> Systweak Software) C:\Windows\system32\Tasks\Advanced System Protector C:\Windows\system32\Tasks\Advanced System Protector_startup C:\ProgramData\Desktop\Advanced System Protector.lnk C:\Users\{username}\AppData\Roaming\Systweak C:\Users\{username}\AppData\Local\Systweak C:\ProgramData\Systweak C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector C:\Program Files (x86)\Advanced System Protector (Systweak Software) C:\Windows\system32\sasnative64.exe Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.3.1001.27010 - Systweak Software) <==== ATTENTION ContextMenuHandlers1: [Advanced System Protector] -> {00212D92-C5D8-4ff4-AE50-B20F0F85C40A} => C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector\aspcontexthelper64.dll [2020-12-16] (SYSTWEAK SOFTWARE -> Systweak Software) Significant alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Advanced System Protector Adds the file AdvancedSystemProtector.exe"="12/16/2020 11:02 AM, 8983288 bytes, A Adds the file AdvancedSystemProtector.exe.config"="12/8/2020 4:35 PM, 8316 bytes, A Adds the file AppResource.dll"="12/16/2020 11:02 AM, 5140216 bytes, A Adds the file asp.ico"="12/8/2020 4:35 PM, 17542 bytes, A Adds the file AspManager.exe"="12/16/2020 11:02 AM, 1007864 bytes, A Adds the file aspsys.dll"="12/16/2020 11:02 AM, 984824 bytes, A Adds the file categories.ini"="12/8/2020 4:35 PM, 44596 bytes, A Adds the file Chinese_asp_ZH-CN.ini"="12/8/2020 4:35 PM, 68320 bytes, A Adds the file Communication.dll"="12/16/2020 11:02 AM, 362232 bytes, A Adds the file danish_asp_DA.ini"="12/8/2020 4:35 PM, 119390 bytes, A Adds the file dutch_asp_NL.ini"="12/8/2020 4:35 PM, 120766 bytes, A Adds the file eng_asp_en.ini"="12/8/2020 4:35 PM, 131796 bytes, A Adds the file Finnish_asp_FI.ini"="12/8/2020 4:35 PM, 120236 bytes, A Adds the file french_asp_FR.ini"="12/8/2020 4:35 PM, 135418 bytes, A Adds the file german_asp_DE.ini"="12/8/2020 4:35 PM, 133458 bytes, A Adds the file Interop.IWshRuntimeLibrary.dll"="12/16/2020 11:02 AM, 55032 bytes, A Adds the file italian_asp_IT.ini"="12/8/2020 4:35 PM, 125334 bytes, A Adds the file japanese_asp_JA.ini"="12/8/2020 4:35 PM, 83742 bytes, A Adds the file libyara.NET.dll"="12/16/2020 11:02 AM, 1165560 bytes, A Adds the file loading_withWhiteBG.avi"="12/8/2020 4:35 PM, 103936 bytes, A Adds the file Microsoft.Win32.TaskScheduler.DLL"="12/16/2020 11:02 AM, 121080 bytes, A Adds the file norwegian_asp_NO.ini"="12/8/2020 4:35 PM, 114688 bytes, A Adds the file portuguese_asp_PT-BR.ini"="12/8/2020 4:35 PM, 122654 bytes, A Adds the file Restartexp.exe"="12/16/2020 11:02 AM, 14072 bytes, A Adds the file russian_asp_ru.ini"="12/8/2020 4:35 PM, 122402 bytes, A Adds the file scandll.dll"="12/16/2020 11:02 AM, 127736 bytes, A Adds the file spanish_asp_ES.ini"="12/8/2020 4:35 PM, 128178 bytes, A Adds the file SQLite.Interop.dll"="12/16/2020 11:02 AM, 1126136 bytes, A Adds the file swedish_asp_SV.ini"="12/8/2020 4:35 PM, 116524 bytes, A Adds the file System.Core.dll"="12/16/2020 11:02 AM, 673528 bytes, A Adds the file System.Data.SQLite.dll"="12/16/2020 11:02 AM, 369400 bytes, A Adds the file unins000.dat"="3/9/2021 10:35 AM, 166533 bytes, A Adds the file unins000.exe"="3/9/2021 10:34 AM, 1198328 bytes, A Adds the file unins000.msg"="3/9/2021 10:35 AM, 22701 bytes, A Adds the file unrar.dll"="12/16/2020 11:02 AM, 260344 bytes, A Adds the file Xceed.Compression.dll"="12/16/2020 11:02 AM, 108280 bytes, A Adds the file Xceed.Compression.Formats.dll"="12/16/2020 11:02 AM, 71416 bytes, A Adds the file Xceed.FileSystem.dll"="12/16/2020 11:02 AM, 128760 bytes, A Adds the file Xceed.Zip.dll"="12/16/2020 11:02 AM, 202488 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector Adds the file Advanced System Protector.lnk"="3/9/2021 10:35 AM, 1219 bytes, A Adds the file Register Advanced System Protector.lnk"="3/9/2021 10:35 AM, 1245 bytes, A Adds the file Uninstall Advanced System Protector.lnk"="3/9/2021 10:35 AM, 1168 bytes, A Adds the folder C:\ProgramData\Systweak\Advanced System Protector\signatures Adds the file completedatabase.db"="3/9/2021 10:38 AM, 263494656 bytes, A Adds the file Cookies.bin"="3/9/2021 10:38 AM, 233960 bytes, A Adds the file DigSign.bin"="3/9/2021 10:39 AM, 132248 bytes, A Adds the file FilePathFIX.bin"="3/9/2021 10:39 AM, 597664 bytes, A Adds the file FilePaths.bin"="3/9/2021 10:38 AM, 5840928 bytes, A Adds the file FileSignature.bin"="3/9/2021 10:38 AM, 39753240 bytes, A Adds the file Folders.bin"="3/9/2021 10:38 AM, 1688256 bytes, A Adds the file Md5.bin"="3/9/2021 10:39 AM, 129766720 bytes, A Adds the file Registry.bin"="3/9/2021 10:39 AM, 39293320 bytes, A Adds the file SetupSign.bin"="3/9/2021 10:39 AM, 13504 bytes, A Adds the file StrSetupSign.bin"="3/9/2021 10:39 AM, 1824 bytes, A Adds the folder C:\ProgramData\Systweak\Advanced System Protector\updates Adds the file 100oupdate.zip"="3/9/2021 10:37 AM, 67519 bytes, A Adds the file 3262completedatabase.zip"="3/9/2021 10:37 AM, 36169813 bytes, A Adds the file 4221mupdate.zip"="3/9/2021 10:37 AM, 108841406 bytes, A Adds the file 4222update.zip"="3/9/2021 10:37 AM, 413832 bytes, A Adds the file 4223update.zip"="3/9/2021 10:37 AM, 671671 bytes, A Adds the folder C:\ProgramData\Systweak\Advanced System Protector\yr Adds the file yrnp.txt"="3/9/2021 10:37 AM, 1283672 bytes, A Adds the folder C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector Adds the file aspcontexthelper64.dll"="12/16/2020 11:02 AM, 86776 bytes, A Adds the file ScanEngineErrorLog.txt"="3/9/2021 10:42 AM, 4898 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\Advanced System Protector Adds the file ASPLog.txt"="3/9/2021 10:42 AM, 4071 bytes, A Adds the file ASPStartupManagerErrorLog.txt"="3/9/2021 10:42 AM, 238 bytes, A Adds the file QDetail.db"="3/9/2021 10:36 AM, 16384 bytes, A Adds the file Settings.db"="3/9/2021 10:42 AM, 45056 bytes, A Adds the file Update.ini"="3/9/2021 10:36 AM, 3686 bytes, A Adds the file Utility_kit.ini"="3/9/2021 10:36 AM, 12408 bytes, A Adds the file yrscnloc.ini"="3/9/2021 10:39 AM, 748 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\Advanced System Protector\Logs Adds the file log_09-03-21_10-42-38.xml"="3/9/2021 10:42 AM, 92305 bytes, A Adds the file SMLog.xml"="3/9/2021 10:42 AM, 3046 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file Advanced System Protector.lnk"="3/9/2021 10:35 AM, 1201 bytes, A In the existing folder C:\Windows\System32 Adds the file sasnative64.exe"="12/16/2020 11:02 AM, 37112 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file Advanced System Protector"="3/9/2021 10:36 AM, 3740 bytes, A Adds the file Advanced System Protector_startup"="3/9/2021 10:36 AM, 3120 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced System Protector] "(Default)"="REG_SZ", "{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}\InProcServer32] "(Default)"="REG_SZ", "C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector\aspcontexthelper64.dll" "ThreadingModel"="REG_SZ", "Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Advanced System Protector] "(Default)"="REG_SZ", "{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}"="REG_SZ", "Scan with Advanced System Protector" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard] "CID"="REG_SZ", "1366989322" "CompanyID"="REG_DWORD", 1963947 "ProductCode"="REG_SZ", "{A22B8513-EA8C-46A1-9735-F5BE971C368D}" "referralid"="REG_SZ", "mzjv3r" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32] "ConsoleTracingMask"="REG_DWORD", -65536 "EnableConsoleTracing"="REG_DWORD", 0 "EnableFileTracing"="REG_DWORD", 0 "FileDirectory"="REG_EXPAND_SZ, "%windir%\tracing" "FileTracingMask"="REG_DWORD", -65536 "MaxFileSize"="REG_DWORD", 1048576 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS] "ConsoleTracingMask"="REG_DWORD", -65536 "EnableConsoleTracing"="REG_DWORD", 0 "EnableFileTracing"="REG_DWORD", 0 "FileDirectory"="REG_EXPAND_SZ, "%windir%\tracing" "FileTracingMask"="REG_DWORD", -65536 "MaxFileSize"="REG_DWORD", 1048576 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe" "DisplayName"="REG_SZ", "Advanced System Protector" "DisplayVersion"="REG_SZ", "2.3.1001.27010" "EstimatedSize"="REG_DWORD", 24004 "HelpLink"="REG_SZ", "http://www.systweak.com/antispyware/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector" "Inno Setup: Icon Group"="REG_SZ", "Advanced System Protector" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.9 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20210309" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector\" "MajorVersion"="REG_DWORD", 2 "MinorVersion"="REG_DWORD", 3 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Systweak Software" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Advanced System Protector\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Advanced System Protector\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.systweak.com/antispyware/" "VersionMajor"="REG_DWORD", 2 "VersionMinor"="REG_DWORD", 3 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\Advanced System Protector] "affiliateid"="REG_SZ", "" "afterInstallUrl"="REG_SZ", "http://powerbundle.systweak.com/ASP/firstinstall/?newasp=1&utm_content=AfterInstall&utm_term=Setup&page=install&" "BuyNowURL"="REG_SZ", "http://www.systweak.com/antispyware/price.asp?" "BuyNowURLADU"="REG_SZ", "http://powerbundle.systweak.com/pb/price/?pname=adu&" "BuyNowURLASP"="REG_SZ", "http://powerbundle.systweak.com/pb/price/?pname=asp&" "BuyNowURLPB"="REG_SZ", "http://powerbundle.systweak.com/PB/purchase/?pname=asp&" "BuyNowURLRCP"="REG_SZ", "http://powerbundle.systweak.com/pb/price/?pname=rcp&" "Expired"="REG_DWORD", 0 "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector" "isphone"="REG_SZ", "0" "IsScanOptional"="REG_DWORD", 1 "IsShowcaseDepOnUpdIni"="REG_DWORD", 0 "issilent"="REG_DWORD", 0 "Key"="REG_SZ", "" "MaxFixLimit"="REG_DWORD", 0 "NoLPHIconNeeded"="REG_DWORD", 1 "REGVER"="REG_DWORD", 0 "REGVER-UNINSTALL"="REG_DWORD", 0 "RenewNowURL"="REG_SZ", "http://www.systweak.com/antispyware/price.asp?renew=1&" "RenewNowURLADU"="REG_SZ", "http://powerbundle.systweak.com/pb/renewal/?pname=adu&" "RenewNowURLASP"="REG_SZ", "http://powerbundle.systweak.com/pb/renewal/?pname=asp&" "RenewNowURLPB"="REG_SZ", "http://powerbundle.systweak.com/PB/pbrenewal/?pname=asp&" "RenewNowURLRCP"="REG_SZ", "http://powerbundle.systweak.com/pb/renewal/?pname=rcp&" "showbc"="REG_DWORD", 0 "showfth"="REG_DWORD", 1 "showfthsetting"="REG_DWORD", 1 "showpb"="REG_DWORD", 0 "showsadtab"="REG_DWORD", 1 "showsm"="REG_DWORD", 1 "showutk"="REG_DWORD", 1 "support_email"="REG_SZ", "support@systweak.com" "TELNO"="REG_SZ", "" "TELNOFR"="REG_SZ", "" "utm_campaign"="REG_SZ", "default" "utm_cid"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "systweak" "x-at"="REG_SZ", "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\Advanced System Protector\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\aso3] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\Params] "ASPInstalledPath"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector" "TELNO"="REG_SZ", "" [HKEY_CURRENT_USER\Software\LogMeInRescueCallingCard] "CID"="REG_SZ", "1366989322" "CompanyID"="REG_DWORD", 1963947 "ProductCode"="REG_SZ", "{A22B8513-EA8C-46A1-9735-F5BE971C368D}" "referralid"="REG_SZ", "mzjv3r" [HKEY_CURRENT_USER\Software\Systweak\Advanced System Protector] "affiliateid"="REG_SZ", "" "CurrentScanTime"="REG_BINARY, ........ "Expired"="REG_DWORD", 0 "FirstInstallDate"="REG_SZ", "09-03-2021" "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector" "IsFreeCleanDone"="REG_DWORD", 0 "IsPN"="REG_DWORD", 1 "Key"="REG_SZ", "" "MaxFixLimit"="REG_DWORD", 0 "REGVER"="REG_DWORD", 0 "REGVER-UNINSTALL"="REG_DWORD", 0 "StrLastErrorsFixed"="REG_SZ", "0" "StrLastScanResults"="REG_SZ", "120" "TELNO"="REG_SZ", "" "TELNOFR"="REG_SZ", "" "utm_campaign"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "systweak" "x-at"="REG_SZ", "" "YrVer"="REG_SZ", "9" [HKEY_CURRENT_USER\Software\Systweak\Advanced System Protector\2.3.1001.27010] [HKEY_CURRENT_USER\Software\Systweak\Advanced System Protector\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Systweak\params] "ASPInstalledPath"="REG_SZ", "C:\Program Files (x86)\Advanced System Protector" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/9/21 Scan Time: 11:00 AM Log File: 4e028238-80be-11eb-ac31-080027235d76.