Registry Cleaner

Catégorie: Adwares et PUA Protection disponible depuis:27 août 2013 01:47:06 (GMT)
Type: Unspecified PUA Dernière mise à jour :19 déc. 2017 01:11:28 (GMT)

Download Téléchargez notre outil gratuit de suppression des virus - Découvrez ce que votre antivirus actuel n'a pas su détecter

Examples of Registry Cleaner include:

Example 1

File Information

Size
4.8M
SHA-1
2dd5bde756e0bb974bcce667f751c23864c8263c
MD5
b53bd35230f2b9b7537c616bfce83962
CRC-32
e8f2989f
File type
Windows executable
First seen
2014-01-07

Runtime Analysis

Dropped Files
  • C:\Program Files\RegClean Pro\Finnish_rcp_fi.ini
  • C:\Documents and Settings\All Users\Desktop\RegClean Pro.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\RegClean Pro\Uninstall RegClean Pro.lnk
  • c:\Documents and Settings\test user\Application Data\Advanced System Protector\aspsetup.exe
  • C:\Documents and Settings\All Users\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk
  • c:\Documents and Settings\test user\Application Data\systweak\RegClean Pro\Version 6.1\eng_rcp.dat
  • c:\Documents and Settings\test user\Application Data\systweak\RegClean Pro\Version 6.1\log_01-25-2014.log
  • c:\Documents and Settings\test user\Application Data\systweak\ssd\SSDPTstub.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\is-40H0E.tmp\_isetup\_shfoldr.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\aff.conf
  • c:\Documents and Settings\test user\Local Settings\Temp\BackupSetup.exe
  • C:\Program Files\RegClean Pro\Chinese_uninst.ini
  • c:\Documents and Settings\test user\Local Settings\Temp\nsz3.tmp\NSISdl.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\is-0L2PJ.tmp\sample.tmp
  • c:\Documents and Settings\test user\Local Settings\Temp\is-40H0E.tmp\isxdl.dll
  • C:\Program Files\RegClean Pro\install_left_image.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\is-4MM63.tmp\systweakasp.tmp
  • C:\Program Files\RegClean Pro\Cloud_Backup_Setup.exe
  • C:\Program Files\RegClean Pro\German_uninst.ini
  • C:\Program Files\RegClean Pro\Norwegian_uninst.ini
  • C:\Program Files\RegClean Pro\greek_rcp_el.ini
  • C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
  • C:\Program Files\RegClean Pro\Chinese_rcp.ini
  • C:\Program Files\RegClean Pro\Danish_rcp.ini
  • C:\Program Files\RegClean Pro\korean_uninst_ko.ini
  • C:\Program Files\RegClean Pro\greek_uninst_el.ini
  • C:\Program Files\RegClean Pro\polish_rcp_pl.ini
  • C:\Program Files\RegClean Pro\German_rcp.ini
  • C:\Program Files\RegClean Pro\Cloud_Backup_Setup_Intl.exe
  • C:\Program Files\RegClean Pro\French_rcp.ini
  • C:\Program Files\RegClean Pro\Dutch_rcp.ini
  • C:\Program Files\RegClean Pro\CleanSchedule.exe
  • C:\Program Files\RegClean Pro\Dutch_uninst.ini
  • C:\Program Files\RegClean Pro\korean_rcp_ko.ini
  • C:\Program Files\RegClean Pro\eng_rcp.ini
  • C:\Program Files\RegClean Pro\russian_rcp_ru.ini
  • C:\Program Files\RegClean Pro\Spanish_rcp.ini
  • C:\Program Files\RegClean Pro\russian_uninst_ru.ini
  • C:\Program Files\RegClean Pro\SSDPTstub.exe
  • C:\Program Files\RegClean Pro\eng_uninst.ini
  • C:\Program Files\RegClean Pro\Italian_rcp.ini
  • C:\Program Files\RegClean Pro\RegCleanPro.exe
  • C:\Program Files\RegClean Pro\portugese_uninst_pt.ini
  • C:\Program Files\RegClean Pro\Finnish_uninst_fi.ini
  • C:\Program Files\RegClean Pro\Portuguese_rcp.ini
  • C:\Program Files\RegClean Pro\Japanese_rcp.ini
