Technical Information
- '%PROGRAM_FILES%\ASP\AdvancedSystemProtector.exe' -firstinstall
- '%TEMP%\is-P29N2.tmp\1.tmp' /SL5="$30028,5550730,153600,<SYSTEM32>\1.exe" /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /SP-
- '<SYSTEM32>\1.exe' /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /SP-
- '<SYSTEM32>\DllHost.exe' /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
- '<SYSTEM32>\taskkill.exe' /f /im AdvancedSystemProtector.exe
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- '<SYSTEM32>\taskkill.exe' /f /im "asp.exe"
- '<SYSTEM32>\taskkill.exe' /f /im "systemprotector.exe"
- '<SYSTEM32>\taskkill.exe' /f /im "advancedsystemprotector.exe"
- '<SYSTEM32>\taskkill.exe' /f /im "aspmanager.exe"
- %PROGRAM_FILES%\ASP\is-L6NN1.tmp
- %PROGRAM_FILES%\ASP\is-P3B74.tmp
- %PROGRAM_FILES%\ASP\is-KA8SF.tmp
- %PROGRAM_FILES%\ASP\is-V64QI.tmp
- %PROGRAM_FILES%\ASP\is-93EU0.tmp
- %PROGRAM_FILES%\ASP\is-ID3FO.tmp
- %PROGRAM_FILES%\ASP\is-F2EGT.tmp
- %PROGRAM_FILES%\ASP\is-ARH8T.tmp
- %PROGRAM_FILES%\ASP\is-CSV6O.tmp
- %PROGRAM_FILES%\ASP\is-13MK7.tmp
- %PROGRAM_FILES%\ASP\is-2IV8O.tmp
- %PROGRAM_FILES%\ASP\is-C9SCA.tmp
- %PROGRAM_FILES%\ASP\Troubleshooter\is-A0POU.tmp
- %PROGRAM_FILES%\ASP\Troubleshooter\is-FQDRM.tmp
- %PROGRAM_FILES%\ASP\Troubleshooter\is-U69JE.tmp
- %PROGRAM_FILES%\ASP\is-BT4BS.tmp
- %PROGRAM_FILES%\ASP\Troubleshooter\is-ALDRJ.tmp
- %PROGRAM_FILES%\ASP\Troubleshooter\is-0JADM.tmp
- %PROGRAM_FILES%\ASP\is-5V5RT.tmp
- %APPDATA%\Roaming\systweak\ssd\is-RNP2U.tmp
- C:\ProgramData\Systweak\ASP\is-7BEKB.tmp
- %PROGRAM_FILES%\ASP\Troubleshooter\is-NNPSR.tmp
- %PROGRAM_FILES%\ASP\Troubleshooter\is-5JIIS.tmp
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Uninstall Advanced System Protector.lnk
- C:\Users\Public\Desktop\Advanced System Protector.lnk
- %PROGRAM_FILES%\ASP\Troubleshooter\iexplore.lnk
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Register Advanced System Protector.lnk
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector Trouble Shooter.lnk
- %PROGRAM_FILES%\ASP\unins000.msg
- %TEMP%\Cab3FDF.tmp
- %TEMP%\Tar3FEF.tmp
- %TEMP%\Tar3F13.tmp
- %PROGRAM_FILES%\ASP\unins000.dat
- %TEMP%\Cab3F12.tmp
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector.lnk
- %PROGRAM_FILES%\ASP\is-BBVDA.tmp
- %PROGRAM_FILES%\ASP\is-1BKC8.tmp
- %PROGRAM_FILES%\ASP\is-J3656.tmp