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1173 Update Package Version: 1.0.37897 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username}-PC\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 233731 Threats Detected: 73 Threats Quarantined: 73 Time Elapsed: 3 min, 14 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe, Quarantined, 865, 235325, , , , , 6301DFF73EF84A4EB5F692DA1B1E71FA, F329AD8522CF53F9F54E645DE78F81E34D83AB3E459BA5108981F28960F6CABF Module: 6 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector\aspcontexthelper64.dll, Quarantined, 865, 180843, , , , , 5F10F8DDBAC1A9EE80E8D3220C734694, 5256B0448B24096FE9E9BCBA836D29DCFE150CE2FC8ADEC3BA80FA87EBE59F23 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe, Quarantined, 865, 235325, , , , , 6301DFF73EF84A4EB5F692DA1B1E71FA, F329AD8522CF53F9F54E645DE78F81E34D83AB3E459BA5108981F28960F6CABF PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\aspsys.dll, Quarantined, 865, 235325, , , , , A434AFF6DB455ABD89716A06AE943EF4, DCD19100E6FC0B15C8F329616A39BBEBA057886D22F6F849DC4079B987F8F086 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\libyara.NET.dll, Quarantined, 865, 235325, , , , , 1EA4074FFD052CD036B448EB0CD24951, AE5B261FB477DE62960435933258F31E75942709447B0083F537D834AA05A731 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\SQLite.Interop.dll, Quarantined, 865, 235325, , , , , 410EF665AD9D5D5FC9F4F26294CD250C, 79C6B707652656FF61AE6256B95165ECB93B172C5CBF4DF1D0B7AECD0FBC4189 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\unrar.dll, Quarantined, 865, 235325, , , , , FB9C090B1BCE9AD6A5E4A560DDD70AB9, 88D76D52423FC7F18CB5B3B87D3576540BBF4D8BD3A90A144AF3244FC6F09128 Registry Key: 12 PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advanced System Protector_startup, Quarantined, 865, 190115, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2AE2E3D-3A88-482F-B743-D48140E07ECD}, Quarantined, 865, 190115, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{D2AE2E3D-3A88-482F-B743-D48140E07ECD}, Quarantined, 865, 190115, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\CLSID\{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}, Quarantined, 865, 180843, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\CLSID\{00212D92-C5D8-4ff4-AE50-B20F0F85C40A}\InprocServer32, Quarantined, 865, 180843, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\FOLDER\SHELLEX\CONTEXTMENUHANDLERS\Advanced System Protector, Quarantined, 865, 326803, 1.0.37897, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advanced System Protector, Quarantined, 865, 235325, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1DBAD206-30B0-4BCB-B8E1-17C1EEC3BAEE}, Quarantined, 865, 235325, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{1DBAD206-30B0-4BCB-B8E1-17C1EEC3BAEE}, Quarantined, 865, 235325, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1, Quarantined, 865, 235325, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AdvancedSystemProtector_RASAPI32, Quarantined, 865, 246262, 1.0.37897, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AdvancedSystemProtector_RASMANCS, Quarantined, 865, 246262, 1.0.37897, , ame, , , Registry Value: 3 PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELL EXTENSIONS\APPROVED|{00212D92-C5D8-4FF4-AE50-B20F0F85C40A}, Quarantined, 865, 326804, 1.0.37897, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1DBAD206-30B0-4BCB-B8E1-17C1EEC3BAEE}|PATH, Quarantined, 865, 348601, 1.0.37897, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2AE2E3D-3A88-482F-B743-D48140E07ECD}|PATH, Quarantined, 865, 259033, 1.0.37897, , ame, , , Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 3 PUP.Optional.AdvancedSystemProtector, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Advanced System Protector, Quarantined, 865, 175380, 1.0.37897, , ame, , , PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\APPDATA\LOCAL\SYSTWEAK\ADVANCED SYSTEM PROTECTOR, Quarantined, 865, 180843, 1.0.37897, , ame, , , PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\LOCAL\SYSTWEAK, Quarantined, 857, 335041, 1.0.37897, , ame, , , File: 48 PUP.Optional.AdvancedSystemProtector, C:\USERS\PUBLIC\DESKTOP\ADVANCED SYSTEM PROTECTOR.LNK, Quarantined, 865, 190775, 1.0.37897, , ame, , 4039FB5EAB9ADEC34DEE932BC4F0A283, B5595C5120146A12EFC8B9EC1AED2E7951AA545B1F751208B8DFD85A7F0EB498 PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector.lnk, Quarantined, 865, 175380, , , , , 0AD9A3DE222AE2CD46253501372F78F8, 663F98858937B75C6E55ECE076FFFA71649DAF3B29CA3E604F37F643780C2521 PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Register Advanced System Protector.lnk, Quarantined, 865, 175380, , , , , EDCB1CEF7A61844CA017DF0F97D2E95E, 14434DDFCF681DFAAB65708CC19C8967E04251D668553337E906BA248E5EDCF0 PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Uninstall Advanced System Protector.lnk, Quarantined, 865, 175380, , , , , 60153BC9AFA94AE695D08AB9EA32DCF5, 31077607DE7A3D2EB9AF066F3C3B46AF9EDDB4BD7B923F6CA958E3B88669F2EF PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\ADVANCED SYSTEM PROTECTOR_STARTUP, Quarantined, 865, 190115, 1.0.37897, , ame, , F843AB34A2F48133B0F0DBB27D9F66BF, 2981E7653E90C5E42E131FF949051BBBF642DCF669AE5B7BEFF3E8854F755327 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector\aspcontexthelper64.dll, Quarantined, 865, 180843, , , , , 5F10F8DDBAC1A9EE80E8D3220C734694, 5256B0448B24096FE9E9BCBA836D29DCFE150CE2FC8ADEC3BA80FA87EBE59F23 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Local\Systweak\Advanced System Protector\ScanEngineErrorLog.txt, Quarantined, 865, 180843, , , , , CC6DF19650DA1E36A23AC92E185BEB5F, 77A7DA26A664866C487495EC852301B0F52100C7E7039DB0A15887579384CB25 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\ADVANCED SYSTEM PROTECTOR\LOADING_WITHWHITEBG.AVI, Quarantined, 865, 235325, 1.0.37897, , ame, , 583B036CE812CD9DF8A6BBB8B7B3116C, 60F4505028DD26E3FF5BBD86F6B3AD7B43A76616BD91D39AB95DA5535436FFA2 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe, Quarantined, 865, 235325, , , , , 6301DFF73EF84A4EB5F692DA1B1E71FA, F329AD8522CF53F9F54E645DE78F81E34D83AB3E459BA5108981F28960F6CABF PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.config, Quarantined, 865, 235325, , , , , BF0D2D9EF29EFB894B942640850C07D7, 253E70FDD35C79D2F6932810E08095C6CEFCEADE365FFFE5726FAF25B49C588B PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AppResource.dll, Quarantined, 865, 235325, , , , , 4E05AEBFD005900ECDB803C1C9419929, 83953D25F3CE3B47173E5010D073E990D5CFAE15B4A0F12B1941E4174917CDF7 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\asp.ico, Quarantined, 865, 235325, , , , , B901782363304EF68B5C6FB9919CD57A, 20A80FE27C1ECE224A476A81219442D9F2AC8CD6FF5A385858CDD78527E27CFC PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\AspManager.exe, Quarantined, 865, 235325, , , , , A34DCBA0A249CF482A9EB460EB8F4DAD, 9585328862E63F417692B85CEB76AC215F396F8EB955A86954379EC83B361C9C PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\aspsys.dll, Quarantined, 865, 235325, , , , , A434AFF6DB455ABD89716A06AE943EF4, DCD19100E6FC0B15C8F329616A39BBEBA057886D22F6F849DC4079B987F8F086 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\categories.ini, Quarantined, 865, 235325, , , , , F209C342E0373D5D28E7FF2D7FB5485B, 8CEDDEB44227B9A52B18A4461CDFCE5A51F9D680762163674B2F18764F312B5A PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Chinese_asp_ZH-CN.ini, Quarantined, 865, 235325, , , , , CAC354DA87D8A34384D36BA2FB43CE6D, 35E5F6480AB921A0D5232D7B61DC9F563CBA05507F1385374777B9D664433A07 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Communication.dll, Quarantined, 865, 235325, , , , , 145586B31AAB29222A10561FB0623A54, D11716FB0A173A2E304C902EF0B0F5E5CEB558A13AC0EAD6A248C36C79BD9F97 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\danish_asp_DA.ini, Quarantined, 865, 235325, , , , , BEC591D5B7AB929A285ED7412A595927, 8FECD4F0CC44378D7ACD734A0EEE60428E3AF4B32C9987E328202866BADC1A88 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\dutch_asp_NL.ini, Quarantined, 865, 235325, , , , , AE9D7A8FEB40CEA24C9F8AC1705995BF, 697B7BD93184E970C95030DE462C848DED1204DB94797B14377324D0999B0B6F PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\eng_asp_en.ini, Quarantined, 865, 235325, , , , , B2CBE6E3164E32ABE1272014E8F34969, 4BEE5F6FC0AE67118CCA1C066553FA707F84AE8A9B7C698F00C39978E6394B39 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Finnish_asp_FI.ini, Quarantined, 865, 235325, , , , , 62D1BE766EFD03899EFC3A355DC6C3EE, 0CF059E0256575D9A603F15A8350521D354C6D443937A757F84B0B657AD70864 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\french_asp_FR.ini, Quarantined, 865, 235325, , , , , CA67769FA2F5662650F3C526569C2909, 2179257C7849175ECAB2E1FF68902975A21EA2A8E134788BCCCF97EA4E3F8C04 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\german_asp_DE.ini, Quarantined, 865, 235325, , , , , 800EB123017C0CB84C1694213A82E376, 6F00FF2FB1B9818500A9833E9AACC5A16A81DDDB3BF336C147009E1972B96024 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Interop.IWshRuntimeLibrary.dll, Quarantined, 865, 235325, , , , , 11B908E39457E4F19FF4EEB89DB51BE2, 9A117FD7CF104DD5C9B1EC0A8DD2BF11BA22DA24D5641CDEA3247A37A8FD50A7 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\italian_asp_IT.ini, Quarantined, 865, 235325, , , , , D004BB33606E09706D25CA0FE2701200, 4A24D0DD69042A7EEC4F58CB6D8B27F47F0F7B0B94517E37E553507728A21BC0 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\japanese_asp_JA.ini, Quarantined, 865, 235325, , , , , 65AA587AF45D39CA8C378119F003789C, 92C9132309B756E5DBD482FAB9FE90FC5B317449F844FAF1D37734577C07D2FE PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\libyara.NET.dll, Quarantined, 865, 235325, , , , , 1EA4074FFD052CD036B448EB0CD24951, AE5B261FB477DE62960435933258F31E75942709447B0083F537D834AA05A731 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL, Quarantined, 865, 235325, , , , , 18F74320E012DB698B6D0FF12DB96C41, E3172941D24CFFEF645CFA4E0FB5D853BD021D0D78FC0DC36736D2D60E21CA35 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\norwegian_asp_NO.ini, Quarantined, 865, 235325, , , , , 47D122D60187ED6EFF26CC882DEB32B2, CB9EE77640518DC11C3DE89DEDE66C2189E0514BE4C5B297338D79C2543977C0 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\portuguese_asp_PT-BR.ini, Quarantined, 865, 235325, , , , , 59BE960D7D81EA4BA8B8E57DF24AB009, F8DFEC2E48D2D28D0C3CE70EA420FBD3D5B73B38EE570AC987ACF30A9BB99660 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Restartexp.exe, Quarantined, 865, 235325, , , , , DD403EB0F9E81FF7AD8BB787EA11EB8E, BC92F67C3CB5580D8D522A65F55FE05289091E8E87953ED92D8FE5E0567283E3 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\russian_asp_ru.ini, Quarantined, 865, 235325, , , , , B5F3B789A17BD1D9E6E6715FD97D10FC, 62BC0B0400AF3080D4A0C558F741C82E668149FEBB4AAF9B2E30E0EEA179AD4A PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\scandll.dll, Quarantined, 865, 235325, , , , , 1CDA43B5860D5FC397DAD63057184235, 1DCCD26F968E6B7E98F1EDAC2644C6E22E02EAEEF943E888073E19DD04D941E1 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\spanish_asp_ES.ini, Quarantined, 865, 235325, , , , , D5A8640DD83F9A9D39C2C205BD225B6C, 6D301A4081B44BA66632448A02E2467DF40F9EDAC23A887086F82240848A9DE5 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\SQLite.Interop.dll, Quarantined, 865, 235325, , , , , 410EF665AD9D5D5FC9F4F26294CD250C, 79C6B707652656FF61AE6256B95165ECB93B172C5CBF4DF1D0B7AECD0FBC4189 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\swedish_asp_SV.ini, Quarantined, 865, 235325, , , , , 5D2699E30E1D8CD5E89BFA2994C2BF7B, 171599D8C968FB5FFA8A7FBA754DBBAB8D1D4C62C0B622CE16BB384D6FCFF959 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll, Quarantined, 865, 235325, , , , , 4F41CA179DBFA86BD4F69AC884D4FE53, BA7821C8BE881793B63A0BBE2B7E557EA0CC26ECACC1A307F92785BC0D6A7666 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\unins000.dat, Quarantined, 865, 235325, , , , , 4BD7EC1601FDD47F30A363320A3A12B5, 2E6B82F244E7DF0B04A03CF0E8202E3D5219331C99720560993DA101BEA0AC57 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\unins000.exe, Quarantined, 865, 235325, , , , , 8F6AEAB86B9741C15A39CBBDDE3387CF, DA05C7762C04FF6A5F7EBC3EB6BAF0647F33AD9731E2416239BD8C690DA9F379 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\unins000.msg, Quarantined, 865, 235325, , , , , 5F38274FC51EC35B61E925153E26EF1C, 946195C199C2F798ED0AB3DC8AE4511BE30AD70E5FB994D677BEEE0AE249DEC8 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\unrar.dll, Quarantined, 865, 235325, , , , , FB9C090B1BCE9AD6A5E4A560DDD70AB9, 88D76D52423FC7F18CB5B3B87D3576540BBF4D8BD3A90A144AF3244FC6F09128 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll, Quarantined, 865, 235325, , , , , 2EC3E039C7E6BF0BB6B61C07B73E53B5, 18B5DAD4147D10688297DB79E886039F848AAA01DC6EF9215EE826653C947953 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.Formats.dll, Quarantined, 865, 235325, , , , , B241BCF74E2CD9728B9E17323A2646BA, FC96BEACBA9E4677C794C8B97CBABBAC6F4E54C0D08E14DC43E06F77E129F49F PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll, Quarantined, 865, 235325, , , , , 5AD9E53D3F71B34678FD9AE3C950A23E, 213FAFAE548A0CBE74CBC2ACA6706C7724FF42BA327627C59800D92606A4FD15 PUP.Optional.AdvancedSystemProtector, C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll, Quarantined, 865, 235325, , , , , 7DF3B1E40FBE285D3E4BD99F904DD337, F1544A24C4F6134D38C2801411D67FED6C7EF21D7606D5406EEEC387E08C1216 PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\Advanced System Protector, Quarantined, 865, 235325, , , , , 219120A1C11FBF47D91141BC68AF05EC, 4DAE5E5B07BD2ED31B2C6098C3C7A12FFF5D12D2856A943D965BE327EB8D441D PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\SASNATIVE64.EXE, Quarantined, 865, 364690, 1.0.37897, , ame, , 37A084D01376937989821A79174FEAC4, 4C77F19E08E13A3D4C0856F7139CF029B5EF65559111CBC18917B7D493769E83 PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\DESKTOP\ASPSETUP_SYSTWEAK-DEFAULT.EXE, Quarantined, 865, 326624, 1.0.37897, , ame, , 45D8F4B77FED6E930DEAE0BE48308EFE, 4C3FD3D5DDF24240AD6CE214F2FE779B76BC6B36858B8390F69B99DD3461C91D Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this potentially unwanted program. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.