  • C:\Program Files\RegClean Pro\Japanese_uninst.ini
  • C:\Program Files\RegClean Pro\isxdl.dll
  • C:\Program Files\RegClean Pro\French_uninst.ini
  • C:\Program Files\RegClean Pro\Danish_uninst.ini
  • C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
  • C:\Program Files\RegClean Pro\RegCleanPro.dll
  • C:\Program Files\RegClean Pro\Portuguese_uninst.ini
  • C:\Program Files\RegClean Pro\Italian_uninst.ini
  • C:\Program Files\RegClean Pro\polish_uninst_pl.ini
  • C:\WINDOWS\system32\roboot.exe
  • C:\Program Files\RegClean Pro\portugese_rcp_pt.ini
  • C:\Program Files\RegClean Pro\spanish_uninst.ini
  • C:\Program Files\RegClean Pro\RCPUninstall.exe
  • C:\Program Files\RegClean Pro\systweakasp.exe
  • C:\Program Files\RegClean Pro\Swedish_rcp.ini
  • C:\Program Files\RegClean Pro\xmllite.dll
  • C:\Program Files\RegClean Pro\traditionalcn_uninst_zh-tw.ini
  • C:\Program Files\RegClean Pro\TraditionalCn_rcp_zh-tw.ini
  • C:\Program Files\RegClean Pro\unins000.msg
  • C:\Program Files\RegClean Pro\unins000.dat
  • C:\Program Files\RegClean Pro\Turkish_uninst_tr.ini
  • C:\Program Files\RegClean Pro\turkish_rcp_tr.ini
  • C:\Program Files\RegClean Pro\swedish_uninst.ini
  • C:\Program Files\RegClean Pro\unins000.exe
  • C:\Program Files\RegClean Pro\Norwegian_rcp.ini
  • C:\Documents and Settings\All Users\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk
Registry Keys Created
  • HKCU\Software\systweak\RegClean Pro
    ErrorCount
    0x00000000
  • HKCU\Software\systweak\RegClean Pro\Version 6.1
    FirstRun
    0x00000001
  • HKCU\Software\systweak\ssd
    ASO3AFFILIATE
  • HKLM\SOFTWARE\Systweak\RegClean Pro\Version 6.1\LANG
    LangID
    0x00000000
  • HKCR\JScript.Compact
    (Default)
    JScript Compact Profile (ECMA 327)
  • HKCR\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    (Default)
    FTP Installer to handle FTP Associations
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014012520140126
    CacheRepair
    0x00000000
  • HKCR\JScript.Compact\CLSID
    (Default)
    {cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}
  • HKCR\JavaScript1.2 AuthorJavaScript1.3 Author\CLSID
    (Default)
    {f414c261-6ac0-11cf-b6d1-00aa00bbbb58}
  • HKCR\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}
    (Default)
    JScript Compact Profile (ECMA 327)
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    SystweakASP
    "C:\Program Files\RegClean Pro\SystweakASP.exe" /verysilent
  • HKCR\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32
    ThreadingModel
    Both
  • HKCU\Software\Licenses
    {0DE49903F6A7893C6}
    V>□□□□□□□p□□□□□0□□@□□@□□@-□ f□□□□□□□□□□□□□p□□ =□□□□□=□□□□□f□□□□□D□□□□□f□□□□□P□□□□□□□□(□`d□□3□□□□□□□□Y□0□□□□□□$□□□□0?□□□□□'□□□□ □□P□□□A□0□□□□□□m□□□□P□□□`□P□□□□□□d□ □□□x□□□□@□□@m□P□□□□□0:□ □□@□□□c□□□□□5□p□□@□□P□□□□□□□□P□□□k□`□□□□□□□□□Q□□□□p
  • HKCR\ECMAScript Author\CLSID
    (Default)
    {f414c261-6ac0-11cf-b6d1-00aa00bbbb58}
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
    MinorVersion
    0x00000015
  • HKCR\JavaScript1.2 AuthorJavaScript1.3 Author
    (Default)
    JScript Language Authoring
  • HKCR\ECMAScript Author
    (Default)
    JScript Language Authoring
  • HKCR\JScript.Compact Author\CLSID
    (Default)
    {f414c261-6ac0-11cf-b6d1-00aa00bbbb58}
  • HKCU\Software\systweak
    MachineID
  • HKCU\Software\systweak\RegClean Pro\Version 6.1\LANG
    LangID
    0x00000000