- %PROGRAM_FILES%\ASP\is-PQLR8.tmp
- %PROGRAM_FILES%\ASP\is-E16Q6.tmp
- %PROGRAM_FILES%\ASP\is-FAMM7.tmp
- %PROGRAM_FILES%\ASP\is-6DO3J.tmp
- %PROGRAM_FILES%\ASP\is-M2VA5.tmp
- %PROGRAM_FILES%\ASP\is-O4NTH.tmp
- %PROGRAM_FILES%\ASP\is-I19KB.tmp
- %PROGRAM_FILES%\ASP\is-7EL85.tmp
- %PROGRAM_FILES%\ASP\clamunpack\is-G7TGP.tmp
- %PROGRAM_FILES%\ASP\is-JAIP6.tmp
- %PROGRAM_FILES%\ASP\is-03762.tmp
- %PROGRAM_FILES%\ASP\is-6GT52.tmp
- %PROGRAM_FILES%\ASP\is-6P6OG.tmp
- %PROGRAM_FILES%\ASP\is-IMRCS.tmp
- %PROGRAM_FILES%\ASP\is-K7UFM.tmp
- %PROGRAM_FILES%\ASP\is-CAU6E.tmp
- %PROGRAM_FILES%\ASP\is-K43AS.tmp
- C:\ProgramData\Systweak\ASP\is-KQKE0.tmp
- %PROGRAM_FILES%\ASP\is-D0HE3.tmp
- %PROGRAM_FILES%\ASP\is-TMGDC.tmp
- %PROGRAM_FILES%\ASP\is-A5772.tmp
- <SYSTEM32>\1.exe
- %TEMP%\is-P29N2.tmp\1.tmp
- %TEMP%\autDF28.tmp
- %TEMP%\autDEAA.tmp
- %TEMP%\vuqjecp
- %TEMP%\is-KFDF9.tmp\_isetup\_shfoldr.dll
- <SYSTEM32>\sasnative32.exe
- %PROGRAM_FILES%\ASP\is-U5961.tmp
- %TEMP%\is-KFDF9.tmp\sasnative32.exe
- %TEMP%\is-KFDF9.tmp\_isetup\_iscrypt.dll
- %TEMP%\is-KFDF9.tmp\isxdl.dll
- %PROGRAM_FILES%\ASP\is-N8HIO.tmp
- %PROGRAM_FILES%\ASP\is-CI9NO.tmp
- %PROGRAM_FILES%\ASP\is-FP1C0.tmp
- %PROGRAM_FILES%\ASP\is-JTLDT.tmp
- %PROGRAM_FILES%\ASP\is-26ASN.tmp
- %PROGRAM_FILES%\ASP\is-4RE0S.tmp
- %PROGRAM_FILES%\ASP\clamunpack\is-4VIHT.tmp
- %PROGRAM_FILES%\ASP\clamunpack\is-5PS41.tmp
- %PROGRAM_FILES%\ASP\is-M7AK5.tmp
- %PROGRAM_FILES%\ASP\is-2R4VP.tmp
- %PROGRAM_FILES%\ASP\is-MD7GL.tmp
- %PROGRAM_FILES%\ASP\is-7BNLD.tmp
- %PROGRAM_FILES%\ASP\is-S1U97.tmp
- %PROGRAM_FILES%\ASP\is-QRIIV.tmp
- %PROGRAM_FILES%\ASP\is-08HJT.tmp
- %PROGRAM_FILES%\ASP\is-OQAKC.tmp
- %PROGRAM_FILES%\ASP\is-PUR43.tmp
- %PROGRAM_FILES%\ASP\is-08902.tmp
- %PROGRAM_FILES%\ASP\is-EUATM.tmp
- %PROGRAM_FILES%\ASP\is-4A21U.tmp
- %PROGRAM_FILES%\ASP\is-B561T.tmp
- %PROGRAM_FILES%\ASP\is-5ALEQ.tmp
- %PROGRAM_FILES%\ASP\is-EQ9QP.tmp
- <SYSTEM32>\1.exe
- %TEMP%\Cab3F12.tmp
- <SYSTEM32>\1.exe
- %TEMP%\is-P29N2.tmp\1.tmp
- %TEMP%\Tar3FEF.tmp
- %TEMP%\Cab3FDF.tmp
- %TEMP%\Tar3F13.tmp
- %TEMP%\is-KFDF9.tmp\_isetup\_shfoldr.dll
- %TEMP%\autDF28.tmp
- %TEMP%\vuqjecp
- %TEMP%\autDEAA.tmp
- %TEMP%\is-KFDF9.tmp\_isetup\_iscrypt.dll
- %TEMP%\is-KFDF9.tmp\sasnative32.exe
- %TEMP%\is-KFDF9.tmp\isxdl.dll
- from %APPDATA%\Roaming\systweak\ssd\is-RNP2U.tmp to %APPDATA%\Roaming\systweak\ssd\SSDPTstub.exe