What is K9-PCFixer? K9-PCFixer is a registry cleaner that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog. How do I know if I am affected by K9-PCFixer? This is how the main screen of the system optimizer looks: You will find these icons in your taskbar, your startmenu, and on your desktop: and see this type of windows during install: and this type of screens during operations: You may see this entry in your list of installed programs: and these tasks in your list of Scheduled Tasks: How did K9-PCFixer get on my computer? These so-called registry cleaners use different methods of getting installed. The website for this one is no longer available, but the programs is still offered in bundlers. How do I remove K9-PCFixer? Our program Malwarebytes can detect and remove this PUP. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of K9-PCFixer? No, Malwarebytes removes K9-PCFixer completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. What if I want to keep K9-PCFixer? Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you in dealing with this registry cleaner. As you can see below the full version of Malwarebytes would have warned you against the K9-PCFixer installer. Technical details for experts You may see these entries in FRST logs: (SUPER TUNEUP TECHNOLOGIES LLP -> K9Tools) C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe Task: {465B49A1-8C4D-4DE4-B050-21FCA4DC01EA} - System32\Tasks\K9-PCFixer_UPDATES => C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe [8187664 2015-03-09] (SUPER TUNEUP TECHNOLOGIES LLP -> K9Tools) Task: {4AF29C44-87EB-4F0D-84C2-888B2801BFD0} - System32\Tasks\K9-PCP => C:\Program Files (x86)\K9-PCFixer\k9schedule.exe [607608 2015-03-09] (SUPER TUNEUP TECHNOLOGIES LLP -> K9Tools) Task: {8045A3E0-0AEF-4EC9-A9B4-C606535DEBD7} - System32\Tasks\K9-PCFixer => C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe [8187664 2015-03-09] (SUPER TUNEUP TECHNOLOGIES LLP -> K9Tools) Task: {A0EBD465-E4CE-4065-BE74-9CE2D4854968} - System32\Tasks\K9-PCFixer_DEFAULT => C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe [8187664 2015-03-09] (SUPER TUNEUP TECHNOLOGIES LLP -> K9Tools) Task: C:\Windows\Tasks\K9-PCFixer_DEFAULT.job => C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe Task: C:\Windows\Tasks\K9-PCFixer_UPDATES.job => C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe C:\Users\{username}\AppData\Roaming\K9-PCFixer C:\Windows\system32\Tasks\K9-PCP C:\Windows\system32\Tasks\K9-PCFixer C:\Windows\system32\Tasks\K9-PCFixer_UPDATES C:\Windows\system32\Tasks\K9-PCFixer_DEFAULT C:\ProgramData\Desktop\K9-PCFixer.lnk C:\Windows\Tasks\K9-PCFixer_UPDATES.job C:\Windows\Tasks\K9-PCFixer_DEFAULT.job C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K9-PCFixer C:\Program Files (x86)\K9-PCFixer () C:\Windows\system32\roboot64.exe (K9 Tools ) C:\Users\{username}\Downloads\k9-pcfixer.exe ( ) C:\Users\{username}\Desktop\k9-pcfixer_QwuQ-B1.exe C:\Users\{username}\AppData\Roaming\SimpleStar K9 PCFixer (HKLM-x32\...\K9 PCFixer_is1) (Version: 1.8 - K9 Tools) Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\K9-PCFixer Adds the file CleanSchedule.exe"="3/9/2015 6:37 PM, 116496 bytes, A Adds the file FileList.rcp"="12/26/2014 6:56 PM, 13434 bytes, A Adds the file install_left_image.bmp"="12/23/2014 1:54 PM, 156296 bytes, A Adds the file isxdl.dll"="3/9/2015 6:37 PM, 156944 bytes, A Adds the file K9-PCFixer.exe"="3/9/2015 6:37 PM, 8187664 bytes, A Adds the file K9-PCFUninstall.exe"="3/9/2015 6:37 PM, 553232 bytes, A Adds the file k9schedule.exe"="3/9/2015 6:37 PM, 607608 bytes, A Adds the file RegList.rcp"="12/26/2014 6:56 PM, 91722 bytes, A Adds the file TPS.ico"="12/12/2014 1:32 PM, 34494 bytes, A Adds the file TraditionalCn_rcp_zh-tw.ini"="12/23/2014 12:05 PM, 49198 bytes, A Adds the file traditionalcn_uninst_zh-tw.ini"="12/12/2014 1:32 PM, 2692 bytes, A Adds the file unins000.dat"="2/24/2021 9:05 AM, 49545 bytes, A Adds the file unins000.exe"="2/24/2021 9:04 AM, 1209616 bytes, A Adds the file unins000.msg"="2/24/2021 9:05 AM, 22701 bytes, A Adds the file xmllite.dll"="12/12/2014 1:31 PM, 126976 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K9-PCFixer Adds the file K9-PCFixer.lnk"="2/24/2021 9:05 AM, 1049 bytes, A Adds the file Register K9-PCFixer.lnk"="2/24/2021 9:05 AM, 1075 bytes, A Adds the file Uninstall K9-PCFixer.lnk"="2/24/2021 9:05 AM, 1055 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\K9-PCFixer Adds the file backup6.bin"="2/24/2021 9:05 AM, 733 bytes, A Adds the file eng_rcp.dat"="2/24/2021 9:05 AM, 32700 bytes, A Adds the file log_02-24-2021.log"="2/24/2021 9:05 AM, 0 bytes, A Adds the file results.rcp"="2/24/2021 9:06 AM, 27266 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\SimpleStar\Simple Malware Protector In the existing folder C:\Users\{username}\Desktop Adds the file k9-pcfixer_QwuQ-B1.exe"="2/24/2021 9:03 AM, 2550808 bytes, A In the existing folder C:\Users\{username}\Downloads Adds the file k9-pcfixer.exe"="2/24/2021 9:04 AM, 3551552 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file K9-PCFixer.lnk"="2/24/2021 9:05 AM, 1031 bytes, A In the existing folder C:\Windows\System32 Adds the file roboot64.exe"="3/9/2015 6:37 PM, 19728 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file K9-PCFixer"="2/24/2021 9:05 AM, 3096 bytes, A Adds the file K9-PCFixer_DEFAULT"="2/24/2021 9:05 AM, 2888 bytes, A Adds the file K9-PCFixer_UPDATES"="2/24/2021 9:05 AM, 3044 bytes, A Adds the file K9-PCP"="2/24/2021 9:05 AM, 3338 bytes, A In the existing folder C:\Windows\Tasks Adds the file K9-PCFixer_DEFAULT.job"="2/24/2021 9:05 AM, 278 bytes, A Adds the file K9-PCFixer_UPDATES.job"="2/24/2021 9:05 AM, 286 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures] "K9-PCFixer_DEFAULT.job"="REG_BINARY, ................................ "K9-PCFixer_DEFAULT.job.fp"="REG_DWORD", 808380961 "K9-PCFixer_UPDATES.job"="REG_BINARY, ................................ "K9-PCFixer_UPDATES.job.fp"="REG_DWORD", 178312179 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\K9\PC\Fixer\Key\6] "(Default)"="REG_BINARY, ........................................................................................................... [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\K9-PCFixer] "AppVersion"="REG_SZ", "1.8.243.209" "aspurl"="REG_SZ", "http://d2uu7l47sbf1ja.cloudfront.net/k9pcp/k9pcp_default.exe" "Expired"="REG_DWORD", 0 "FirstTimeASPFired"="REG_DWORD", 1 "InstallASP"="REG_DWORD", 1 "LaunchASP"="REG_DWORD", 1 "MaxFixLimit"="REG_DWORD", 15 "RCPURL"="REG_SZ", "http://www.k9pcfixer.com/pcfixer/price.asp?utm_source=site&utm_campaign=default&utm_medium=newbuild" "RENEWALURL"="REG_SZ", "http://www.k9pcfixer.com/pcfixer/renewal.asp?utm_source=site&utm_campaign=default&utm_medium=newbuild" "TELNO"="REG_SZ", "(855) 716-7017" "utm_campaign"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "site" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\K9-PCFixer\LANG] "LangID"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\K9Tools\Params] "affiliateid"="REG_SZ", "" "delayASP"="REG_DWORD", 1 "utm_campaign"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "site" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\K9 PCFixer_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\K9-PCFixer\K9-PCFixer.exe" "DisplayName"="REG_SZ", "K9 PCFixer" "DisplayVersion"="REG_SZ", "1.8" "EstimatedSize"="REG_DWORD", 12759 "HelpLink"="REG_SZ", "http://www.k9pcfixer.com/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\K9-PCFixer" "Inno Setup: Icon Group"="REG_SZ", "K9-PCFixer" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.5 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20210224" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\K9-PCFixer\" "MajorVersion"="REG_DWORD", 1 "MinorVersion"="REG_DWORD", 8 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "K9 Tools" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\K9-PCFixer\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\K9-PCFixer\unins000.exe" /silent" "URLInfoAbout"="REG_SZ", "http://www.k9pcfixer.com/" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application] "AutoBackupLogFiles"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Simple Malware Protector] "EventMessageFile"="REG_EXPAND_SZ, "C:\Windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll" [HKEY_CURRENT_USER\Software\K9\PC\Fixer\Key\6] "(Default)"="REG_BINARY, .................................................................................................................... [HKEY_CURRENT_USER\Software\K9-PCFixer] "AutoRepair"="REG_DWORD", 0 "ConfirmBkUps"="REG_DWORD", 1 "CurrentScanTime"="REG_BINARY, ........ "ErrorCount"="REG_DWORD", 68 "FirstRun"="REG_DWORD", 1 "GoToSystemTrayOnClose"="REG_DWORD", 0 "ImprovementProgram"="REG_DWORD", 1 "NumTimesRCPRunned"="REG_DWORD", 1 "RegErrFoundTillDate"="REG_DWORD", 0 "RegErrsFixedLast"="REG_DWORD", 0 "RegErrsFixedTillDate"="REG_DWORD", 0 "ScheduledTime"="REG_SZ", "" "SetChkDontShowRedTrayPopup"="REG_DWORD", 0 "SetChkREmovableMedia"="REG_DWORD", 1 "SetChkSkipEmptyKeys"="REG_DWORD", 1 "SetEnableSound"="REG_DWORD", 1 "StartAutoScanOnLaunch"="REG_DWORD", 0 "StartAutoScanPMUI"="REG_DWORD", 0 "StartAutoTutorial"="REG_DWORD", 1 "StartMinimized"="REG_DWORD", 0 "StartScan"="REG_DWORD", 0 "StartWhenWinBoots"="REG_DWORD", 1 "StrLastOptimizeTime"="REG_SZ", "" "StrLastScan"="REG_SZ", "Wed. February 24, 2021. 09:06 AM" "StrLastScanResults"="REG_SZ", "68" "StrLastStartupOpt"="REG_SZ", "" "StrLatestRegDefrag"="REG_SZ", "" "StrLatestRestorePoint"="REG_SZ", "" [HKEY_CURRENT_USER\Software\K9-PCFixer\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 2/24/21 Scan Time: 9:15 AM Log File: 86dfaafe-7678-11eb-a3c7-080027235d76.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1173 Update Package Version: 1.0.37425 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username}-PC\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 233361 Threats Detected: 37 Threats Quarantined: 36 Time Elapsed: 3 min, 49 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\K9-PCFIXER\K9-PCFIXER.EXE, Quarantined, 541, 886280, , , , , E1E81F084D7FB244F664C83A652BA0D0, 3400723D3A550400313E0B8F7F57364A02B6C8AA59E3C07DD339EF53DD2B4F0E Module: 1 PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\K9-PCFIXER\K9-PCFIXER.EXE, Quarantined, 541, 886280, , , , , E1E81F084D7FB244F664C83A652BA0D0, 3400723D3A550400313E0B8F7F57364A02B6C8AA59E3C07DD339EF53DD2B4F0E Registry Key: 16 PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\K9-PCFixer, Quarantined, 541, 886287, 1.0.37425, , ame, , , PUP.Optional.AdvancedSystemProtector, HKCU\SOFTWARE\K9-PCFixer, Quarantined, 541, 886289, 1.0.37425, , ame, , , PUP.Optional.AdvancedSystemProtector, HKCU\SOFTWARE\K9\PC\Fixer, Quarantined, 541, 886290, 1.0.37425, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\K9\PC\Fixer, Quarantined, 541, 886286, 1.0.37425, , ame, , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\K9-PCFixer_DEFAULT, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A0EBD465-E4CE-4065-BE74-9CE2D4854968}, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{A0EBD465-E4CE-4065-BE74-9CE2D4854968}, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\K9-PCP, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4AF29C44-87EB-4F0D-84C2-888B2801BFD0}, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{4AF29C44-87EB-4F0D-84C2-888B2801BFD0}, Quarantined, 541, 886284, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\K9-PCFixer, Quarantined, 541, 886280, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8045A3E0-0AEF-4EC9-A9B4-C606535DEBD7}, Quarantined, 541, 886280, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{8045A3E0-0AEF-4EC9-A9B4-C606535DEBD7}, Quarantined, 541, 886280, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\K9-PCFixer_UPDATES, Quarantined, 541, 886280, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{465B49A1-8C4D-4DE4-B050-21FCA4DC01EA}, Quarantined, 541, 886280, , , , , , PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{465B49A1-8C4D-4DE4-B050-21FCA4DC01EA}, Quarantined, 541, 886280, , , , , , Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 1 PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\APPDATA\ROAMING\K9-PCFIXER, Removal Failed, 541, 886283, 1.0.37425, , ame, , , File: 18 PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, Quarantined, 2881, 395666, 1.0.37425, , ame, , CB134A73A439669F0C7D5C074D70B412, 0B674CB506BC93C63965BA3E70918B2D21DFED6CD75AA8672F26D9D98431C973 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Roaming\K9-PCFixer\backup6.bin, Quarantined, 541, 886283, , , , , 6CBDFA4EF463B5D015AFC5CDC17B5C38, E34EF16ED63052F64ACF0765DF51F2414C829B37C697ACE295C19E139BF246C4 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Roaming\K9-PCFixer\eng_rcp.dat, Quarantined, 541, 886283, , , , , D5CC56D57C0D3B931C33F4B1CE748D43, 634402B60C3A6C8D250A700846391C3C8A15B0FFF687ED27692085F78301A088 PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Roaming\K9-PCFixer\log_02-24-2021.log, Quarantined, 541, 886283, , , , , EB7D371AA461E39851FF476E2DBACB84, 6100D32BFD6B2DBC408EE15BCBBBFE8DE5D946B4130974A0E1CA85CDA8CF3F4F PUP.Optional.AdvancedSystemProtector, C:\Users\{username}\AppData\Roaming\K9-PCFixer\results.rcp, Quarantined, 541, 886283, , , , , 3F80BC3D5D4D73FFF4D4A025446B5A8A, 9B7D2612DB6F0FE3DB72ABA026AB33C512722125CFAE6C575018DF881C7511BF PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\TASKS\K9-PCFixer_DEFAULT.job, Quarantined, 541, 886284, , , , , 8CE629CA2E1F60D9BC64F50693AD8C7F, 7E5E3D5B7289AEB3B0B1544B88272653D16208505A09A12032ADC1D596BB49AA PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\K9-PCFixer_DEFAULT, Quarantined, 541, 886284, 1.0.37425, , ame, , 05E78681F070782746B32B85018B301A, F62F004140856C1C8F185232C4D1DE9A66FFEE4E28DD3D5DD7FE06D3DBD64D20 PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\K9-PCP, Quarantined, 541, 886284, 1.0.37425, , ame, , EE75E9A7708CC879AF6897AACFD50B99, 1894015D5DC75BE3E9434FA5F97180A0C85B24C95B0561C434CF9732D68BF7DB PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\K9-PCFixer, Quarantined, 541, 886280, , , , , 374B1411CF739F7A02DDA3E2DB38F609, 664EC84AF5F4399DAC33A8853611FD77A1AFB18F39F941D66EC43A2A1627AAFD PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\TASKS\K9-PCFixer_UPDATES.job, Quarantined, 541, 886280, , , , , BF745A82D3C1551D652CC9E410B3473A, 5345581391CDCBD5A90D7CC23075F2967E28EB50D5CAEAEE727B42778CA299FB PUP.Optional.AdvancedSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\K9-PCFixer_UPDATES, Quarantined, 541, 886280, , , , , EA1E1716576D39DAE9CE9AD50C1E4E41, 36DAF44CDD61DC78BE1590CBACF0341E5CB3C35784C506BAAA7F3C99C7E8E86F PUP.Optional.AdvancedSystemProtector, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\K9-PCFixer.lnk, Quarantined, 541, 886280, , , , , 74D71FAFD47B4CCB9BB095125584C356, BA46E58061F1C420AA57942E4E09A2CECAA19405672235E296218F5D608F1BFC PUP.Optional.AdvancedSystemProtector, C:\PROGRAM FILES (X86)\K9-PCFIXER\K9-PCFIXER.EXE, Quarantined, 541, 886280, 1.0.37425, F0CCB8FDE1613214406FA151, dds, 01128759, E1E81F084D7FB244F664C83A652BA0D0, 3400723D3A550400313E0B8F7F57364A02B6C8AA59E3C07DD339EF53DD2B4F0E PUP.Optional.SysTweak, C:\PROGRAM FILES (X86)\K9-PCFIXER\CLEANSCHEDULE.EXE, Quarantined, 2881, 310352, 1.0.37425, , ame, , ADD9853C7FADC61255F4CEB403A210E4, D9ADFC3AC5CD8FDEF98B3F48218D51D104FF6A947557641C1069AD8A24489EAC PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\DESKTOP\MALWAREPROTECTOR.EXE, Quarantined, 541, 911866, 1.0.37425, , ame, , 20B90A718CF55D95616A79342DBA5D06, C88800519501E455CF6A45CD88776E54CE094A90B03312CF5ACBC796932E3A42 Generic.Malware/Suspicious, C:\USERS\{username}\DOWNLOADS\K9-PCFIXER.EXE, Quarantined, 0, 392686, 1.0.37425, , shuriken, , 2672EA75CA6E136CAC7AE0156C6343F5, 899714C40EC2EFD1205726231B6A29F062B61D4A01BACD10EC80A9480A3143D7 PUP.Optional.InstallCore.Generic, C:\USERS\{username}\DESKTOP\K9-PCFIXER_QWUQ-B1.EXE, Quarantined, 9665, 511908, 1.0.37425, , ame, , 8013CA3E372D0A31C2944B502828EC3C, 063840AB837FC5B03A8477ECB4403A8416447F2D34EE9B01841EEA3BE6A9B606 PUP.Optional.AdvancedSystemProtector, C:\USERS\{username}\DOWNLOADS\MALWAREPROTECTOR.EXE, Quarantined, 541, 911866, 1.0.37425, , ame, , 20B90A718CF55D95616A79342DBA5D06, C88800519501E455CF6A45CD88776E54CE094A90B03312CF5ACBC796932E3A42 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this potentially unwanted program. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.