  • HKLM\SOFTWARE\Systweak\Params
    affiliateid
  • HKLM\SOFTWARE\Systweak\RegClean Pro\Version 6.1
    FirstTimeASPFired
    0x00000001
  • HKLM\SOFTWARE\Systweak\ssd
    ASO3AFFILIATE
  • HKCR\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}\InProcServer32
    ThreadingModel
    Apartment
  • HKCR\JScript.Compact Author
    (Default)
    JScript Language Authoring
  • HKLM\SOFTWARE\Systweak
    MachineID
  • HKCR\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\ProgID
    (Default)
    JScript.Compact
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    GlobalUserOffline
    0x00000000
Registry Keys Modified
  • HKLM\SYSTEM\CurrentControlSet\Services\Schedule
    Start
    0x00000002
  • HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
    Name
    RegCleanPro.exe
Processes Created
  • c:\docume~1\support\locals~1\temp\is-0l2pj.tmp\sample.tmp
  • c:\docume~1\support\locals~1\temp\is-4mm63.tmp\systweakasp.tmp
  • c:\program files\regclean pro\cloud_backup_setup.exe
  • c:\program files\regclean pro\regcleanpro.exe
  • c:\program files\regclean pro\systweakasp.exe
  • c:\windows\system32\regsvr32.exe
HTTP Requests
  • http://cdn.mypcbackup.com/MyPCBackup_Setup.exe
  • http://cdn.systweak.com/safedl/aspsetup_systweak_default.exe
  • http://crl.microsoft.com/pki/crl/products/CSPCA.crl
  • http://crl.verisign.com/pca3-g5.crl
  • http://crl.verisign.com/pca3.crl
  • http://csc3-2010-aia.verisign.com/CSC3-2010.cer
  • http://csc3-2010-crl.verisign.com/CSC3-2010.crl
  • http://download.microsoft.com/download/d/d/9/dd9a82d0-52ef-40db-8dab-795376989c03/vcredist_x86.exe
  • http://network.adsmarket.com/cpx
  • http://powerbundle.systweak.com/ASP/firstinstall/
  • http://powerbundle.systweak.com/images/ASP/asp_logo.jpg
  • http://powerbundle.systweak.com/images/en-US/ASP/ASP_screenshot.jpg
  • http://powerbundle.systweak.com/images/repeat_x.png
  • http://powerbundle.systweak.com/js/ie6.js
  • http://powerbundle.systweak.com/js/iepngfix.htc
  • http://powerbundle.systweak.com/js/iepngfix_tilebg.js
  • http://track.mypcbackup.com/8695a4a3/systweakinstall/MyPCBackup_Setup.exe
  • http://track.mypcbackup.com/aadebc4830c51c2794a960fe5a9e11df.php
  • http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt
  • http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt
  • http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
  • http://www.google-analytics.com/__utm.gif
  • http://www.google-analytics.com/ga.js
  • http://www.systweak.com/Images/Common/HeadProducts.jpg
  • http://www.systweak.com/Images/Common/header_bottom_black.jpg
  • http://www.systweak.com/Images/common/Mainbg.jpg
  • http://www.systweak.com/Images/footer_bg.gif
  • http://www.systweak.com/Images/rc/common/RC_ss1.jpg
  • http://www.systweak.com/Images/rc/common/awards.jpg
  • http://www.systweak.com/Images/rc/common/rcp_after_install_tollfree_no.gif
  • http://www.systweak.com/Images/rc/common/steps1.jpg
  • http://www.systweak.com/Systweak.css
  • http://www.systweak.com/registryCleaner/afterinstall.asp
DNS Requests
  • cdn.mypcbackup.com
  • cdn.systweak.com
  • crl.microsoft.com
  • crl.verisign.com
  • csc3-2010-aia.verisign.com
  • csc3-2010-crl.verisign.com
  • download.microsoft.com
  • network.adsmarket.com
  • powerbundle.systweak.com
  • track.mypcbackup.com
  • updates4.systweak.com
  • www.download.windowsupdate.com
  • www.google-analytics.com
  • www.systweak.com