- from %PROGRAM_FILES%\ASP\is-C9SCA.tmp to %PROGRAM_FILES%\ASP\SSDPTstub.exe
- from C:\ProgramData\Systweak\ASP\is-7BEKB.tmp to C:\ProgramData\Systweak\ASP\AddonSafelist
- from %PROGRAM_FILES%\ASP\is-5V5RT.tmp to %PROGRAM_FILES%\ASP\loading_withWhiteBG.avi
- from %PROGRAM_FILES%\ASP\is-KA8SF.tmp to %PROGRAM_FILES%\ASP\Danish_uninst.ini
- from %PROGRAM_FILES%\ASP\is-L6NN1.tmp to %PROGRAM_FILES%\ASP\Dutch_uninst.ini
- from %PROGRAM_FILES%\ASP\is-V64QI.tmp to %PROGRAM_FILES%\ASP\ASPUninstall.exe
- from %PROGRAM_FILES%\ASP\is-93EU0.tmp to %PROGRAM_FILES%\ASP\Chinese_uninst.ini
- from %PROGRAM_FILES%\ASP\Troubleshooter\is-5JIIS.tmp to %PROGRAM_FILES%\ASP\Troubleshooter\firefox.com
- from %PROGRAM_FILES%\ASP\Troubleshooter\is-ALDRJ.tmp to %PROGRAM_FILES%\ASP\Troubleshooter\ASP-Troubleshooter.chm
- from %PROGRAM_FILES%\ASP\Troubleshooter\is-U69JE.tmp to %PROGRAM_FILES%\ASP\Troubleshooter\asp-fixer.exe
- from %PROGRAM_FILES%\ASP\clamunpack\is-G7TGP.tmp to %PROGRAM_FILES%\ASP\clamunpack\readme.txt
- from %PROGRAM_FILES%\ASP\is-BT4BS.tmp to %PROGRAM_FILES%\ASP\filetypehelper.exe
- from %PROGRAM_FILES%\ASP\Troubleshooter\is-0JADM.tmp to %PROGRAM_FILES%\ASP\Troubleshooter\asp-fixer.scr
- from %PROGRAM_FILES%\ASP\Troubleshooter\is-NNPSR.tmp to %PROGRAM_FILES%\ASP\Troubleshooter\iexplore.exe
- from %PROGRAM_FILES%\ASP\Troubleshooter\is-A0POU.tmp to %PROGRAM_FILES%\ASP\Troubleshooter\asp-fixer.com
- from %PROGRAM_FILES%\ASP\Troubleshooter\is-FQDRM.tmp to %PROGRAM_FILES%\ASP\Troubleshooter\asp-fixer.pif
- from %PROGRAM_FILES%\ASP\is-P3B74.tmp to %PROGRAM_FILES%\ASP\eng_uninst.ini
- from %PROGRAM_FILES%\ASP\is-FAMM7.tmp to %PROGRAM_FILES%\ASP\russian_uninst_ru.ini
- from %PROGRAM_FILES%\ASP\is-I19KB.tmp to %PROGRAM_FILES%\ASP\spanish_uninst.ini
- from %PROGRAM_FILES%\ASP\is-BBVDA.tmp to %PROGRAM_FILES%\ASP\portugese_uninst_pt.ini
- from %PROGRAM_FILES%\ASP\is-1BKC8.tmp to %PROGRAM_FILES%\ASP\Portuguese_uninst.ini
- from %PROGRAM_FILES%\ASP\is-6DO3J.tmp to %PROGRAM_FILES%\ASP\Turkish_uninst_tr.ini
- from %PROGRAM_FILES%\ASP\is-M2VA5.tmp to %PROGRAM_FILES%\ASP\TPS.ico
- from %PROGRAM_FILES%\ASP\is-7EL85.tmp to %PROGRAM_FILES%\ASP\swedish_uninst.ini
- from %PROGRAM_FILES%\ASP\is-O4NTH.tmp to %PROGRAM_FILES%\ASP\traditionalcn_uninst_zh-tw.ini
- from %PROGRAM_FILES%\ASP\is-J3656.tmp to %PROGRAM_FILES%\ASP\polish_uninst_pl.ini