What is Disk Speedup?Disk Speedup is a system optimizer that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog.How do I know if I am affected by Disk Speedup?This is how the main screen of the system optimizer looks:You will find these icons in your taskbar, your startmenu, and on your desktop:and see this type of windows during install:and these type of screens during operations:You may see this entry in your list of installed programs:How did Disk Speedup get on my computer?These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website.How do I remove Disk Speedup?Our program Malwarebytes can detect and remove this PUP. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of Disk Speedup? No, Malwarebytes removes Disk Speedup completely. What if I want to keep Disk Speedup?Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access.How would the full version of Malwarebytes help protect me?We hope our application and this guide have helped you in dealing with this system optimizer.As you can see below the full version of Malwarebytes would have warned you against the Disk Speedup installer. Technical details for expertsYou may see these entries in FRST logs: (SYSTWEAK SOFTWARE PVT. LTD. -> Systweak Software.) C:\Program Files (x86)\Disk Speedup\DSU.exe (SYSTWEAK SOFTWARE PVT. LTD. -> Systweak Software.) C:\Program Files (x86)\Disk Speedup\DSUDefragSrv64.exe R2 DSUDiskOptimizer; C:\Program Files (x86)\Disk Speedup\DSUDefragSrv64.exe [700328 2020-03-16] (SYSTWEAK SOFTWARE PVT. LTD. -> Systweak Software.) (Copyright © 1999 - 2020 Systweak Software, All rights rese ) C:\Users\{username}\Downloads\dsusetup_systweak-default.exe C:\Users\Public\Desktop\Disk Speedup.lnk C:\ProgramData\Desktop\Disk Speedup.lnk C:\Users\{username}\AppData\Roaming\Systweak C:\ProgramData\Systweak C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disk Speedup C:\Program Files (x86)\Disk Speedup Disk Speedup (HKLM-x32\...\{FC7E771F-8170-4573-825D-EDB6723C804F}_is1) (Version: 3.4.1.18061 - Copyright (C) 1999 - 2020 Systweak Software, All rights reserved.) <==== ATTENTION Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Disk Speedup Adds the file AsInvoker.exe"="3/16/2020 12:27 PM, 500136 bytes, A Adds the file asohtm.dll"="3/16/2020 12:27 PM, 326568 bytes, A Adds the file asores.dll"="3/16/2020 12:27 PM, 8940968 bytes, A Adds the file atl90.dll"="2/20/2014 7:00 PM, 161784 bytes, A Adds the file DSU.exe"="3/16/2020 12:27 PM, 3006376 bytes, A Adds the file DSUDefragServiceManager.exe"="3/16/2020 12:27 PM, 507304 bytes, A Adds the file DSUDefragSrv.exe"="3/16/2020 12:27 PM, 677800 bytes, A Adds the file DSUDefragSrv64.exe"="3/16/2020 12:27 PM, 700328 bytes, A Adds the file DSUHelper.dll"="3/16/2020 12:27 PM, 842664 bytes, A Adds the file dsusys.dll"="3/16/2020 12:27 PM, 1300392 bytes, A Adds the file HighestAvailable.exe"="3/16/2020 12:27 PM, 500136 bytes, A Adds the file KillDSUProcesses.exe"="3/16/2020 12:27 PM, 510376 bytes, A Adds the file lang.lng"="1/12/2021 9:21 AM, 1616 bytes, A Adds the file license.txt"="2/20/2014 7:00 PM, 19617 bytes, A Adds the file MFC90CHS.dll"="2/20/2014 7:00 PM, 38912 bytes, A Adds the file MFC90CHT.dll"="2/20/2014 7:00 PM, 39936 bytes, A Adds the file MFC90DEU.dll"="2/20/2014 7:00 PM, 66560 bytes, A Adds the file MFC90ENU.dll"="2/20/2014 7:00 PM, 56832 bytes, A Adds the file MFC90ESN.dll"="2/20/2014 7:00 PM, 65024 bytes, A Adds the file MFC90ESP.dll"="2/20/2014 7:00 PM, 65024 bytes, A Adds the file MFC90FRA.dll"="2/20/2014 7:00 PM, 66048 bytes, A Adds the file MFC90ITA.dll"="2/20/2014 7:00 PM, 64512 bytes, A Adds the file MFC90JPN.dll"="2/20/2014 7:00 PM, 46592 bytes, A Adds the file MFC90KOR.dll"="2/20/2014 7:00 PM, 46080 bytes, A Adds the file mfc90u.dll"="2/20/2014 7:00 PM, 3783672 bytes, A Adds the file Microsoft.VC90.ATL.manifest"="2/20/2014 7:00 PM, 353 bytes, A Adds the file Microsoft.VC90.CRT.manifest"="2/20/2014 7:00 PM, 391 bytes, A Adds the file Microsoft.VC90.MFC.manifest"="2/20/2014 7:00 PM, 349 bytes, A Adds the file Microsoft.VC90.MFCLOC.manifest"="2/20/2014 7:00 PM, 670 bytes, A Adds the file msvcp90.dll"="2/20/2014 7:00 PM, 572928 bytes, A Adds the file msvcr90.dll"="2/20/2014 7:00 PM, 655872 bytes, A Adds the file RequireAdministrator.exe"="3/16/2020 12:27 PM, 500136 bytes, A Adds the file unins000.dat"="1/12/2021 9:21 AM, 49409 bytes, A Adds the file unins000.exe"="1/12/2021 9:20 AM, 1609128 bytes, A Adds the file unins000.msg"="1/12/2021 9:21 AM, 22701 bytes, A Adds the folder C:\Program Files (x86)\Disk Speedup\DA Adds the file aso.ini"="7/27/2018 7:07 PM, 144884 bytes, A Adds the file client.ini"="9/2/2013 12:56 PM, 13164 bytes, A Adds the file DiskOpt.ini"="7/27/2018 6:26 PM, 131868 bytes, A Adds the folder C:\Program Files (x86)\Disk Speedup\DE Adds the file aso.ini"="7/27/2018 7:07 PM, 160248 bytes, A Adds the file client.ini"="7/27/2018 7:07 PM, 14086 bytes, A Adds the file DiskOpt.ini"="7/27/2018 6:26 PM, 144498 bytes, A Adds the folder C:\Program Files (x86)\Disk Speedup\DefragReport Adds the file footer_left.jpg"="2/20/2014 7:00 PM, 12907 bytes, A Adds the file footer_middle.jpg"="2/20/2014 7:00 PM, 10144 bytes, A Adds the file footer_right.jpg"="2/20/2014 7:00 PM, 12994 bytes, A Adds the file left_border.jpg"="2/20/2014 7:00 PM, 12323 bytes, A Adds the file line3px_Blue.jpg"="2/20/2014 7:00 PM, 11194 bytes, A Adds the file Report_header_left_image.jpg"="2/20/2014 7:00 PM, 15910 bytes, A Adds the file Report_header_leftText.jpg"="2/20/2014 7:00 PM, 17758 bytes, A Adds the file Report_header_top_middle.jpg"="2/20/2014 7:00 PM, 9394 bytes, A Adds the file Report_header_top_right.jpg"="2/20/2014 7:00 PM, 15408 bytes, A Adds the file right_border.jpg"="2/20/2014 7:00 PM, 12306 bytes, A Adds the folder C:\Program Files (x86)\Disk Speedup\ENG Adds the file aso.ini"="12/27/2018 2:56 PM, 138072 bytes, A Adds the file client.ini"="8/14/2018 7:14 PM, 12158 bytes, A Adds the file DiskOpt.ini"="1/9/2019 11:43 AM, 129696 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disk Speedup Adds the file Disk Speedup.lnk"="1/12/2021 9:21 AM, 1321 bytes, A Adds the file Register Disk Speedup.lnk"="1/12/2021 9:21 AM, 1048 bytes, A Adds the file Uninstall Disk Speedup.lnk"="1/12/2021 9:21 AM, 1145 bytes, A Adds the folder C:\ProgramData\Systweak\DSU\Disk SpeedUp\DefragReport Adds the file footer_left.jpg"="2/20/2014 7:00 PM, 12907 bytes, A Adds the file footer_middle.jpg"="2/20/2014 7:00 PM, 10144 bytes, A Adds the file footer_right.jpg"="2/20/2014 7:00 PM, 12994 bytes, A Adds the file left_border.jpg"="2/20/2014 7:00 PM, 12323 bytes, A Adds the file line3px_Blue.jpg"="2/20/2014 7:00 PM, 11194 bytes, A Adds the file Report_header_left_image.jpg"="2/20/2014 7:00 PM, 15910 bytes, A Adds the file Report_header_leftText.jpg"="2/20/2014 7:00 PM, 17758 bytes, A Adds the file Report_header_top_middle.jpg"="2/20/2014 7:00 PM, 9394 bytes, A Adds the file Report_header_top_right.jpg"="2/20/2014 7:00 PM, 15408 bytes, A Adds the file right_border.jpg"="2/20/2014 7:00 PM, 12306 bytes, A In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch Adds the file Disk Speedup.lnk"="1/12/2021 9:21 AM, 1028 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\DSU\Disk SpeedUp In the existing folder C:\Users\Public\Desktop Adds the file Disk Speedup.lnk"="1/12/2021 9:21 AM, 1303 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC7E771F-8170-4573-825D-EDB6723C804F}_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Disk Speedup\DSU.exe" "DisplayName"="REG_SZ", "Disk Speedup" "DisplayVersion"="REG_SZ", "3.4.1.18061" "EstimatedSize"="REG_DWORD", 168900 "HelpLink"="REG_SZ", "http://www.systweak.com/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Disk Speedup" "Inno Setup: Icon Group"="REG_SZ", "Disk Speedup" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.6 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20210112" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Disk Speedup\" "MajorVersion"="REG_DWORD", 3 "MinorVersion"="REG_DWORD", 4 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Copyright (C) 1999 - 2020 Systweak Software, All rights reserved." "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Disk Speedup\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Disk Speedup\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.systweak.com/" "URLUpdateInfo"="REG_SZ", "http://www.systweak.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\DSU] "ASO3AFFILIATE"="REG_SZ", "" "ASO3CAM"="REG_SZ", "default" "ASOBUILDFOR"="REG_SZ", "systweak" "KeyExpired"="REG_DWORD", 0 "support_email"="REG_SZ", "support@systweak.com" "TELNO"="REG_SZ", "" "TELNOFR"="REG_SZ", "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\DSU\Disk SpeedUp] "BuyNowURL"="REG_SZ", "http://www.systweak.com/diskspeedup/price.asp?" "ReNewURL"="REG_SZ", "http://www.systweak.com/diskspeedup/renewal.asp?" "TrialType"="REG_DWORD", 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\DSU\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DSUDiskOptimizer] "DisplayName"="REG_SZ", "DSUDiskOptimizer" "ErrorControl"="REG_DWORD", 1 "ImagePath"="REG_EXPAND_SZ, "C:\Program Files (x86)\Disk Speedup\DSUDefragSrv64.exe" "ObjectName"="REG_SZ", "LocalSystem" "Start"="REG_DWORD", 2 "Type"="REG_DWORD", 16 [HKEY_CURRENT_USER\Software\Systweak\DSU] "ASO3AFFILIATE"="REG_SZ", "" "ASO3CAM"="REG_SZ", "default" "ASOBUILDFOR"="REG_SZ", "systweak" "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Disk Speedup" "KeyExpired"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Systweak\DSU\Disk SpeedUp\Disk Speedup - Disk SpeedUp\Advanced] [HKEY_CURRENT_USER\Software\Systweak\DSU\Disk SpeedUp\Disk Speedup - Disk SpeedUp\LocationDrives] [HKEY_CURRENT_USER\Software\Systweak\DSU\Disk SpeedUp\Disk Speedup - Disk SpeedUp\LocationFolders] "0"="REG_SZ", "C:\Windows\Temp" "1"="REG_SZ", "C:\Users\{username}\AppData\Local\Temp" [HKEY_CURRENT_USER\Software\Systweak\DSU\Disk SpeedUp\Disk Speedup - Disk SpeedUp\Removal] [HKEY_CURRENT_USER\Software\Systweak\DSU\Disk SpeedUp\Disk Speedup - Disk SpeedUp\Settings] [HKEY_CURRENT_USER\Software\Systweak\DSU\Disk SpeedUp\FilesToSearch] "SEARCH_ALL_FILES"="REG_DWORD", 1 "SEARCH_COMPRESSED_FILES"="REG_DWORD", 1 "SEARCH_IMAGE_FILES"="REG_DWORD", 1 "SEARCH_MUSIC_FILES"="REG_DWORD", 1 "SEARCH_OFFICE_DOCUMENTS"="REG_DWORD", 1 "SEARCH_VIDEO_FILES"="REG_DWORD", 1 [HKEY_CURRENT_USER\Software\Systweak\DSU\Disk SpeedUp\FindOptions] "CRCSIZELIMIT"="REG_DWORD", 1 "FILECRC"="REG_DWORD", 0 "FILENAME"="REG_DWORD", 1 "FILESIZE"="REG_DWORD", 1 "FILETIME"="REG_DWORD", 1 [HKEY_CURRENT_USER\Software\Systweak\DSU\Disk SpeedUp\IgnoreList] "*disk speedup*"="REG_SZ", "" "*systweak*"="REG_SZ", "" "c:\users\{username}\appdata\local\microsoft\windows\burn\burn*"="REG_SZ", "" "c:\users\{username}\appdata\roaming\microsoft\windows\network shortcuts*"="REG_SZ", "" "c:\users\{username}\appdata\roaming\microsoft\windows\printer shortcuts*"="REG_SZ", "" "c:\users\{username}\appdata\roaming\microsoft\windows\sendto*"="REG_SZ", "" "c:\users\{username}\favorites*"="REG_SZ", "" [HKEY_CURRENT_USER\Software\Systweak\DSU\Disk SpeedUp\MaskList] "*.---"="REG_DWORD", 1 "*.$$$"="REG_DWORD", 1 "*.$db"="REG_DWORD", 1 "*.?$?"="REG_DWORD", 0 "*.??$"="REG_DWORD", 1 "*.??~"="REG_DWORD", 1 "*.?~?"="REG_DWORD", 0 "*.^"="REG_DWORD", 0 "*.___"="REG_DWORD", 1 "*._dd"="REG_DWORD", 0 "*._detmp"="REG_DWORD", 0 "*._mp"="REG_DWORD", 1 "*.~*"="REG_DWORD", 1 "*.~mp"="REG_DWORD", 1 "*.aps"="REG_DWORD", 0 "*.bak"="REG_DWORD", 0 "*.chk"="REG_DWORD", 1 "*.db$"="REG_DWORD", 1 "*.dmp"="REG_DWORD", 1 "*.err"="REG_DWORD", 0 "*.ftg"="REG_DWORD", 0 "*.fts"="REG_DWORD", 1 "*.gid"="REG_DWORD", 1 "*.ilk"="REG_DWORD", 0 "*.log"="REG_DWORD", 0 "*.ncb"="REG_DWORD", 0 "*.nch"="REG_DWORD", 0 "*.old"="REG_DWORD", 1 "*.pch"="REG_DWORD", 0 "*.prv"="REG_DWORD", 0 "*.sik"="REG_DWORD", 0 "*.temp"="REG_DWORD", 1 "*.tmp"="REG_DWORD", 1 "*.wbk"="REG_DWORD", 0 "*log.txt"="REG_DWORD", 0 "~*.*"="REG_DWORD", 1 "0*.nch"="REG_DWORD", 0 "chklist.*"="REG_DWORD", 1 "CHKLIST.MS"="REG_DWORD", 0 "mscreate.dir"="REG_DWORD", 1 "thumbs.db"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Systweak\DSU\Disk SpeedUp\Schedule] "DSU-Optimize"="REG_SZ", "Scan Not Scheduled" [HKEY_CURRENT_USER\Software\Systweak\DSU\LANG] "CURRENTLANG"="REG_SZ", "ENGLISH" "LangCode"="REG_SZ", "en" "LangID"="REG_SZ", "0" "RELPATH"="REG_SZ", "ENG" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 1/12/21 Scan Time: 9:31 AM Log File: 873387b2-54b0-11eb-a17e-080027235d76.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1130 Update Package Version: 1.0.35611 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 232844 Threats Detected: 108 Threats Quarantined: 108 Time Elapsed: 3 min, 9 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 2 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DSU.exe, Quarantined, 8014, 577327, , , , , A41F2C9333AFA31705DB944DD54506EA, AB3234D1CE6E2F8B79A776CBC7667B06FE068F8B90C7C2A81387A9D477727DF6 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DSUDefragSrv64.exe, Quarantined, 8014, 577327, , , , , E8F82F6F50540140A86FAD3219EF3375, 1945DB2828C35C0DD358367A4709EB95C73829870A51A2C0E6B32BEB35D98706 Module: 6 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\asohtm.dll, Quarantined, 8014, 577327, , , , , B775920B0F37BE71B17566B2258D8DFC, 0219C623C1206550CCF3AB0FEB2CCFA459B715037A1EE60E25C109B962CE140A PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\asores.dll, Quarantined, 8014, 577327, , , , , DEA4E4162D6BDE782001D9968F9D4492, 65CEBA7FA0295604D44E0047DADFA856BB21E39E2EBD8DF25BD2B5937751CDA1 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DSU.exe, Quarantined, 8014, 577327, , , , , A41F2C9333AFA31705DB944DD54506EA, AB3234D1CE6E2F8B79A776CBC7667B06FE068F8B90C7C2A81387A9D477727DF6 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DSUDefragSrv64.exe, Quarantined, 8014, 577327, , , , , E8F82F6F50540140A86FAD3219EF3375, 1945DB2828C35C0DD358367A4709EB95C73829870A51A2C0E6B32BEB35D98706 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DSUHelper.dll, Quarantined, 8014, 577327, , , , , C422CF15844E9A35AEAA7738D76E5A40, CFAF98AC3494DBAD04D9E655639B0D9A0D609419F98A8349E275863AD6EC637D PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\dsusys.dll, Quarantined, 8014, 577327, , , , , 0991A73680F1C6691EC2E2CF08093D01, F46E46685DD6E33BA5339D727D4AFACABF1622FF764B4AC95CEB49230919C28A Registry Key: 4 PUP.Optional.DiskSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{FC7E771F-8170-4573-825D-EDB6723C804F}_is1, Quarantined, 8014, 577337, 1.0.35611, , ame, , , PUP.Optional.SysTweak, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F927C591-371C-198E-4749-14DA78ABE9B4}, Quarantined, 2881, 338870, , , , , , PUP.Optional.SysTweak, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F927C591-371C-198E-4749-14DA78ABE9B4}, Quarantined, 2881, 338870, 1.0.35611, , ame, , , PUP.Optional.DiskSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DSUDiskOptimizer, Quarantined, 8014, 577327, , , , , , Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 16 PUP.Optional.SysTweak, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\DISK SPEEDUP, Quarantined, 2881, 329823, 1.0.35611, , ame, , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\PT_BR, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ZH_CN, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ENG, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DA, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DE, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ES, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\FI, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\FR, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\IT, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\JA, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\NL, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\NO, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\RU, Quarantined, 8014, 577327, , , , , , PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\SV, Quarantined, 8014, 577327, , , , , , File: 80 PUP.Optional.SysTweak, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\DISK SPEEDUP\REGISTER DISK SPEEDUP.LNK, Quarantined, 2881, 329823, 1.0.35611, , ame, , E738CE445F7574DD5627BEE34BE167F7, 27D0A1D676CCB4BF2EA2D162603D2F050BDE384A04E7030F4F925D2966B78B8B PUP.Optional.SysTweak, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disk Speedup\Disk Speedup.lnk, Quarantined, 