Example 2

File Information

Size
1.8M
SHA-1
aa860b9c024e839cddb11aa14f6cf51342e5a7e0
MD5
0d2a4a7a6754d743d5cdfc44b46d0f37
CRC-32
bed7e978
File type
Windows executable
First seen
2015-01-29

Runtime Analysis

Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    GlobalUserOffline
    0x00000000
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
    Administrative Tools
    c:\Documents and Settings\test user\Start Menu\Programs\Administrative Tools
Processes Created
  • c:\docume~1\support\locals~1\temp\7zipsfx.000\rpc2a.exe
  • c:\docume~1\support\locals~1\temp\is-p4jco.tmp\rpc2a.tmp
HTTP Requests
  • http://download.microsoft.com/download/2/6/1/261fca42-22c0-4f91-9451-0e0f2e08356d/WindowsXP-KB942288-v3-x86.exe
DNS Requests
  • download.microsoft.com

Example 3

File Information

Size
5.4M
SHA-1
c00f12003487d1960e315e3c727c52ffe2e1d676
MD5
8cabb0278fd491e4b196e1f38e728ff4
CRC-32
876fe39f
File type
Windows executable
First seen
2013-12-02

Runtime Analysis

Dropped Files
  • C:\Documents and Settings\All Users\Application Data\Systweak\Advanced System Protector\log.xslt
  • C:\Program Files\Advanced System Protector\japanese_asp_JA.ini
  • C:\Program Files\Advanced System Protector\ASPUninstall.exe
  • C:\Program Files\Advanced System Protector\asp.ico
  • c:\Documents and Settings\test user\Application Data\Systweak\RegClean Pro\Version 6.1\eng_rcp.dat
  • C:\Program Files\Advanced System Protector\Danish_uninst.ini
  • C:\Program Files\Advanced System Protector\SSDPTstub.exe
  • C:\Program Files\Advanced System Protector\russian_uninst_ru.ini
  • C:\Program Files\Advanced System Protector\Communication.dll
  • C:\Program Files\Advanced System Protector\eng_asp_en.ini
  • C:\Documents and Settings\All Users\Start Menu\Programs\Advanced System Protector\Register Advanced System Protector.lnk
  • C:\Program Files\Advanced System Protector\German_uninst.ini
  • C:\Program Files\Advanced System Protector\filetypehelper.exe
  • c:\Documents and Settings\test user\Start Menu\Programs\Startup\MyPC Backup.lnk
  • C:\Program Files\Advanced System Protector\Finnish_uninst_fi.ini
  • c:\Documents and Settings\test user\Application Data\Systweak\ssd\SSDPTstub.exe
  • C:\Program Files\Advanced System Protector\Troubleshooter\asp-fixer.exe
  • C:\Program Files\Advanced System Protector\System.Core.dll
  • c:\Documents and Settings\test user\Desktop\MyPC Backup.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\Advanced System Protector\Advanced System Protector Trouble Shooter.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk
  • C:\Program Files\Advanced System Protector\dutch_asp_NL.ini
  • C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll
  • c:\Documents and Settings\test user\Application Data\Systweak\RegClean Pro\Version 6.1\log_07-18-2014.log
  • C:\Program Files\Advanced System Protector\Troubleshooter\asp-fixer.scr
  • C:\Program Files\MyPC Backup\BackupStack.exe
  • c:\Documents and Settings\test user\Start Menu\Programs\MyPC Backup\Uninstall.lnk
  • C:\Program Files\Advanced System Protector\Japanese_uninst.ini
  • c:\Documents and Settings\test user\Application Data\Microsoft\CryptnetUrlCache\Content\782D7E2BFB036A849A99FFA65C652D39
  • C:\Program Files\MyPC Backup\AlphaVSS.60.x86.dll
  • C:\Program Files\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL
  • C:\Program Files\Advanced System Protector\eng_uninst.ini
  • C:\Program Files\Advanced System Protector\swedish_asp_SV.ini
  • C:\Program Files\RegClean Pro\korean_rcp_ko.ini
  • C:\Program Files\MyPC Backup\Service Start.exe
  • C:\Program Files\Advanced System Protector\Finnish_asp_FI.ini
  • C:\Program Files\Advanced System Protector\french_asp_FR.ini
  • C:\Program Files\Advanced System Protector\Troubleshooter\asp-fixer.pif
  • C:\Program Files\MyPC Backup\mypcbackup.ico
  • C:\Program Files\RegClean Pro\RegCleanPro.exe
  • C:\Program Files\RegClean Pro\russian_rcp_ru.ini
  • C:\Program Files\RegClean Pro\Portuguese_rcp.ini
  • C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1.manifest
  • C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e.manifest
  • C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03.manifest
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
  • C:\WINDOWS\system32\roboot.exe
  • C:\Program Files\Advanced System Protector\AppResource.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\BackupSetup.exe
  • c:\Documents and Settings\test user\Application Data\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp
  • C:\Program Files\Advanced System Protector\portugese_uninst_pt.ini
  • C:\Program Files\Advanced System Protector\spanish_asp_ES.ini
  • C:\Program Files\Advanced System Protector\Interop.IWshRuntimeLibrary.dll
  • C:\Program Files\Advanced System Protector\polish_uninst_pl.ini
  • C:\Program Files\Advanced System Protector\Italian_uninst.ini
  • C:\Program Files\MyPC Backup\MPCBIconOverlays.dll
  • C:\Program Files\Advanced System Protector\swedish_uninst.ini
  • C:\Program Files\Advanced System Protector\russian_asp_ru.ini
  • C:\Program Files\MyPC Backup\AlphaVSS.51.x86.dll
  • C:\Program Files\Advanced System Protector\traditionalcn_uninst_zh-tw.ini
  • C:\Program Files\Advanced System Protector\Portuguese_uninst.ini
  • C:\Program Files\Advanced System Protector\korean_uninst_ko.ini
  • C:\Program Files\Advanced System Protector\unins000.dat
  • C:\Program Files\Advanced System Protector\loading_withWhiteBG.avi
  • C:\Program Files\Advanced System Protector\scandll.dll
  • C:\Program Files\Advanced System Protector\spanish_uninst.ini
  • C:\Program Files\Advanced System Protector\portuguese_asp_PT-BR.ini
  • C:\Program Files\MyPC Backup\Crypto64.dll
  • C:\Program Files\MyPC Backup\GetText.dll
  • C:\Program Files\Advanced System Protector\Troubleshooter\ASP-Troubleshooter.chm
  • C:\Program Files\MyPC Backup\fr_FR.mo
  • C:\Program Files\Advanced System Protector\Xceed.Zip.dll
  • C:\Program Files\Advanced System Protector\unins000.exe
  • C:\Program Files\MyPC Backup\uninst.exe
  • C:\Program Files\Advanced System Protector\System.Data.SQLite.dll
  • C:\Program Files\Advanced System Protector\Troubleshooter\firefox.com
  • C:\Program Files\Advanced System Protector\Turkish_uninst_tr.ini
  • C:\Program Files\MyPC Backup\Database\mpcb_file_cache.db
  • C:\Program Files\MyPC Backup\Database\mpcb_sig_cache.db
  • C:\Program Files\Advanced System Protector\Troubleshooter\iexplore.lnk
  • C:\Program Files\RegClean Pro\German_rcp.ini
  • C:\Program Files\MyPC Backup\Crypto32.dll
  • C:\Program Files\Advanced System Protector\Xceed.Compression.dll
  • C:\Program Files\MyPC Backup\MPCBContextMenu.dll
  • C:\Program Files\MyPC Backup\es_ES.mo
  • C:\Program Files\MyPC Backup\Updater.exe
  • C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
  • C:\Program Files\Advanced System Protector\Troubleshooter\asp-fixer.com
  • C:\Program Files\Advanced System Protector\unins000.msg
  • C:\Program Files\RegClean Pro\systweakasp.exe
  • C:\Program Files\Advanced System Protector\Troubleshooter\iexplore.exe
  • C:\Program Files\MyPC Backup\pt_PT.mo
  • C:\Program Files\RegClean Pro\xmllite.dll
  • C:\Program Files\RegClean Pro\Swedish_rcp.ini
  • C:\Program Files\MyPC Backup\tick.ico
  • C:\Program Files\MyPC Backup\Signup Wizard.exe
  • C:\Program Files\MyPC Backup\syncing.ico
  • C:\Program Files\RegClean Pro\Spanish_rcp.ini
  • C:\Program Files\MyPC Backup\syncicon.ico
  • C:\Program Files\RegClean Pro\TraditionalCn_rcp_zh-tw.ini
  • C:\Program Files\MyPC Backup\RegisterExtensionDotNet20_x86.exe
  • C:\Program Files\RegClean Pro\Japanese_rcp.ini
  • C:\Program Files\RegClean Pro\turkish_rcp_tr.ini
  • C:\Program Files\RegClean Pro\polish_rcp_pl.ini
  • C:\Program Files\RegClean Pro\RegCleanPro.dll
  • C:\Program Files\RegClean Pro\Norwegian_rcp.ini
  • C:\Program Files\MyPC Backup\x64\System.Data.SQLite.dll
  • C:\Program Files\RegClean Pro\unins000.dat
  • C:\Program Files\RegClean Pro\install_left_image.bmp
  • C:\Program Files\RegClean Pro\Danish_rcp.ini
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
  • C:\Program Files\RegClean Pro\Cloud_Backup_Setup.exe
  • C:\Program Files\RegClean Pro\Chinese_rcp.ini
  • C:\Program Files\RegClean Pro\Finnish_rcp_fi.ini
  • C:\Program Files\RegClean Pro\greek_rcp_el.ini
  • C:\Program Files\RegClean Pro\Dutch_rcp.ini
  • C:\Program Files\RegClean Pro\unins000.msg
  • C:\Program Files\RegClean Pro\eng_rcp.ini
  • C:\Program Files\RegClean Pro\isxdl.dll
  • C:\Program Files\RegClean Pro\Italian_rcp.ini
  • C:\WINDOWS\Installer\2940c.msi
  • C:\Program Files\MyPC Backup\diffstack.dll
  • C:\Program Files\MyPC Backup\AWSSDK.dll
  • C:\Program Files\MyPC Backup\de_DE.mo
  • C:\Program Files\RegClean Pro\RCPUninstall.exe
  • C:\Program Files\MyPC Backup\AlphaVSS.Common.dll