2881, 329823, , , , , F610C3B257107AEA228C0B6492265AFB, A38A7E72AED1B407F0A6F257E0A37868F5F3E82F736A1A5F2C920FC9401C3BBE PUP.Optional.SysTweak, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disk Speedup\Uninstall Disk Speedup.lnk, Quarantined, 2881, 329823, , , , , FFB56BF3A3AB2B7DD54450C1D84DD569, E44E857755CCDBAB87E353D3BCFB4D2DECA3BEA57A40DB8D164E44C67841CF91 PUP.Optional.SysTweak, C:\USERS\PUBLIC\DESKTOP\DISK SPEEDUP.LNK, Quarantined, 2881, 329824, 1.0.35611, , ame, , 8C36BB8535793001770B82375C412F20, B5A213C043A4603CF76D7696507A10FE2DB4A1E562AD620746799B119F87D86C PUP.Optional.SysTweak, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\DISK SPEEDUP.LNK, Quarantined, 2881, 338872, 1.0.35611, , ame, , 2BC040AA752E061660FA4E5A941BB1F6, B4F2C505202E7EFCBAC28B1F3BA4E87E80D8652E7BDECCB62A6F8301ED01367B PUP.Optional.DiskSpeedUp, C:\PROGRAM FILES (X86)\DISK SPEEDUP\LICENSE.TXT, Quarantined, 8014, 577327, 1.0.35611, , ame, , C079A76BCCF339B5414539E0274EB32D, BBC21E6FE7D2559690E4EEAF30A911017F5E56EFA0CC2B92897AAF2933AE8086 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DA\aso.ini, Quarantined, 8014, 577327, , , , , 36390319D5321C32F3C41B27E2DA4FA0, 89C6783B5E51FCB136F7636E43232300068D31DA408BAE67362AE2CBBDBB1DD0 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DA\client.ini, Quarantined, 8014, 577327, , , , , 40D0F100F17E2901FFA8858D79E74B5F, 3CCED14B888B1F90068F0255E2450762C032998251816298F19FDBF756E43D56 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DA\DiskOpt.ini, Quarantined, 8014, 577327, , , , , 2E23B94EE7E84D8188978DA8BBC00A26, 24C914AD8740656ED6F7E65EABE81C4CDC55CBDC542CE504F7A0FDB971821C93 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DE\aso.ini, Quarantined, 8014, 577327, , , , , 6121602334E2B09A191B232B9D662C9B, D48906D012F79C2A05534FB5905BD5C8BA3C7DF7BF3BB01E26286DB190B08305 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DE\client.ini, Quarantined, 8014, 577327, , , , , 9163E3B68495BB1C552BC3C4237CC21D, 405489A4BD7D434D482C1140D4EC9A0FFD5C3C34D6C40CD9ACC63EF2893E2E39 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DE\DiskOpt.ini, Quarantined, 8014, 577327, , , , , 92DC1103D6EAE2B1E9E3D1E6847EE26A, D9E868EC2D99CE9510414B356C105011921168CFBC831EBBB017D5A5EB227E1F PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport\footer_left.jpg, Quarantined, 8014, 577327, , , , , A5AE3BA52567E15206DABB6BF9C91421, 593A2469F08F36965BE46E6BE89C7B334D1E66449E85D0029DD8D3E12265BFF1 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport\footer_middle.jpg, Quarantined, 8014, 577327, , , , , 9F9E4032BD785EDECFD376FC35581F38, C5AD43D196688105104390AEBB6CB9941E200E96A56CAEE47E5F4F732E3FC432 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport\footer_right.jpg, Quarantined, 8014, 577327, , , , , 231433540EC24297630602DC0A5D963F, 26DE76BDF6891BB7644972E0DE5D2AEEEEF3B12875819C2F9B97A77538614520 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport\left_border.jpg, Quarantined, 8014, 577327, , , , , 85A65CA0A8E60B72D0CE69C19F5BD23C, 1C2360286766232C032DB7E616B68D5E4EB5F3BBB024E1D7CE07CF9B6A2D5217 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport\line3px_Blue.jpg, Quarantined, 8014, 577327, , , , , 8122C2DFB4DD077ADB092500EC7CD0BB, 6275FDA7D7AC459ABC6346395D9A846993F29CA7DFFD834439987551A5E823A6 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport\Report_header_leftText.jpg, Quarantined, 8014, 577327, , , , , EA0345DB5AFB9E0414FDBD8A51A122ED, A0F3BDF9F9513AEAF0AAF10682E33A12E81BED510B122649541052142F3CD5FE PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport\Report_header_left_image.jpg, Quarantined, 8014, 577327, , , , , 686FF26CA3F31DC7541E1C29FFEC91C9, 018933B1A73B830EF83ECA70F4E02CB62FBF0949C53F88B1A28A42AC858A4EE3 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport\Report_header_top_middle.jpg, Quarantined, 8014, 577327, , , , , 3F249E6CF00C7B8BC9ED06E2DB0F93E4, 3FF10E9B5471A14075DC31C95DF513E329FA7B6B28150BB4EAE0F286C0D01E98 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport\Report_header_top_right.jpg, Quarantined, 8014, 577327, , , , , E00A4CB65697AC899A2D2FC07B8AA25F, 31C0E4B9546198347D98DD8458DDE23A0944E182D6840C183398DE1542AAF851 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DefragReport\right_border.jpg, Quarantined, 8014, 577327, , , , , 86917EB2E477F4655FB88CB77F3414D6, B4E20956C03D84AE45874A72EC00EED4E00542AEFA6B262BB74C7007E2622ED2 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ENG\aso.ini, Quarantined, 8014, 577327, , , , , 6A6121C4A2137760ED242C5637DB1A2B, 70FAB4F0E53C9B171F0B9E5326A360940B70B65C0AA69AAB74362C200E792C48 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ENG\client.ini, Quarantined, 8014, 577327, , , , , E01793A8D5FD15C49779C640E59813AF, E96A1BE9024B18F8DF3E095B52CD6018CE846C6E753E2641A85FF0C71794FC99 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ENG\DiskOpt.ini, Quarantined, 8014, 577327, , , , , 5D2FB3E05F0E7580A15A70BBEB8DC76D, 44AECCC3AF08BE2A87EC46093479B6CBE74BB30E4478A4D03E526538B6B66163 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ES\aso.ini, Quarantined, 8014, 577327, , , , , 83B0C7E418BE269A1CCDF6DF29B6CB68, 39321A88D32B0A0994A7787F5EC0B0CD78DA944A3D049C8B67EC66DB918DB749 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ES\client.ini, Quarantined, 8014, 577327, , , , , 1F2345A6FA607DDFC59E7AD4FA1CE0F1, 4E72322ADFCCDA068EE4EEC375C21B8039369413DC1FF2628E62E0D7B3E28889 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ES\DiskOpt.ini, Quarantined, 8014, 577327, , , , , 5218F7F295FD981F3212F8B32F0B90AA, B60464D12BD3DCBE031768490953C42922CA8E0AD2E2AC7BEDAEE5E72C496AD1 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\FI\aso.ini, Quarantined, 8014, 577327, , , , , 1E989D5A2820ED3E195C2C479AC4D35A, EE05966D7D99BA36E67AB094FF03D512ADC0025C8868480367C57C24156F9252 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\FI\client.ini, Quarantined, 8014, 577327, , , , , 4D78D124F1A691B4333B20F13B0CC5E8, 43697B668815D40C39961E13208F58B9FBD2E30F4307B6B4852195EAD525B8E8 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\FI\DiskOpt.ini, Quarantined, 8014, 577327, , , , , 1DF85DED2F804A885C1520A7FDD72479, 4212FF618409EAFBBCAFF44954C365A82E751A30FE32CC6584953176054DED1A PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\FR\aso.ini, Quarantined, 8014, 577327, , , , , CD4006C724FB158EB42AB737C6B74F24, E491F2CE5256A8671A008AA156898FA5460EAF76955CEC538782572007296EA1 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\FR\client.ini, Quarantined, 8014, 577327, , , , , D9A11EFE836AC559AC955459836B29C2, FB285F79FB9D78152AAD77C27D9980B7F0C12E3D1B0B36D6E846BE3F2E3BC467 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\FR\DiskOpt.ini, Quarantined, 8014, 577327, , , , , 147B4B5F5A8CC2EEAF01EFA1E6C6D036, 5B4B9B49BA1A27BB6A5AD57B256672E9FD37883F97B144C46219827CB2341D95 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\IT\aso.ini, Quarantined, 8014, 577327, , , , , E6AB80CB585AC53292EFE05EE693B6CA, 6156EF57700D841193C10570ECFE3ECD18193A46F6B1E7A5956029EF73E50ECD PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\IT\client.ini, Quarantined, 8014, 577327, , , , , 0D2DB80C233CFAC7068C1715E59B4B08, 03F2ACE6D87F18BFE583FDE6CBFC37587768E1B96F54C322EA5A7CB0A30B0AC9 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\IT\DiskOpt.ini, Quarantined, 8014, 577327, , , , , FD76E8211414FDB1BD484D2B28DE5217, 5244AA295063F10121E2217D2A4C11129A2ABFF03E0F64246B3D8055793910CD PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\JA\aso.ini, Quarantined, 8014, 577327, , , , , BBF5D23FA302641D98F2DB01F9DEA23F, DC7D53419B4B4111EFD57421C8CA6193BC7BBE0A8D9911803749224D2D3B3281 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\JA\client.ini, Quarantined, 8014, 577327, , , , , B72EBF19A42E2DA9360593838ABADA2F, 49DD9F601E6B4C430801770C31362B2F791E2539083DACE1B847365FA047A611 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\JA\DiskOpt.ini, Quarantined, 8014, 577327, , , , , 3E4891B2F7FD18140BBA4CFDB800DB4C, C99F773A9311EBA5972FDB76DA6C67D515E70748E60F22855E9314CD119C78F4 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\NL\aso.ini, Quarantined, 8014, 577327, , , , , 45025BA57C3E5DEBF2AC6C181E4215D2, D614B3EFB43AAE2077A4D800CE42B20F1EC51F2296D84B2E6B9133E7E7E25905 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\NL\client.ini, Quarantined, 8014, 577327, , , , , A93DFC0A55B0E701D94C5C908289819E, 5C147F444EA8877BA3C4A0C67E9DE9177163638496470C04C2BEAB856677EC0C PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\NL\DiskOpt.ini, Quarantined, 8014, 577327, , , , , 107E419301CB88021C6BF000FDCB85FB, 763F1EB36E7DB9C123183B1A1F8CA5E87273CDF5CDF063CFB017606ACF41F154 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\NO\aso.ini, Quarantined, 8014, 577327, , , , , 46F32DA9D521AC92F635A67ED30EE2A7, 039ABA2D7D5DDC558C2C73B223C15D76C460ADEBB1C9521234FA07F47F841898 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\NO\client.ini, Quarantined, 8014, 577327, , , , , EB5860C6C45218CDC8B4EC6DFA6E98FC, 3F3CBC361BB5121514BBD264D3C178D801E8DEA74A7D93D2C6353996AF25AA26 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\NO\DiskOpt.ini, Quarantined, 8014, 577327, , , , , 71915F1BF06B45D0E0CC0D51C7A2FD82, C0BB2A23B38ED94352054A2855704E1B4D83527873E33377720046753B2C925A PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\PT_BR\aso.ini, Quarantined, 8014, 577327, , , , , 6A1CA740697445AFF2A9DEEA5DB9C8E0, EFEDD458B1B0CF842EC5EFCAA86E864CAC6BA6CCBB94E922A4942B92C34A3FE5 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\PT_BR\client.ini, Quarantined, 8014, 577327, , , , , 93D688D610815146636C52E335CAFCF0, A81A03878AB79A7EC5B214BC94E4038DD5D02D3DE022AD8591C21DF353C1C642 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\PT_BR\DiskOpt.ini, Quarantined, 8014, 577327, , , , , 5D6020EC36B73FE382BA20F453C23ED2, A5C50600CDBD5393B4A2AD05A57BA4E5CE833D8BF03D89BB5717E9E2E083A0AF PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\RU\aso.ini, Quarantined, 8014, 577327, , , , , 714E976ADB660F9CA779881635A64293, E955EC7D166B766B66ACC87FA870789C8FECFB664BCBF71459F0B70ED1EEEBD0 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\RU\client.ini, Quarantined, 8014, 577327, , , , , 97524717CE566A202F10B7C676B1515B, 8FD79BA7648A2D8E0EEB9305C84E797F41DE5BD352D2FB7FECD103C83ED3BF16 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\RU\DiskOpt.ini, Quarantined, 8014, 577327, , , , , A6A8EF6F389F54BFEE8675327BE67E4B, 0DCEA689973670C00C4D23FF8614B5F044334C48F7EEAF95B05D4D805E3CF847 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\SV\aso.ini, Quarantined, 8014, 577327, , , , , 6E3CE517EE5D236F3147EA31B96D5A62, 57F1840005DAB9E71815C8E90E30A557902F6E69F4ED49B228C02C0600D002A7 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\SV\client.ini, Quarantined, 8014, 577327, , , , , 19A0E679DB29303385E0316E927B2A97, 616723D8DE5D011E99A7CD9ACD74DF2638EF840756927E0F07D2CB2D54718B91 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\SV\DiskOpt.ini, Quarantined, 8014, 577327, , , , , ACB306EE5C7663DF684A0BB7A215CE34, E207C28224481916E5059175EC213B02E7DACBA4832BBAC501D4D7DD113AB012 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ZH_CN\aso.ini, Quarantined, 8014, 577327, , , , , A87FB12C8C1A76D6B8485C8B53EA3609, B20CC1B8E7C1A76E6249EF97AED1B6B87BDB26D72085C5EB13FEADBA1B838D42 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ZH_CN\client.ini, Quarantined, 8014, 577327, , , , , EC7F5EC86C23B80DFFFD543EC310A0CE, 92153571168E62D738F63254CE5B99560A70B84B05C6D9658AA6D20ACF87A1EF PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\ZH_CN\DiskOpt.ini, Quarantined, 8014, 577327, , , , , CB2E5D266148378A178EA5B733652789, 38AA46CF26A3B8BA1D63453053C9D0E4B0D4B70A16633CA6034B3362F165CA41 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\AsInvoker.exe, Quarantined, 8014, 577327, , , , , C72AD4DE70541C821526CAFC47E2FC1D, 4A7B8188687FA3B7603AA5C48AB57D28326080E59D175E98358D559A186CDD36 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\asohtm.dll, Quarantined, 8014, 577327, , , , , B775920B0F37BE71B17566B2258D8DFC, 0219C623C1206550CCF3AB0FEB2CCFA459B715037A1EE60E25C109B962CE140A PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\asores.dll, Quarantined, 8014, 577327, , , , , DEA4E4162D6BDE782001D9968F9D4492, 65CEBA7FA0295604D44E0047DADFA856BB21E39E2EBD8DF25BD2B5937751CDA1 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DSU.exe, Quarantined, 8014, 577327, , , , , A41F2C9333AFA31705DB944DD54506EA, AB3234D1CE6E2F8B79A776CBC7667B06FE068F8B90C7C2A81387A9D477727DF6 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DSUDefragServiceManager.exe, Quarantined, 8014, 577327, , , , , 728B75B88C02AC956B012210C45602DA, 225784D617AF6B6D681C884AF3BFCCA4D169386E0F7745EF56FAAAA075D1F3A0 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DSUDefragSrv.exe, Quarantined, 8014, 577327, , , , , 53134259B128CE22FDB229AF7CD8FD12, 9A01BD274A0DB0A5A233A58E331B54138FD5285F580B59FDED9121977CCB57F7 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DSUDefragSrv64.exe, Quarantined, 8014, 577327, , , , , E8F82F6F50540140A86FAD3219EF3375, 1945DB2828C35C0DD358367A4709EB95C73829870A51A2C0E6B32BEB35D98706 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\DSUHelper.dll, Quarantined, 8014, 577327, , , , , C422CF15844E9A35AEAA7738D76E5A40, CFAF98AC3494DBAD04D9E655639B0D9A0D609419F98A8349E275863AD6EC637D PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\dsusys.dll, Quarantined, 8014, 577327, , , , , 0991A73680F1C6691EC2E2CF08093D01, F46E46685DD6E33BA5339D727D4AFACABF1622FF764B4AC95CEB49230919C28A PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\HighestAvailable.exe, Quarantined, 8014, 577327, , , , , FC8BB5F410869DE978B4B1F3E74251D8, C529FEBFD775DBDF8C2A4DD45197832D3D0B3E1361160787A75DDA788C735C70 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\KillDSUProcesses.exe, Quarantined, 8014, 577327, , , , , 0707B391AD4068224C55C8CDB46820DB, D908001849E7526581F5BA641F9A5958BDD1261FDD66CC5AEFAB67F29ABC4805 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\lang.lng, Quarantined, 8014, 577327, , , , , B571F67A5AD6A0C475C034E3D3C3443C, 074505BD632281B361C51F0513BAB9C9528429030C2B695DC5BC0A1515790711 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\Microsoft.VC90.ATL.manifest, Quarantined, 8014, 577327, , , , , 740631036E6FD381CE8D2005C69BBACF, FB7DC909360397ED397119639728B1D33B0F3F985285FFA2C422FED41A6DA94B PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\Microsoft.VC90.CRT.manifest, Quarantined, 8014, 577327, , , , , A14E590E0DFBB2DF0FB77768F993FC79, E9D66E9E851F0612A6EF8ACEA86724970FF2335378D506499A3C86DB2F674531 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\Microsoft.VC90.MFC.manifest, Quarantined, 8014, 577327, , , , , B9CA9C15F4FC967B95217464F83900E5, E7332E45362AB7DC85E4FF2E66B5F7C50D11DBCC9BBF5B3BC4E9C32557E1035D PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\Microsoft.VC90.MFCLOC.manifest, Quarantined, 8014, 577327, , , , , 7A7C6CD751B2E9A0088A825B10D60E53, E34C3DDF56B7AA53F0C787643030568EC0F37C2E53ECDB8138C809BE9C71D0B8 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\RequireAdministrator.exe, Quarantined, 8014, 577327, , , , , 3F0FCDDF676E886821D80DD001487B70, 5081FCE4608D3D0097BB9EB412346F98AC91018AB84A258FF5E882121BE0B2F4 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\unins000.dat, Quarantined, 8014, 577327, , , , , 61D1DD3EBF1F60B1D9C5A0B37A318519, 50B27837A6E4E1DE6ACF86E1FD616F74B7B9A681CC9D346BE03F5B3D4B62E4D9 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\unins000.exe, Quarantined, 8014, 577327, , , , , B29D17FB24B894FDF19140CEFAEF19D5, EBB10751F743E29CE5124305BF9716B2AFBEFA59AE8A8307A44FABFCB0185538 PUP.Optional.DiskSpeedUp, C:\Program Files (x86)\Disk Speedup\unins000.msg, Quarantined, 8014, 577327, , , , , 5F38274FC51EC35B61E925153E26EF1C, 946195C199C2F798ED0AB3DC8AE4511BE30AD70E5FB994D677BEEE0AE249DEC8 PUP.Optional.DiskSpeedUp, C:\USERS\{username}\DESKTOP\DSUSETUP_SYSTWEAK-DEFAULT.EXE, Quarantined, 8014, 577273, 1.0.35611, , ame, , 7F27BA5153CEEF227CBB28F745B31847, 34DE642CC0EFF3FA97863C73B40C009C56782BFC1070D553B370C3F20CB95334 PUP.Optional.DiskSpeedUp, C:\USERS\{username}\DOWNLOADS\DSUSETUP_SYSTWEAK-DEFAULT.EXE, Quarantined, 8014, 577273, 1.0.35611, , ame, , 7F27BA5153CEEF227CBB28F745B31847, 34DE642CC0EFF3FA97863C73B40C009C56782BFC1070D553B370C3F20CB95334 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this potentially unwanted program.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.