  • C:\Program Files\MyPC Backup\Database\mpcb_queues.db
  • C:\Program Files\MyPC Backup\AlphaVSS.52.x86.dll
  • C:\Program Files\MyPC Backup\log\WAIT_HANDLES.log
  • C:\Program Files\Advanced System Protector\unrar.dll
  • C:\Program Files\MyPC Backup\Shared Stack.dll
  • C:\Program Files\MyPC Backup\RegisterExtensionDotNet20_x64.exe
  • C:\Program Files\Advanced System Protector\Xceed.FileSystem.dll
  • C:\Program Files\MyPC Backup\RestartExplorer.exe
  • C:\Program Files\MyPC Backup\AlphaVSS.60.x64.dll
  • C:\Program Files\MyPC Backup\aff.conf
  • C:\Program Files\RegClean Pro\French_rcp.ini
  • C:\Program Files\MyPC Backup\Configuration Updater.exe
  • C:\Program Files\MyPC Backup\ObjectListView.dll
  • C:\Program Files\MyPC Backup\Database\mpcb_settings.db
  • C:\Program Files\RegClean Pro\portugese_rcp_pt.ini
  • C:\Program Files\MyPC Backup\LogicNP.EZShellExtensions.dll
  • C:\Program Files\MyPC Backup\UnRegisterExtensions.exe
  • C:\Program Files\MyPC Backup\MyPC Backup.exe
  • C:\Program Files\RegClean Pro\unins000.exe
  • C:\Program Files\Advanced System Protector\AspManager.exe
  • C:\Documents and Settings\All Users\Application Data\Systweak\Advanced System Protector\AddonSafelist
  • C:\Program Files\Advanced System Protector\categories.ini
  • C:\Program Files\Advanced System Protector\danish_asp_DA.ini
  • C:\Program Files\MyPC Backup\it_IT.mo
  • c:\Documents and Settings\test user\Local Settings\Temp\vcredist_x86.exe
  • C:\Program Files\Advanced System Protector\Chinese_asp_ZH-CN.ini
  • C:\Program Files\Advanced System Protector\italian_asp_IT.ini
  • C:\Documents and Settings\All Users\Start Menu\Programs\Advanced System Protector\Uninstall Advanced System Protector.lnk
  • C:\Documents and Settings\All Users\Desktop\RegClean Pro.lnk
  • C:\Program Files\Advanced System Protector\Dutch_uninst.ini
  • c:\Documents and Settings\test user\Local Settings\Temp\dd_vcredistMSI5EA1.txt
  • C:\Program Files\Advanced System Protector\norwegian_asp_NO.ini
  • C:\Documents and Settings\All Users\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk
  • C:\Program Files\Advanced System Protector\german_asp_DE.ini
  • C:\Documents and Settings\All Users\Start Menu\Programs\RegClean Pro\Uninstall RegClean Pro.lnk
  • c:\Documents and Settings\test user\Start Menu\Programs\MyPC Backup\MyPC Backup.lnk
  • C:\Documents and Settings\All Users\Desktop\Advanced System Protector.lnk
  • c:\Documents and Settings\test user\Local Settings\Temp\dd_vcredistUI5EA1.txt
  • C:\Program Files\Advanced System Protector\greek_uninst_el.ini
  • C:\Documents and Settings\All Users\Start Menu\Programs\Advanced System Protector\Advanced System Protector.lnk
  • c:\Documents and Settings\test user\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
  • c:\Documents and Settings\test user\Application Data\Microsoft\CryptnetUrlCache\Content\0E506CEBBC8B162CFB2D72DB4891DCAE
  • C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe
  • c:\Documents and Settings\test user\Application Data\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp
  • c:\Documents and Settings\test user\Application Data\Systweak\RegClean Pro\Version 6.1\results.rcp
  • c:\Documents and Settings\test user\Local Settings\Temp\nss6.tmp\nsSCM.dll
  • c:\Documents and Settings\test user\Application Data\Microsoft\CryptnetUrlCache\MetaData\0E506CEBBC8B162CFB2D72DB4891DCAE
  • c:\Documents and Settings\test user\Application Data\Microsoft\CryptnetUrlCache\MetaData\782D7E2BFB036A849A99FFA65C652D39
  • c:\Documents and Settings\test user\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
  • C:\Program Files\Advanced System Protector\Chinese_uninst.ini
  • c:\Documents and Settings\test user\Local Settings\Temp\is-VBOR4.tmp\sample.tmp
  • C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe.config
  • C:\Program Files\Advanced System Protector\French_uninst.ini
  • C:\Program Files\Advanced System Protector\aspsys.dll
  • C:\Program Files\Advanced System Protector\Xceed.Compression.Formats.dll
  • C:\WINDOWS\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_x-ww_b8438ace\9.0.30729.1.cat
  • C:\Program Files\RegClean Pro\Cloud_Backup_Setup_Intl.exe
  • C:\Program Files\MyPC Backup\MPCBClient.dll
  • C:\Program Files\Advanced System Protector\clamunpack\clamscan.exe
  • C:\Program Files\RegClean Pro\CleanSchedule.exe
  • C:\Program Files\Advanced System Protector\clamunpack\libclamav.dll