What is SuperEasy Registry Cleaner? SuperEasy Registry Cleaner is a registry cleaner that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog. How do I know if I am affected by SuperEasy Registry Cleaner? This is how the main screen of the registry cleaner looks: You will find these icons in your taskbar, your startmenu, and on your desktop: and see this type of windows during install: and this type of screens during operations: You may see this entry in your list of installed programs: and this task in your list of Scheduled Tasks: How did SuperEasy Registry Cleaner get on my computer? These so-called registry cleaners use different methods of getting installed. This particular one was downloaded from a software promoting website. How do I remove SuperEasy Registry Cleaner? Our program Malwarebytes can detect and remove this PUP. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of SuperEasy Registry Cleaner? No, Malwarebytes removes SuperEasy Registry Cleaner completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. What if I want to keep SuperEasy Registry Cleaner? Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you in dealing with this registry cleaner. As you can see below the full version of Malwarebytes would have warned you against the SuperEasy Registry Cleaner installer. Technical details for experts You may see these entries in FRST logs: (SuperEasy Software GmbH & Co. KG -> SuperEasy Software) C:\Program Files (x86)\SuperEasy Software\SuperEasy Registry Cleaner\SuperEasyRC.exe Task: {8C08BC94-5738-49EC-A79C-69AE64257B61} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files (x86)\SuperEasy Software\SuperEasy Registry Cleaner\SuperEasyRC.exe [8225704 2011-11-17] (SuperEasy Software GmbH & Co. KG -> SuperEasy Software) C:\Windows\system32\Tasks\SuperEasy Registry Cleaner C:\Users\Public\Desktop\SuperEasy Registry Cleaner.lnk C:\ProgramData\Desktop\SuperEasy Registry Cleaner.lnk C:\Users\{username}\AppData\Roaming\SuperEasy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperEasy Software C:\Program Files (x86)\SuperEasy Software (SuperEasy Software) C:\Windows\system32\roboot64.exe (SuperEasy Software ) C:\Users\{username}\Desktop\SuperEasy.exe SuperEasy Registry Cleaner (HKLM-x32\...\SuperEasy Registry Cleaner_is1) (Version: 6.21 - SuperEasy Software) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\SuperEasy Software\SuperEasy Registry Cleaner\XmlLite.dll (Systweak Inc) [File not signed] C:\Program Files (x86)\SuperEasy Software\SuperEasy Registry Cleaner\RegcleanPro.DLL Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\SuperEasy Software\SuperEasy Registry Cleaner Adds the file Chinese_rcp.ini"="11/17/2011 8:24 AM, 46574 bytes, A Adds the file CleanSchedule.exe"="11/17/2011 8:46 AM, 776104 bytes, A Adds the file unins000.dat"="9/29/2020 8:34 AM, 39851 bytes, A Adds the file unins000.exe"="9/29/2020 8:34 AM, 1519528 bytes, A Adds the file unins000.msg"="9/29/2020 8:34 AM, 20903 bytes, A Adds the file xmllite.dll"="11/19/2010 11:03 AM, 126976 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperEasy Software\SuperEasy Registry Cleaner Adds the file Register SuperEasy Registry Cleaner.lnk"="9/29/2020 8:34 AM, 1399 bytes, A Adds the file SuperEasy Registry Cleaner.lnk"="9/29/2020 8:34 AM, 1373 bytes, A Adds the file Uninstall SuperEasy Registry Cleaner.lnk"="9/29/2020 8:34 AM, 1358 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\SuperEasy\Registry Cleaner Adds the file eng_rcp.dat"="9/29/2020 8:34 AM, 32760 bytes, A Adds the file log_09-29-2020.log"="9/29/2020 8:34 AM, 0 bytes, A Adds the file results.rcp"="9/29/2020 8:35 AM, 16238 bytes, A In the existing folder C:\Users\{username}\Desktop Alters the file SuperEasy.exe 7/11/1601 2:25 AM, 3767784 bytes, A ==> 7/11/1601 2:25 AM, 3767784 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file SuperEasy Registry Cleaner.lnk"="9/29/2020 8:34 AM, 1349 bytes, A In the existing folder C:\Windows\System32 Adds the file roboot64.exe"="11/17/2011 8:46 AM, 18856 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file SuperEasy Registry Cleaner"="9/29/2020 8:34 AM, 3202 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SuperEasy Registry Cleaner_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\SuperEasy Software\SuperEasy Registry Cleaner\supereasyrc.exe" "DisplayName"="REG_SZ", "SuperEasy Registry Cleaner" "DisplayVersion"="REG_SZ", "6.21" "EstimatedSize"="REG_DWORD", 15117 "HelpLink"="REG_SZ", "http://www.SuperEasy.net" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\SuperEasy Software\SuperEasy Registry Cleaner" "Inno Setup: Icon Group"="REG_SZ", "SuperEasy Software\SuperEasy Registry Cleaner" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.4.1 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20200929" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\SuperEasy Software\SuperEasy Registry Cleaner\" "MajorVersion"="REG_DWORD", 6 "MinorVersion"="REG_DWORD", 21 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "SuperEasy Software" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\SuperEasy Software\SuperEasy Registry Cleaner\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\SuperEasy Software\SuperEasy Registry Cleaner\unins000.exe" /silent" "URLInfoAbout"="REG_SZ", "http://www.SuperEasy.net" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SuperEasy\Registry Cleaner] "RCPURL"="REG_SZ", "http://r.ashampoo.com/r.php?id=77864&ri=b0kc&utm_source=supereasy&utm_campaign=default&utm_medium=newbuild" "RENEWALURL"="REG_SZ", "http://r.ashampoo.com/r.php?id=77865&utm_source=supereasy&utm_campaign=default&utm_medium=newbuild" "utm_campaign"="REG_SZ", "default" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "supereasy" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SuperEasy\Registry Cleaner\LANG] "LangID"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\RegClean Pro\Version 6.1] "Expired"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Licenses] "{0C897F84B22AC53F6}"="REG_BINARY, .................................................................... "{IC897F84B22AC53F6}"="REG_BINARY, .. "{K7C0DB872A3F777C0}"="REG_BINARY, ...................................................................... "{R7C0DB872A3F777C0}"="REG_BINARY, .. [HKEY_CURRENT_USER\Software\SuperEasy\Registry Cleaner] "AutoRepair"="REG_DWORD", 0 "ConfirmBkUps"="REG_DWORD", 1 "CurrentScanTime"="REG_BINARY, .....#.. "GoToSystemTrayOnClose"="REG_DWORD", 0 "ImprovementProgram"="REG_DWORD", 1 "NumTimesRCPRunned"="REG_DWORD", 1 "RegErrFoundTillDate"="REG_DWORD", 0 "RegErrsFixedLast"="REG_DWORD", 0 "RegErrsFixedTillDate"="REG_DWORD", 0 "ScheduledTime"="REG_SZ", "" "SetChkREmovableMedia"="REG_DWORD", 1 "SetChkSkipEmptyKeys"="REG_DWORD", 1 "StartAutoScanPMUI"="REG_DWORD", 0 "StartMinimized"="REG_DWORD", 0 "StartScan"="REG_DWORD", 0 "StartWhenWinBoots"="REG_DWORD", 1 "StrLastOptimizeTime"="REG_SZ", "" "StrLastScan"="REG_SZ", "Tue. September 29, 2020. 08:35 AM" "StrLastScanResults"="REG_SZ", "43" "StrLastStartupOpt"="REG_SZ", "" "StrLatestRegDefrag"="REG_SZ", "" "StrLatestRestorePoint"="REG_SZ", "" [HKEY_CURRENT_USER\Software\SuperEasy\Registry Cleaner\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Systweak\RegClean Pro] "ErrorCount"="REG_DWORD", 43 "IsTrial"="REG_DWORD", 1 Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 9/29/20 Scan Time: 8:43 AM Log File: 16d5264e-021f-11eb-a053-00ffdcc6fdfc.json -Software Information- Version: 4.2.1.89 Components Version: 1.0.1045 Update Package Version: 1.0.30542 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 231715 Threats Detected: 14 Threats Quarantined: 14 Time Elapsed: 4 min, 59 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.SysTweak, C:\PROGRAM FILES (X86)\SUPEREASY SOFTWARE\SUPEREASY REGISTRY CLEANER\SUPEREASYRC.EXE, Quarantined, 814, 861327, , , , , 76E5B66A45CBB3EFB5763575DBBF597B, D50717671D105613A137A5E2BECAA092505DF838E6216DEC350C93838DCDB1DD Module: 1 PUP.Optional.SysTweak, C:\PROGRAM FILES (X86)\SUPEREASY SOFTWARE\SUPEREASY REGISTRY CLEANER\SUPEREASYRC.EXE, Quarantined, 814, 861327, , , , , 76E5B66A45CBB3EFB5763575DBBF597B, D50717671D105613A137A5E2BECAA092505DF838E6216DEC350C93838DCDB1DD Registry Key: 5 PUP.Optional.RegCleanerPro, HKCU\SOFTWARE\SYSTWEAK\RegClean Pro, Quarantined, 1651, 242268, 1.0.30542, , ame, , , PUP.Optional.SysTweak, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SuperEasy Registry Cleaner, Quarantined, 814, 861327, , , , , , PUP.Optional.SysTweak, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8C08BC94-5738-49EC-A79C-69AE64257B61}, Quarantined, 814, 861327, , , , , , PUP.Optional.SysTweak, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{8C08BC94-5738-49EC-A79C-69AE64257B61}, Quarantined, 814, 861327, , , , , , PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, Quarantined, 4444, 242275, 1.0.30542, , ame, , , Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 7 PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, Quarantined, 814, 395666, 1.0.30542, , ame, , 979745F32FA2D0EE59173B9D94A21FC2, 79F499A1DA3054154FC404AA2129161DCD1B3D4441DDE3468A72D2FEE6DC6AB8 PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\TASKS\SuperEasy Registry Cleaner, Quarantined, 814, 861327, , , , , 06A20E422C4339B7DA82835CE4927FCB, CA89761E99811693409494E10DED0A667D6C899B2380F102E4286902CC2F1706 PUP.Optional.SysTweak, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\SuperEasy Registry Cleaner.lnk, Quarantined, 814, 861327, , , , , 37C3732B7EB167E7D5930E2E4A63ECCD, 3FFD2460AC096CE5DD03D5A5E7B8A96F8D5D8B5A1F821FE6E8512E91E7511C86 PUP.Optional.SysTweak, C:\USERS\PUBLIC\Desktop\SuperEasy Registry Cleaner.lnk, Quarantined, 814, 861327, , , , , 37C3732B7EB167E7D5930E2E4A63ECCD, 3FFD2460AC096CE5DD03D5A5E7B8A96F8D5D8B5A1F821FE6E8512E91E7511C86 PUP.Optional.SysTweak, C:\PROGRAM FILES (X86)\SUPEREASY SOFTWARE\SUPEREASY REGISTRY CLEANER\SUPEREASYRC.EXE, Quarantined, 814, 861327, 1.0.30542, , ame, , 76E5B66A45CBB3EFB5763575DBBF597B, D50717671D105613A137A5E2BECAA092505DF838E6216DEC350C93838DCDB1DD PUP.Optional.SysTweak, C:\USERS\{username}\DESKTOP\SUPEREASY.EXE, Quarantined, 814, 861327, 1.0.30542, , ame, , 9E8EECE0556D0E10EE191B03400C47F4, BD44AEA9E37A79B035741474ED87244C49F93D8A1600CF1D29CD84F054E05BC9 PUP.Optional.SysTweak, C:\USERS\{username}\DESKTOP\SUPEREASYSETUP\SUPEREASY.EXE, Quarantined, 814, 861327, 1.0.30542, , ame, , 9E8EECE0556D0E10EE191B03400C47F4, BD44AEA9E37A79B035741474ED87244C49F93D8A1600CF1D29CD84F054E05BC9 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.

What is Advanced Driver Updater?The Malwarebytes research team has determined that Advanced Driver Updater is a "driver updater". These so-called "system optimizers" sometimes use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.More information can be found on our Malwarebytes Labs blog.How do I know if I am infected with Advanced Driver Updater?This is how the main screen of the system optimizer looks:You will find these icons in your taskbar, your startmenu, and on your desktop:and see these warnings during install:and this type of screens during "operations":You may see this entry in your list of installed programs:and these tasks in your list of Scheduled Tasks:How did Advanced Driver Updater get on my computer?These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website:How do I remove Advanced Driver Updater?Our program Malwarebytes can detect and remove this potentially unwanted application. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of Advanced Driver Updater? No, Malwarebytes removes Advanced Driver Updater completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. How would the full version of Malwarebytes help protect me?We hope our application and this guide have helped you eradicate this system optimizer.As you can see below the full version of Malwarebytes would have protected you against the Advanced Driver Updater installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. Technical details for expertsYou may see these entries in FRST logs: (SYSTWEAK SOFTWARE PVT. LTD. -> Systweak) C:\Program Files (x86)\Advanced Driver Updater\ADU.exe Task: {12B434B4-F265-41FD-A6B3-C198F786C9F3} - System32\Tasks\Advanced Driver UpdaterNotifier => C:\Program Files (x86)\Advanced Driver Updater\adunotifier.exe [3458808 2020-04-03] (SYSTWEAK SOFTWARE PVT. LTD. -> Systweak Software) Task: {210DF4AF-F245-477F-9B2D-AB4502C11EFB} - System32\Tasks\AdvancedDriverUpdater_UPDATES => C:\Program Files (x86)\Advanced Driver Updater\ADU.exe [5445368 2020-04-03] (SYSTWEAK SOFTWARE PVT. LTD. -> Systweak) Task: {69E0BB72-3A6D-4B12-847D-355809219F8B} - System32\Tasks\Advanced Driver UpdaterNotifier_startup => C:\Program Files (x86)\Advanced Driver Updater\adunotifier.exe [3458808 2020-04-03] (SYSTWEAK SOFTWARE PVT. LTD. -> Systweak Software) Task: {84D4A5AE-4E9C-4FA0-89F6-4CB61749E43D} - System32\Tasks\AdvancedDriverUpdaterRunAtStartup => C:\Program Files (x86)\Advanced Driver Updater\ADU.exe [5445368 2020-04-03] (SYSTWEAK SOFTWARE PVT. LTD. -> Systweak) Task: {8EF5CD39-427F-424B-B22A-016C4B33A65C} - System32\Tasks\Advanced Driver UpdaterNotifier_trigger => C:\Program Files (x86)\Advanced Driver Updater\adunotifier.exe [3458808 2020-04-03] (SYSTWEAK SOFTWARE PVT. LTD. -> Systweak Software) C:\Windows\system32\Tasks\AdvancedDriverUpdater_UPDATES C:\Windows\system32\Tasks\AdvancedDriverUpdaterRunAtStartup C:\Windows\system32\Tasks\Advanced Driver UpdaterNotifier_trigger C:\Windows\system32\Tasks\Advanced Driver UpdaterNotifier C:\Windows\system32\Tasks\Advanced Driver UpdaterNotifier_startup C:\Program Files (x86)\Advanced Driver Updater C:\Users\Public\Desktop\Advanced Driver Updater.lnk C:\ProgramData\Desktop\Advanced Driver Updater.lnk C:\Users\{username}\AppData\Roaming\Systweak C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Driver Updater (Systweak Software, 1999-2020 All rights reserved. ) C:\Users\{username}\Desktop\adug_systweak-default.exe Advanced Driver Updater (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_Systweak_Ad~8C5446C9_is1) (Version: 4.5.1086.17939 - Systweak Software, 1999-2020 All rights reserved.) <==== ATTENTION ( (CodePlex Community) [File not signed]) [File is in use ] C:\Program Files (x86)\Advanced Driver Updater\Microsoft.Win32.TaskScheduler.dll ( (Thomas Levesque) [File not signed]) [File is in use ] C:\Program Files (x86)\Advanced Driver Updater\WpfAnimatedGif.dll ( (Xceed Software Inc.) [File not signed]) [File is in use ] C:\Program Files (x86)\Advanced Driver Updater\Xceed.Wpf.Toolkit.dll Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Advanced Driver Updater Adds the file ADU.exe"="4/3/2020 3:51 PM, 5445368 bytes, A Adds the file ADU.exe.config"="3/3/2020 11:56 AM, 2554 bytes, A Adds the file adunotifier.exe"="4/3/2020 3:51 PM, 3458808 bytes, A Adds the file ADUNotifier_Corruptlog.txt"="5/7/2020 8:51 AM, 0 bytes, A Adds the file ADUNotifier_log.txt"="5/7/2020 8:52 AM, 1260 bytes, A Adds the file ADUNotifier_OutOfMemorylog.txt"="5/7/2020 8:51 AM, 0 bytes, A Adds the file Chinese_adu.ini"="3/13/2020 5:11 PM, 104864 bytes, A Adds the file Danish_adu.ini"="3/13/2020 5:11 PM, 184510 bytes, A Adds the file Delimon.Win32.IO.dll"="12/3/2019 2:38 PM, 950272 bytes, A Adds the file difxapi.dll"="7/4/2019 4:16 PM, 323464 bytes, A Adds the file difxapi64.dll"="6/26/2019 12:47 PM, 519048 bytes, A Adds the file Dutch_adu.ini"="3/13/2020 5:11 PM, 195616 bytes, A Adds the file eng_adu_en.ini"="4/1/2020 3:56 PM, 91655 bytes, A Adds the file Finnish_adu.ini"="3/13/2020 5:11 PM, 171396 bytes, A Adds the file French_adu.ini"="3/13/2020 5:11 PM, 196824 bytes, A Adds the file German_adu.ini"="3/13/2020 5:11 PM, 191278 bytes, A Adds the file input.xml"="5/7/2020 8:52 AM, 23572 bytes, A Adds the file isxdl.dll"="12/3/2019 2:38 PM, 155712 bytes, A Adds the file Italian_adu.ini"="3/13/2020 5:11 PM, 180638 bytes, A Adds the file Japanese_adu.ini"="3/13/2020 5:11 PM, 129308 bytes, A Adds the file Microsoft.Win32.TaskScheduler.dll"="12/3/2019 2:38 PM, 115200 bytes, A Adds the file Norwegian_adu.ini"="3/13/2020 5:11 PM, 168842 bytes, A Adds the file notifier.ini"="4/3/2020 1:22 PM, 577 bytes, A Adds the file notifier.json"="5/7/2020 8:52 AM, 14668 bytes, A Adds the file notifierlib.dll"="4/3/2020 3:51 PM, 407712 bytes, A Adds the file output.xml"="5/7/2020 8:52 AM, 1054 bytes, A Adds the file portuguese_adu.ini"="3/13/2020 5:11 PM, 172924 bytes, A Adds the file russian_adu.ini"="3/13/2020 5:11 PM, 181260 bytes, A Adds the file spanish_adu.ini"="3/13/2020 5:11 PM, 189776 bytes, A Adds the file swedish_adu.ini"="3/13/2020 5:11 PM, 174054 bytes, A Adds the file unins000.dat"="5/7/2020 8:50 AM, 163263 bytes, A Adds the file unins000.exe"="5/7/2020 8:50 AM, 1268472 bytes, A Adds the file unins000.msg"="5/7/2020 8:50 AM, 22701 bytes, A Adds the file unrar.dll"="7/4/2019 4:16 PM, 269016 bytes, A Adds the file webbrowser.exe"="4/3/2020 3:51 PM, 139000 bytes, A Adds the file WpfAnimatedGif.dll"="12/3/2019 2:38 PM, 40448 bytes, A Adds the file WPFToolkit.dll"="12/3/2019 2:38 PM, 467288 bytes, A Adds the file Xceed.Wpf.Toolkit.dll"="12/3/2019 2:38 PM, 1352704 bytes, A Adds the folder C:\Program Files (x86)\Advanced Driver Updater\updater\amd64Helper Adds the file difxapi.dll"="7/4/2019 4:16 PM, 519048 bytes, A Adds the file DriverUpdateHelper64.exe"="4/3/2020 3:51 PM, 537848 bytes, A Adds the file DriverUpdateHelper64.manifest"="7/4/2019 4:16 PM, 689 bytes, A Adds the folder C:\Program Files (x86)\Advanced Driver Updater\updater\extract Adds the file 7z.dll"="4/3/2020 3:51 PM, 740600 bytes, A Adds the file 7z.exe"="4/3/2020 3:51 PM, 164600 bytes, A Adds the file copying.txt"="10/4/2017 6:25 PM, 26948 bytes, A Adds the file History.txt"="10/4/2017 6:25 PM, 29037 bytes, A Adds the file license.txt"="10/4/2017 6:25 PM, 2049 bytes, A Adds the file readme.txt"="10/4/2017 