  • C:\Program Files\MyPC Backup\Database\mpcb_backup_conf.db
  • C:\Program Files\Advanced System Protector\Norwegian_uninst.ini
  • C:\Program Files\Advanced System Protector\clamunpack\readme.txt
  • c:\Documents and Settings\test user\Local Settings\Temp\mpbtrk.log
  • C:\Program Files\Advanced System Protector\TPS.ico
  • C:\Program Files\MyPC Backup\AlphaVSS.52.x64.dll
  • C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943.manifest
  • C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1.cat
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
  • C:\WINDOWS\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_x-ww_9e7eb501\9.0.30729.1.policy
  • C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
  • C:\WINDOWS\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.30729.1.policy
  • C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2.cat
  • C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e.cat
  • C:\WINDOWS\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_x-ww_6ad67377\9.0.21022.8.cat
  • C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
  • C:\WINDOWS\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_x-ww_b8438ace\9.0.30729.1.policy
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
  • C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2.manifest
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
  • C:\WINDOWS\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_x-ww_4ee8bb30\9.0.30729.1.policy
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
  • C:\WINDOWS\system32\sasnative32.exe
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
  • C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03.cat
  • C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943.cat
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
  • C:\WINDOWS\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.30729.1.cat
  • C:\WINDOWS\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_x-ww_6ad67377\9.0.21022.8.policy
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
  • C:\WINDOWS\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_x-ww_4ee8bb30\9.0.30729.1.cat
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
  • C:\WINDOWS\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_x-ww_9e7eb501\9.0.30729.1.cat
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
  • C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
Modified Files
  • %PROFILE%\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9
    • Changed the file contents
  • %PROFILE%\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004
  • %PROFILE%\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9
  • %PROFILE%\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004
Registry Keys Created
  • HKCU\Software\Systweak
    MachineID
  • HKCR\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    (Default)
    Microsoft.Vsa.Vb.CodeDOM.Location
  • HKCR\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}\InprocServer32
    Assembly
    Microsoft.Vsa.Vb.CodeDOMProcessor, Version=7.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    SystweakASP
    "C:\Program Files\RegClean Pro\SystweakASP.exe" /verysilent
  • HKCU\Software\Licenses
    {0DE49903F6A7893C6}
    V>□□□□□□□p□□□□□0□□`□□@□□`.□ f□□□□□□□□□□□□□p□□ =□□□□□=□□□□ e□□□□□G□□□□□e□□□□ S□□□□□□□□+□@g□□0□□□□□□□□Y□`□□pK□□u□`□□0?□□□□□'□□□□p□□P□□□□□□□□`□□□j□□□□p□□□6□P□□□□□□d□ □□□x□□□□@□□@m□□□□□□□0:□ □□@□□□c□□□□□5□p□□@□□P□□□□□@□□□?□□1□□□□ □□□b□□□□ Z□
  • HKLM\SYSTEM\CurrentControlSet\Services\BackupStack\Security
    Security
    □□□@□□□□□□□□□□□□□□@□□□□□□□□□□□ □□□□□□□□□□□ □□@□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□@□□□□□□□□@□□□□□ □□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□@□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□0□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□ □□□□□
  • HKCU\Software\Systweak\RegClean Pro
    ErrorCount
    0x00000000
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
    MinorVersion
    0x00000015
  • HKLM\SOFTWARE\Systweak\Advanced System Protector\LANG
    LangID
    0x00000000
  • HKCR\JavaScript1.2 AuthorJavaScript1.3 Author
    (Default)
    JScript Language Authoring
  • HKCR\ECMAScript Author
    (Default)
    JScript Language Authoring
  • HKCR\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}\Implemented Categories\{62C8FE65-4EBB-45E7-B440-6E39B2CDBF29}
    (Default)
  • HKLM\SOFTWARE\Systweak\Params