6:25 PM, 1616 bytes, A Adds the folder C:\Program Files (x86)\Advanced Driver Updater\updater\x86Helper Adds the file difxapi.dll"="12/3/2019 2:38 PM, 323464 bytes, A Adds the file DriverUpdateHelperx86.exe"="4/3/2020 3:51 PM, 341752 bytes, A Adds the file DriverUpdateHelperx86.manifest"="12/3/2019 2:38 PM, 690 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Driver Updater Adds the file Advanced Driver Updater.lnk"="5/7/2020 8:50 AM, 1099 bytes, A Adds the file Uninstall Advanced Driver Updater.lnk"="5/7/2020 8:50 AM, 1130 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\adu\4.5.1086.17939 Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\adu\Advanced Driver Updater Adds the file dbupdate.ini"="5/7/2020 8:52 AM, 516 bytes, A Adds the file exc.xml"="5/7/2020 8:51 AM, 14 bytes, A Adds the file fResults.du"="5/7/2020 8:52 AM, 1054 bytes, A Adds the file notifier.ini"="5/7/2020 8:52 AM, 622 bytes, A Adds the file Results.du"="5/7/2020 8:52 AM, 91161 bytes, A Adds the file Update.ini"="5/7/2020 8:52 AM, 22 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\adu\Advanced Driver Updater\Backup Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\adu\Advanced Driver Updater\Download Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\adu\Advanced Driver Updater\Logs Adds the file adu.txt"="5/7/2020 8:52 AM, 58378 bytes, A Adds the file adu_1.txt"="5/7/2020 8:50 AM, 0 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Systweak\adu\Advanced Driver Updater\update In the existing folder C:\Users\Public\Desktop Adds the file Advanced Driver Updater.lnk"="5/7/2020 8:50 AM, 1081 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file Advanced Driver UpdaterNotifier"="5/7/2020 8:51 AM, 3326 bytes, A Adds the file Advanced Driver UpdaterNotifier_startup"="5/7/2020 8:51 AM, 3236 bytes, A Adds the file Advanced Driver UpdaterNotifier_trigger"="5/7/2020 8:51 AM, 3358 bytes, A Adds the file AdvancedDriverUpdater_UPDATES"="5/7/2020 8:51 AM, 3606 bytes, A Adds the file AdvancedDriverUpdaterRunAtStartup"="5/7/2020 8:51 AM, 3398 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DA71BA65-680A-4212-9150-6239217B53DC_Systweak_Ad~8C5446C9_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Advanced Driver Updater\ADU.exe" "DisplayName"="REG_SZ", "Advanced Driver Updater" "DisplayVersion"="REG_SZ", "4.5.1086.17939" "EstimatedSize"="REG_DWORD", 19469 "HelpLink"="REG_SZ", "http://www.systweak.com/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Advanced Driver Updater" "Inno Setup: Icon Group"="REG_SZ", "Advanced Driver Updater" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.5 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20200507" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Advanced Driver Updater\" "MajorVersion"="REG_DWORD", 4 "MinorVersion"="REG_DWORD", 5 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Systweak Software, 1999-2020 All rights reserved." "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Advanced Driver Updater\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Advanced Driver Updater\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.systweak.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\adu] "affiliate"="REG_SZ", "" "affiliateid"="REG_SZ", "" "afterInstallUrl"="REG_SZ", "http://www.systweak.com/advanced-driver-updater/after-install?newaduw=1&utm_content=AfterInstall&utm_term=Setup&page=install" "AFTINSTS"="REG_DWORD", 0 "bdts"="REG_SZ", "03042020 15:51:28" "bdts_new"="REG_SZ", "03-04-2020" "BUILD_FOR"="REG_SZ", "systweak" "BuyNowURL"="REG_SZ", "http://www.systweak.com/adu/price.asp?&appversion=4.5.1086.17939&utm_cid=&macid=1361824443874848900" "BuyNowURLADU"="REG_SZ", "http://powerbundle.systweak.com/pb/price/?pname=adu&" "BuyNowURLASP"="REG_SZ", "http://powerbundle.systweak.com/pb/price/?pname=asp&" "BuyNowURLPB"="REG_SZ", "http://powerbundle.systweak.com/PB/purchase/?pname=adu&" "BuyNowURLRCP"="REG_SZ", "http://powerbundle.systweak.com/pb/price/?pname=rcp&" "CplURL"="REG_SZ", "" "crsi"="REG_DWORD", 1 "dwIsPCHelpOnlineBuild"="REG_DWORD", 0 "dwIsSilentBuildForRCP"="REG_DWORD", -1 "escn"="REG_DWORD", 1 "finalparams"="REG_SZ", "&pxl=ADU_DEF_PIXEL&pcrts=07-05-2020 07:55:52&pcrt=637244349529649300&scrr=1920x975&scrsf=1&bdts=03-04-2020&instdts=07-05-2020&bdt=637215258880000000&instdt=637244382410000000&scrsd=1&OfferType=1&sn=adug_systweak-default.exe" "GA"="REG_DWORD", 1 "installDate"="REG_SZ", "07/05/2020 08:50:41" "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Advanced Driver Updater" "instdts"="REG_SZ", "07052020 08:50:41" "instdts_new"="REG_SZ", "07-05-2020" "IsLbBuild"="REG_SZ", "0" "IsNLBuild"="REG_DWORD", 0 "IsPbEnabled"="REG_DWORD", 1 "IsSendKeyStatus"="REG_DWORD", 0 "issilent"="REG_DWORD", 1 "IsTelNoEnabled"="REG_DWORD", 1 "IsUpdateBuild"="REG_SZ", "0" "MachineUniqueId"="REG_SZ", "136824443874848900" "model"="REG_SZ", "innotek GmbH VirtualBox" "nAppendParamsFromReg"="REG_DWORD", 1 "os"="REG_SZ", "Microsoft+Windows+7+Ultimate" "ovbt"="REG_DWORD", 0 "prdid"="REG_SZ", "135" "pxl"="REG_SZ", "ADU_DEF_PIXEL" "RenewNowURL"="REG_SZ", "http://www.systweak.com/adu/renewal.asp?&appversion=4.5.1086.17939&utm_cid=" "RenewNowURLADU"="REG_SZ", "http://powerbundle.systweak.com/pb/renewal/?pname=adu&" "RenewNowURLASP"="REG_SZ", "http://powerbundle.systweak.com/pb/renewal/?pname=asp&" "RenewNowURLPB"="REG_SZ", "http://powerbundle.systweak.com/PB/pbrenewal/?pname=adu&" "RenewNowURLRCP"="REG_SZ", "http://powerbundle.systweak.com/pb/renewal/?pname=rcp&" "scn"="REG_DWORD", 0 "sen"="REG_DWORD", 1 "send"="REG_DWORD", 0 "setup_type"="REG_SZ", "11" "strayalertnag"="REG_DWORD", 1 "TELNO"="REG_SZ", "(855)532-3907" "utm_campaign"="REG_SZ", "default" "utm_cid"="REG_SZ", "" "utm_days"="REG_SZ", "0" "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "systweak" "x-at"="REG_SZ", "" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\adu\4.5.1086.17939] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Systweak\adu\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Systweak\adu] "affiliate"="REG_SZ", "" "affiliateid"="REG_SZ", "" "afterInstallUrl"="REG_SZ", "http://www.systweak.com/advanced-driver-updater/after-install?newaduw=1&utm_content=AfterInstall&utm_term=Setup&page=install" "AFTINSTS"="REG_DWORD", 0 "aoign"="REG_SZ", "0" "AppDriverScanStatus"="REG_DWORD", 1 "Backup Path"="REG_SZ", "C:\Users\{username}\AppData\Roaming\Systweak\adu\Advanced Driver Updater\Backup\" "bdt"="REG_SZ", "637215258880000000" "bdts"="REG_SZ", "03042020 15:51:28" "bdts_new"="REG_SZ", "03-04-2020" "bShowTrayOffer"="REG_DWORD", 1 "BuyNowURL"="REG_SZ", "http://www.systweak.com/adu/price.asp?&appversion=4.5.1086.17939&utm_cid=&macid=1361824443874848900" "CplURL"="REG_SZ", "" "crsi"="REG_DWORD", 1 "DeviceIconIDNDriverName"="REG_SZ", "38;Intel(R) PRO/1000 MT Desktop Adapter" "Download Path"="REG_SZ", "C:\Users\{username}\AppData\Roaming\Systweak\adu\Advanced Driver Updater\Download\" "DriverAge"="REG_DWORD", 0 "DriverOutdatedCount"="REG_SZ", "1" "DriverOutdatedNames"="REG_SZ", "Intel(R) PRO/1000 MT Desktop Adapter" "dTelNoNeeded"="REG_DWORD", 0 "escn"="REG_DWORD", 1 "ExitNagType"="REG_DWORD", 0 "Expired"="REG_DWORD", 0 "finalparams"="REG_SZ", "&pxl=ADU_DEF_PIXEL&pcrts=07-05-2020 07:55:52&pcrt=637244349529649300&scrr=1920x975&scrsf=1&bdts=03-04-2020&instdts=07-05-2020&bdt=637215258880000000&instdt=637244382410000000&scrsd=1&OfferType=1&sn=adug_systweak-default.exe" "FirstInstallDate"="REG_SZ", "07052020 08:51:24" "GA"="REG_DWORD", 1 "GoToSystemTrayOnClose"="REG_DWORD", 1 "ibv"="REG_SZ", "1" "iev"="REG_SZ", "9" "ImprovementProgram"="REG_DWORD", 0 "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Advanced Driver Updater" "instdt"="REG_SZ", "637244382410000000" "instdts"="REG_SZ", "07052020 08:50:41" "instdts_new"="REG_SZ", "07-05-2020" "IsFIrstScanComplete"="REG_DWORD", 1 "IsHidePopup"="REG_DWORD", 0 "IsLbBuild"="REG_SZ", "0" "IsNLBuild"="REG_DWORD", 0 "issilent"="REG_DWORD", 1 "IsUpdateBuild"="REG_SZ", "0" "Key"="REG_SZ", "" "LearnMoreNagType"="REG_DWORD", 0 "macid"="REG_SZ", "136824443874848900" "Manufacturer"="REG_DWORD", 31 "ManufacturerName"="REG_SZ", "Oracle Corporation" "MaxFixLimit"="REG_DWORD", 2 "model"="REG_SZ", "VirtualBox" "nMaxFixLimit"="REG_DWORD", 0 "NumTimesRCPRunned"="REG_DWORD", 0 "OldestDriverAgeInYears"="REG_DWORD", 4244 "os"="REG_SZ", "Microsoft+Windows+7+Ultimate" "OSFriendlyName"="REG_SZ", "Windows 7" "ovbt"="REG_DWORD", 0 "pcname"="REG_SZ", "{computername}" "pcrt"="REG_SZ", "63724449529649300" "pcrts"="REG_SZ", "07-05-2020 07:55:52" "prdmsg"="REG_DWORD", 1 "proc"="REG_SZ", "Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz" "ProcessorName"="REG_SZ", "Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz" "pxl"="REG_SZ", "ADU_DEF_PIXEL" "ram"="REG_SZ", "2.00 GB" "REGVER"="REG_DWORD", 0 "REGVER-UNINSTALL"="REG_DWORD", 0 "RenewNowURL"="REG_SZ", "http://www.systweak.com/adu/renewal.asp?&appversion=4.5.1086.17939&utm_cid=" "scn"="REG_DWORD", 0 "scrr"="REG_SZ", "1920x975" "scrsd"="REG_SZ", "1" "scrsf"="REG_SZ", "1" "sen"="REG_DWORD", 1 "send"="REG_DWORD", 0 "SetChkDontShowRedTrayPopup"="REG_DWORD", 0 "SetChkPeriodicUpDate"="REG_DWORD", 1 "setup_type"="REG_SZ", "11" "StartAutoScanOnLaunch"="REG_DWORD", 0 "StartAutoScanPMUI"="REG_DWORD", 1 "StartAutoTutorial"="REG_DWORD", 1 "StartMinimized"="REG_DWORD", 0 "StartScan"="REG_DWORD", 0 "StartWhenWinBoots"="REG_DWORD", 1 "strayalertnag"="REG_DWORD", 1 "StrLastScan"="REG_SZ", "637244383483853849" "StrLastScanResults"="REG_SZ", "1" "TELNO"="REG_SZ", "(855)532-3907" "TotalOutOfDateDrivers"="REG_DWORD", 1 "TotalScannedDrivers"="REG_DWORD", 37 "TotalUpToDateDrivers"="REG_DWORD", 36 "uninstallfinalparams"="REG_SZ", "pn=Advanced Driver Updater&appversion=4.5.1086.17939&cdbid=&firstinstall=0&utm_days=0&langcode=en&isreg=0&isexpired=0&macid=1361824443874848900&productid=135&os=Microsoft+Windows+7+Ultimate&ram=Microsoft+Windows+7+Ultimate&model=VirtualBox&proc=Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz&x-isvm=1&iev=9&setup_type=11&utm_source=systweak&utm_medium=newbuild&utm_campaign=default&affiliate=&utm_cid=&utm_updt=&utm_updatedate=&nagparent=&x-lip=90_145_230_242&lipl=1519511282&x-lipnw=90_145_230_242&od=0&pxl=ADU_DEF_PIXEL&pcrts=07-05-2020 07:55:52&pcrt=637244349529649300&scrr=1920x975&scrsf=1&bdts=03-04-2020&instdts=07-05-2020&bdt=637215258880000000&instdt=637244382410000000&scrsd=1&OfferType=1&sn=adug_systweak-default.exe" "UpdateAllNagType"="REG_DWORD", 0 "UpdateDriverNagType"="REG_DWORD", 0 "utm_campaign"="REG_SZ", "default" "utm_cid"="REG_SZ", "" "utm_days"="REG_SZ", "0" "utm_installdate"="REG_BINARY, ........ "utm_medium"="REG_SZ", "newbuild" "utm_source"="REG_SZ", "systweak" "utmnag_days"="REG_SZ", "0" "x-at"="REG_SZ", "" "x-lip"="REG_SZ", "90.145.230.242" [HKEY_CURRENT_USER\Software\Systweak\adu\4.5.1086.17939] [HKEY_CURRENT_USER\Software\Systweak\adu\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Systweak\adu\notifier] "nst"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Systweak\Notifier] "BaseUID"="REG_SZ", "Advanced Driver Updater" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/7/20 Scan Time: 9:00 AM Log File: 7bc720c2-9030-11ea-9411-00ffdcc6fdfc.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.896 Update Package Version: 1.0.23556 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 233401 Threats Detected: 77 Threats Quarantined: 77 Time Elapsed: 2 min, 43 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\ADU.exe, Quarantined, 4431, 258375, , , , Module: 4 PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\ADU.exe, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Microsoft.Win32.TaskScheduler.dll, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\WpfAnimatedGif.dll, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Xceed.Wpf.Toolkit.dll, Quarantined, 4431, 258375, , , , Registry Key: 18 PUP.Optional.SysTweak, HKLM\SOFTWARE\WOW6432NODE\Systweak, Quarantined, 795, 327155, 1.0.23556, , ame, PUP.Optional.SysTweak, HKCU\SOFTWARE\Systweak, Quarantined, 795, 327156, 1.0.23556, , ame, PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AdvancedDriverUpdater_UPDATES, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{210DF4AF-F245-477F-9B2D-AB4502C11EFB}, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{210DF4AF-F245-477F-9B2D-AB4502C11EFB}, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AdvancedDriverUpdaterRunAtStartup, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{84D4A5AE-4E9C-4FA0-89F6-4CB61749E43D}, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{84D4A5AE-4E9C-4FA0-89F6-4CB61749E43D}, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advanced Driver UpdaterNotifier, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{12B434B4-F265-41FD-A6B3-C198F786C9F3}, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{12B434B4-F265-41FD-A6B3-C198F786C9F3}, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advanced Driver UpdaterNotifier_startup, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{69E0BB72-3A6D-4B12-847D-355809219F8B}, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{69E0BB72-3A6D-4B12-847D-355809219F8B}, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advanced Driver UpdaterNotifier_trigger, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8EF5CD39-427F-424B-B22A-016C4B33A65C}, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{8EF5CD39-427F-424B-B22A-016C4B33A65C}, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DA71BA65-680A-4212-9150-6239217B53DC_Systweak_Ad~8C5446C9_is1, Quarantined, 4431, 258375, , , , Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 1 PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\extract, Quarantined, 4431, 258375, , , , File: 53 PUP.Optional.AdvancedDriverUpdater, C:\PROGRAM FILES (X86)\ADVANCED DRIVER UPDATER\unins000.dat, Quarantined, 4431, 258375, 1.0.23556, , ame, PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\amd64Helper\DriverUpdateHelper64.exe, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\amd64Helper\DriverUpdateHelper64.manifest, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\extract\7z.dll, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\extract\7z.exe, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\extract\copying.txt, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\extract\History.txt, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\extract\license.txt, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\extract\readme.txt, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\x86Helper\DriverUpdateHelperx86.exe, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\updater\x86Helper\DriverUpdateHelperx86.manifest, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\ADU.exe, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\ADU.exe.config, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\adunotifier.exe, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\ADUNotifier_Corruptlog.txt, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\ADUNotifier_log.txt, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\ADUNotifier_OutOfMemorylog.txt, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Chinese_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Danish_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Delimon.Win32.IO.dll, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Dutch_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\eng_adu_en.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Finnish_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\French_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\German_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\input.xml, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\isxdl.dll, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Italian_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Japanese_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Microsoft.Win32.TaskScheduler.dll, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Norwegian_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\notifier.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\notifier.json, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\notifierlib.dll, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\output.xml, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\portuguese_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\russian_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\spanish_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\swedish_adu.ini, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\unins000.exe, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\unins000.msg, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\unrar.dll, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\webbrowser.exe, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\WpfAnimatedGif.dll, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\Program Files (x86)\Advanced Driver Updater\Xceed.Wpf.Toolkit.dll, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\AdvancedDriverUpdater_UPDATES, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\AdvancedDriverUpdaterRunAtStartup, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Advanced Driver Updater.lnk, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\USERS\PUBLIC\Desktop\Advanced Driver Updater.lnk, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\Advanced Driver UpdaterNotifier, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\Advanced Driver UpdaterNotifier_startup, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\Advanced Driver UpdaterNotifier_trigger, Quarantined, 4431, 258375, , , , PUP.Optional.AdvancedDriverUpdater, C:\USERS\{username}\DESKTOP\ADUG_SYSTWEAK-DEFAULT.EXE, Quarantined, 4431, 817832, 1.0.23556, , ame, Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.