    TELNO
    (800)-859-6475
  • HKLM\SOFTWARE\Systweak\RegClean Pro\Version 6.1
    FirstTimeASPFired
    0x00000001
  • HKLM\SOFTWARE\Systweak\ssd
    ASO3AFFILIATE
  • HKCU\Software\Systweak\Advanced System Protector\LANG
    LangID
    0x00000000
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InProgress
    (Default)
    c:\WINDOWS\Installer\2940a.ipi
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
    HelpLink
    http://support.mypcbackup.com
  • HKCR\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\ProgID
    (Default)
    JScript.Compact
  • HKLM\SOFTWARE\Systweak
    MachineID
  • HKCR\JavaScript1.2 AuthorJavaScript1.3 Author\CLSID
    (Default)
    {f414c261-6ac0-11cf-b6d1-00aa00bbbb58}
  • HKCR\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32
    ThreadingModel
    Both
  • HKCU\Software\Systweak\ssd
    ASO3AFFILIATE
  • HKCR\ECMAScript Author\CLSID
    (Default)
    {f414c261-6ac0-11cf-b6d1-00aa00bbbb58}
  • HKCU\Software\Systweak\RegClean Pro\Version 6.1
    FirstRun
    0x00000001
  • HKLM\SOFTWARE\Systweak\Advanced System Protector
    afterInstallUrl
    http://powerbundle.systweak.com/ASP/firstinstall/?newasp=1&utm_content=AfterInstall&utm_term=Setup&page=install&
  • HKCR\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}\ProgId
    (Default)
    Microsoft.Vsa.Vb.CodeDOM.Location
  • HKCU\Software\Systweak\RegClean Pro\Version 6.1\LANG
    LangID
    0x00000000
  • HKCR\JScript.Compact Author\CLSID
    (Default)
    {f414c261-6ac0-11cf-b6d1-00aa00bbbb58}
  • HKCR\JScript.Compact Author
    (Default)
    JScript Language Authoring
  • HKLM\SYSTEM\CurrentControlSet\Services\BackupStack
    ObjectName
    LocalSystem
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    GlobalUserOffline
    0x00000000
  • HKCU\Software\Systweak\Advanced System Protector
    InstalledPath
    C:\Program Files\Advanced System Protector
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MyPC Backup
    (Default)
    C:\Program Files\MyPC Backup\BackupStack.exe
  • HKLM\SOFTWARE\Systweak\RegClean Pro\Version 6.1\LANG
    LangID
    0x00000000
  • HKCR\JScript.Compact
    (Default)
    JScript Compact Profile (ECMA 327)
  • HKCR\JScript.Compact\CLSID
    (Default)
    {cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}
  • HKCR\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}
    (Default)
    JScript Compact Profile (ECMA 327)
Registry Keys Modified
  • HKLM\SYSTEM\CurrentControlSet\Services\Schedule
    Start
    0x00000002
  • HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
    Name
    RegCleanPro.exe
Processes Created
  • c:\052f30dd19bdea27db090231fb33\install.exe
  • c:\docume~1\support\locals~1\temp\backupsetup.exe
  • c:\docume~1\support\locals~1\temp\is-vbor4.tmp\sample.tmp
  • c:\docume~1\support\locals~1\temp\nss6.tmp\ns7.tmp
  • c:\docume~1\support\locals~1\temp\nss6.tmp\ns8.tmp
  • c:\docume~1\support\locals~1\temp\vcredist_x86.exe
  • c:\program files\regclean pro\cloud_backup_setup.exe
  • c:\program files\regclean pro\regcleanpro.exe
  • c:\program files\regclean pro\systweakasp.exe
  • c:\windows\system32\regsvr32.exe
  • c:\windows\system32\taskkill.exe
HTTP Requests
  • http://cdn.mypcbackup.com/MyPCBackup_Setup.exe
  • http://cdn.systweak.com/safedl/aspsetup_systweak_default.exe
  • http://crl.microsoft.com/pki/crl/products/CSPCA.crl
  • http://crl.verisign.com/pca3-g5.crl
  • http://crl3.digicert.com/sha2-assured-cs-g1.crl
  • http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl
  • http://csc3-2010-crl.verisign.com/CSC3-2010.crl
  • http://download.microsoft.com/download/d/d/9/dd9a82d0-52ef-40db-8dab-795376989c03/vcredist_x86.exe
  • http://track.mypcbackup.com/8695a4a3/systweakinstall/MyPCBackup_Setup.exe
  • http://track.mypcbackup.com/aadebc4830c51c2794a960fe5a9e11df.php
  • http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43.crt
  • http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5.crt
  • http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt
  • http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
DNS Requests
  • cdn.mypcbackup.com
  • cdn.systweak.com
  • crl.microsoft.com
  • crl.verisign.com
  • crl3.digicert.com
  • crl4.digicert.com
  • csc3-2010-crl.verisign.com
  • download.microsoft.com
  • track.mypcbackup.com
  • www.download.windowsupdate.com

download Essayez les produits Sophos gratuitement
Téléchargez maintenant