What is PerfectRegistry? The Malwarebytes research team has determined that PerfectRegistry is a fake registry cleaner. These so-called "registry cleaners" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems. More information can be found on our Malwarebytes Labs blog. How do I know if I am infected with PerfectRegistry? This is how the main screen of the registry cleaning application looks: You will find these icons in your taskbar, startmenu, and on your desktop: And see this warning during install: and these screens during "operations": You may see this entry in your list of installed programs: and these tasks in your Task Scheduler: How did PerfectRegistry get on my computer? These so-called registry cleaners use different methods of getting installed. This particular one was downloaded from their website. How do I remove PerfectRegistry? Our program Malwarebytes can detect and remove this potentially unwanted application. Please download Malwarebytes to your desktop. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program. Then click Finish. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure. When the scan is complete, make sure that all Threats are selected, and click Remove Selected. Restart your computer when prompted to do so. Is there anything else I need to do to get rid of PerfectRegistry? No, Malwarebytes removes PerfectRegistry completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you eradicate this registry cleaner. As you can see below the full version of Malwarebytes would have protected you against the PerfectRegistry installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. Technical details for experts You may see these entries in FRST logs: (Raxco Software, Inc.) C:\Program Files (x86)\Raxco\PerfectRegistry\PerfectRegistry.exe C:\Windows\System32\Tasks\PerfectRegistry C:\Windows\System32\Tasks\PerfectRegistry_UPDATES C:\Windows\System32\Tasks\PerfectRegistry_DEFAULT C:\Users\Public\Desktop\PerfectRegistry.lnk C:\Windows\Tasks\PerfectRegistry_UPDATES.job C:\Windows\Tasks\PerfectRegistry_DEFAULT.job C:\Users\{username}\AppData\Roaming\Raxco C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raxco C:\Program Files (x86)\Raxco (Raxco Software, Inc) C:\Windows\system32\roboot64.exe PerfectRegistry (HKLM-x32\...\PerfectRegistry_is1) (Version: 2.0 - Raxco Software Inc) Task: {099B320F-06C7-477E-B862-1C05011E2A85} - System32\Tasks\PerfectRegistry_DEFAULT => C:\Program Files (x86)\Raxco\PerfectRegistry\PerfectRegistry.exe [2015-07-16] (Raxco Software, Inc.) Task: {20E5E4B6-666E-4527-A04A-824F3CC589A2} - System32\Tasks\PerfectRegistry => C:\Program Files (x86)\Raxco\PerfectRegistry\PerfectRegistry.exe [2015-07-16] (Raxco Software, Inc.) Task: {D1A5B052-CF3A-4C42-B8E4-EE4211AE6A5A} - System32\Tasks\PerfectRegistry_UPDATES => C:\Program Files (x86)\Raxco\PerfectRegistry\PerfectRegistry.exe [2015-07-16] (Raxco Software, Inc.) Task: C:\Windows\Tasks\PerfectRegistry_DEFAULT.job => C:\Program Files (x86)\Raxco\PerfectRegistry\PerfectRegistry.exe Task: C:\Windows\Tasks\PerfectRegistry_UPDATES.job => C:\Program Files (x86)\Raxco\PerfectRegistry\PerfectRegistry.exe Significant cghanges made by the installer: Monitored program File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Raxco\PerfectRegistry Adds the file Chinese_rcp.ini"="8/24/2011 1:24 PM, 47800 bytes, A Adds the file CleanSchedule.exe"="7/16/2015 11:12 AM, 261056 bytes, A Adds the file Danish_rcp.ini"="8/24/2011 1:24 PM, 88222 bytes, A Adds the file Dutch_rcp.ini"="8/24/2011 1:27 PM, 91586 bytes, A Adds the file eng_rcp.ini"="8/24/2011 1:24 PM, 82272 bytes, A Adds the file Finnish_rcp_fi.ini"="8/24/2011 1:27 PM, 85844 bytes, A Adds the file French_rcp.ini"="8/24/2011 1:27 PM, 98062 bytes, A Adds the file German_rcp.ini"="8/24/2011 1:27 PM, 97476 bytes, A Adds the file greek_rcp_el.ini"="8/24/2011 1:27 PM, 97198 bytes, A Adds the file install_left_image.bmp"="6/2/2011 2:02 PM, 156296 bytes, A Adds the file isxdl.dll"="7/16/2015 11:12 AM, 156608 bytes, A Adds the file Italian_rcp.ini"="8/24/2011 1:27 PM, 94736 bytes, A Adds the file Japanese_rcp.ini"="8/24/2011 1:27 PM, 59640 bytes, A Adds the file korean_rcp_ko.ini"="8/24/2011 1:27 PM, 67956 bytes, A Adds the file Norwegian_rcp.ini"="8/24/2011 1:27 PM, 85064 bytes, A Adds the file PerfectRegistry.exe"="7/16/2015 11:12 AM, 7891904 bytes, A Adds the file polish_rcp_pl.ini"="8/24/2011 1:27 PM, 88730 bytes, A Adds the file portugese_rcp_pt.ini"="8/24/2011 1:27 PM, 91568 bytes, A Adds the file Portuguese_rcp.ini"="8/24/2011 1:27 PM, 89250 bytes, A Adds the file PRUninstall.exe"="7/16/2015 11:12 AM, 1103296 bytes, A Adds the file RegCleanPro.dll"="7/15/2015 12:33 PM, 2076672 bytes, A Adds the file russian_rcp_ru.ini"="8/24/2011 1:27 PM, 91436 bytes, A Adds the file Spanish_rcp.ini"="8/24/2011 1:27 PM, 92600 bytes, A Adds the file Swedish_rcp.ini"="8/24/2011 1:27 PM, 83538 bytes, A Adds the file TraditionalCn_rcp_zh-tw.ini"="8/24/2011 1:27 PM, 48306 bytes, A Adds the file turkish_rcp_tr.ini"="8/24/2011 1:27 PM, 89660 bytes, A Adds the file unins000.dat"="2/14/2018 9:01 AM, 29826 bytes, A Adds the file unins000.exe"="2/14/2018 9:00 AM, 1352640 bytes, A Adds the file unins000.msg"="2/14/2018 9:01 AM, 22357 bytes, A Adds the file xmllite.dll"="5/31/2011 12:09 PM, 126976 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raxco\PerfectRegistry Adds the file PerfectRegistry.lnk"="2/14/2018 9:01 AM, 1221 bytes, A Adds the file Uninstall PerfectRegistry.lnk"="2/14/2018 9:01 AM, 1186 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Raxco\PerfectRegistry Adds the file log_02-14-2018.log"="2/14/2018 9:01 AM, 0 bytes, A Adds the file results.rcp"="2/14/2018 9:04 AM, 10010 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file PerfectRegistry.lnk"="2/14/2018 9:01 AM, 1197 bytes, A In the existing folder C:\Windows\System32 Adds the file roboot64.exe"="7/16/2015 11:12 AM, 19392 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file PerfectRegistry"="2/14/2018 9:01 AM, 3134 bytes, A Adds the file PerfectRegistry_DEFAULT"="2/14/2018 9:01 AM, 2920 bytes, A Adds the file PerfectRegistry_UPDATES"="2/14/2018 9:01 AM, 3076 bytes, A In the existing folder C:\Windows\Tasks Adds the file PerfectRegistry_DEFAULT.job"="2/14/2018 9:01 AM, 310 bytes, A Adds the file PerfectRegistry_UPDATES.job"="2/14/2018 9:01 AM, 318 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures] "PerfectRegistry_DEFAULT.job"="REG_BINARY, ................................ "PerfectRegistry_DEFAULT.job.fp"="REG_DWORD", -1124049317 "PerfectRegistry_UPDATES.job"="REG_BINARY, ................................ "PerfectRegistry_UPDATES.job.fp"="REG_DWORD", 653122257 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PerfectRegistry_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Raxco\PerfectRegistry\PerfectRegistry.exe" "DisplayName"="REG_SZ", "PerfectRegistry" "DisplayVersion"="REG_SZ", "2.0" "EstimatedSize"="REG_DWORD", 14449 "HelpLink"="REG_SZ", "http://links.raxco.com/go.rax?id=PR2_HELP" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Raxco\PerfectRegistry" "Inno Setup: Icon Group"="REG_SZ", "Raxco\PerfectRegistry" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.2 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20180214" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Raxco\PerfectRegistry\" "MajorVersion"="REG_DWORD", 2 "MinorVersion"="REG_DWORD", 0 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Raxco Software Inc" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Raxco\PerfectRegistry\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Raxco\PerfectRegistry\unins000.exe" /silent" "URLInfoAbout"="REG_SZ", "http://links.raxco.com/go.rax?id=PR2_HELP" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Raxco\PerfectRegistry] "affiliateid"="REG_SZ", "" "Expired"="REG_DWORD", 0 "INSTALLWEB"="REG_SZ", "http://register.raxco.com/pd/pop/prsignup.aspx" "KeyDoubleVerify"="REG_DWORD", 0 "RCPURL"="REG_SZ", "http://links.raxco.com/go.rax?id=PR2_BUY&utm_source=raxco&utm_campaign=raxco&utm_medium=raxco&affiliateid=" "UNSITALLWEB"="REG_SZ", "http://links.raxco.com/go.rax?id=PR2_PreUninstall" "utm_campaign"="REG_SZ", "raxco" "utm_source"="REG_SZ", "raxco" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Raxco\PerfectRegistry\LANG] "LangID"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Raxco\PerfectRegistry] "AutoRepair"="REG_DWORD", 0 "ConfirmBkUps"="REG_DWORD", 1 "CurrentScanTime"="REG_BINARY, ........ "FirstRun"="REG_DWORD", 1 "GoToSystemTrayOnClose"="REG_DWORD", 0 "ImprovementProgram"="REG_DWORD", 1 "NumTimesRCPRunned"="REG_DWORD", 1 "RegErrFoundTillDate"="REG_DWORD", 0 "RegErrsFixedLast"="REG_DWORD", 0 "RegErrsFixedTillDate"="REG_DWORD", 0 "ScheduledTime"="REG_SZ", "" "SetChkREmovableMedia"="REG_DWORD", 1 "SetChkSkipEmptyKeys"="REG_DWORD", 1 "StartAutoScanOnLaunch"="REG_DWORD", 0 "StartAutoScanPMUI"="REG_DWORD", 0 "StartMinimized"="REG_DWORD", 0 "StartScan"="REG_DWORD", 0 "StartWhenWinBoots"="REG_DWORD", 1 "StrLastOptimizeTime"="REG_SZ", "" "StrLastScan"="REG_SZ", "Wed. February 14, 2018. 09:04 AM" "StrLastScanResults"="REG_SZ", "25" "StrLastStartupOpt"="REG_SZ", "" "StrLatestRegDefrag"="REG_SZ", "" "StrLatestRestorePoint"="REG_SZ", "" [HKEY_CURRENT_USER\Software\Raxco\PerfectRegistry\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 2/14/18 Scan Time: 9:19 AM Log File: c47a3d42-115f-11e8-9439-080027750297.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3948 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 242410 Threats Detected: 62 Threats Quarantined: 61 Time Elapsed: 2 min, 24 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\PerfectRegistry.exe, Quarantined, [1013], [395661],1.0.3948 Module: 4 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\isxdl.dll, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\PerfectRegistry.exe, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\RegCleanPro.dll, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\xmllite.dll, Quarantined, [1013], [395661],1.0.3948 Registry Key: 12 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PerfectRegistry, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{20E5E4B6-666E-4527-A04A-824F3CC589A2}, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{20E5E4B6-666E-4527-A04A-824F3CC589A2}, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PerfectRegistry_DEFAULT, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{099B320F-06C7-477E-B862-1C05011E2A85}, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{099B320F-06C7-477E-B862-1C05011E2A85}, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PerfectRegistry_UPDATES, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D1A5B052-CF3A-4C42-B8E4-EE4211AE6A5A}, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D1A5B052-CF3A-4C42-B8E4-EE4211AE6A5A}, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PerfectRegistry_is1, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, HKCU\SOFTWARE\RAXCO\PerfectRegistry, Quarantined, [1013], [395667],1.0.3948 PUP.Optional.PerfectRegistry, HKLM\SOFTWARE\WOW6432NODE\RAXCO\PerfectRegistry, Quarantined, [1013], [396319],1.0.3948 Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 3 PUP.Optional.PerfectRegistry, C:\PROGRAM FILES (X86)\RAXCO\PERFECTREGISTRY, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\RAXCO\PERFECTREGISTRY, Quarantined, [1013], [395662],1.0.3948 PUP.Optional.PerfectRegistry, C:\USERS\{username}\APPDATA\ROAMING\RAXCO\PERFECTREGISTRY, Removal Failed, [1013], [396318],1.0.3948 File: 42 PUP.Optional.PerfectRegistry, C:\USERS\PUBLIC\DESKTOP\PERFECTREGISTRY.LNK, Quarantined, [1013], [395663],1.0.3948 PUP.Optional.PerfectRegistry, C:\WINDOWS\TASKS\PerfectRegistry_DEFAULT.job, Quarantined, [1013], [395665],1.0.3948 PUP.Optional.PerfectRegistry, C:\WINDOWS\TASKS\PerfectRegistry_UPDATES.job, Quarantined, [1013], [395665],1.0.3948 PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, Quarantined, [217], [395666],1.0.3948 PUP.Optional.PerfectRegistry, C:\WINDOWS\SYSTEM32\TASKS\PerfectRegistry, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, C:\WINDOWS\SYSTEM32\TASKS\PerfectRegistry_DEFAULT, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, C:\WINDOWS\SYSTEM32\TASKS\PerfectRegistry_UPDATES, Quarantined, [1013], [395664],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\Chinese_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\CleanSchedule.exe, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\Danish_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\Dutch_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\eng_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\Finnish_rcp_fi.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\French_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\German_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\greek_rcp_el.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\install_left_image.bmp, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\isxdl.dll, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\Italian_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\Japanese_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\korean_rcp_ko.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\Norwegian_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\PerfectRegistry.exe, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\polish_rcp_pl.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\portugese_rcp_pt.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\Portuguese_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\PRUninstall.exe, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\RegCleanPro.dll, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\russian_rcp_ru.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\Spanish_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\Swedish_rcp.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\TraditionalCn_rcp_zh-tw.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\turkish_rcp_tr.ini, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\unins000.dat, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\unins000.exe, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\unins000.msg, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\Program Files (x86)\Raxco\PerfectRegistry\xmllite.dll, Quarantined, [1013], [395661],1.0.3948 PUP.Optional.PerfectRegistry, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raxco\PerfectRegistry\PerfectRegistry.lnk, Quarantined, [1013], [395662],1.0.3948 PUP.Optional.PerfectRegistry, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raxco\PerfectRegistry\Uninstall PerfectRegistry.lnk, Quarantined, [1013], [395662],1.0.3948 PUP.Optional.PerfectRegistry, C:\Users\{username}\AppData\Roaming\Raxco\PerfectRegistry\log_02-14-2018.log, Quarantined, [1013], [396318],1.0.3948 PUP.Optional.PerfectRegistry, C:\Users\{username}\AppData\Roaming\Raxco\PerfectRegistry\results.rcp, Quarantined, [1013], [396318],1.0.3948 PUP.Optional.PerfectRegistry, C:\USERS\{username}\DESKTOP\PRSETUP.EXE, Quarantined, [1013], [395680],1.0.3948 Physical Sector: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.