- from %PROGRAM_FILES%\ASP\is-2IV8O.tmp to %PROGRAM_FILES%\ASP\German_uninst.ini
- from %PROGRAM_FILES%\ASP\is-CSV6O.tmp to %PROGRAM_FILES%\ASP\greek_uninst_el.ini
- from %PROGRAM_FILES%\ASP\is-ID3FO.tmp to %PROGRAM_FILES%\ASP\Finnish_uninst_fi.ini
- from %PROGRAM_FILES%\ASP\is-13MK7.tmp to %PROGRAM_FILES%\ASP\French_uninst.ini
- from %PROGRAM_FILES%\ASP\is-PQLR8.tmp to %PROGRAM_FILES%\ASP\korean_uninst_ko.ini
- from %PROGRAM_FILES%\ASP\is-E16Q6.tmp to %PROGRAM_FILES%\ASP\Norwegian_uninst.ini
- from %PROGRAM_FILES%\ASP\is-F2EGT.tmp to %PROGRAM_FILES%\ASP\Italian_uninst.ini
- from %PROGRAM_FILES%\ASP\is-ARH8T.tmp to %PROGRAM_FILES%\ASP\Japanese_uninst.ini
- from %PROGRAM_FILES%\ASP\clamunpack\is-5PS41.tmp to %PROGRAM_FILES%\ASP\clamunpack\libclamav.dll
- from %PROGRAM_FILES%\ASP\is-CAU6E.tmp to %PROGRAM_FILES%\ASP\Interop.IWshRuntimeLibrary.dll
- from %PROGRAM_FILES%\ASP\is-K43AS.tmp to %PROGRAM_FILES%\ASP\categories.ini
- from %PROGRAM_FILES%\ASP\is-TMGDC.tmp to %PROGRAM_FILES%\ASP\asp.ico
- from C:\ProgramData\Systweak\ASP\is-KQKE0.tmp to C:\ProgramData\Systweak\ASP\log.xslt
- from %PROGRAM_FILES%\ASP\is-08HJT.tmp to %PROGRAM_FILES%\ASP\danish_asp_DA.ini
- from %PROGRAM_FILES%\ASP\is-S1U97.tmp to %PROGRAM_FILES%\ASP\dutch_asp_NL.ini
- from %PROGRAM_FILES%\ASP\is-OQAKC.tmp to %PROGRAM_FILES%\ASP\eng_asp_en.ini
- from %PROGRAM_FILES%\ASP\is-PUR43.tmp to %PROGRAM_FILES%\ASP\Chinese_asp_ZH-CN.ini
- from %PROGRAM_FILES%\ASP\is-D0HE3.tmp to %PROGRAM_FILES%\ASP\System.Core.dll
- from %PROGRAM_FILES%\ASP\is-6P6OG.tmp to %PROGRAM_FILES%\ASP\AdvancedSystemProtector.exe.config
- from %PROGRAM_FILES%\ASP\is-IMRCS.tmp to %PROGRAM_FILES%\ASP\AspManager.exe
- from %PROGRAM_FILES%\ASP\is-U5961.tmp to %PROGRAM_FILES%\ASP\unins000.exe
- from %PROGRAM_FILES%\ASP\is-A5772.tmp to %PROGRAM_FILES%\ASP\AdvancedSystemProtector.exe
- from %PROGRAM_FILES%\ASP\is-03762.tmp to %PROGRAM_FILES%\ASP\Microsoft.Win32.TaskScheduler.DLL
- from %PROGRAM_FILES%\ASP\is-K7UFM.tmp to %PROGRAM_FILES%\ASP\System.Data.SQLite.dll
- from %PROGRAM_FILES%\ASP\is-6GT52.tmp to %PROGRAM_FILES%\ASP\AppResource.dll
- from %PROGRAM_FILES%\ASP\is-JAIP6.tmp to %PROGRAM_FILES%\ASP\aspsys.dll
- from %PROGRAM_FILES%\ASP\is-QRIIV.tmp to %PROGRAM_FILES%\ASP\Finnish_asp_FI.ini
- from %PROGRAM_FILES%\ASP\is-CI9NO.tmp to %PROGRAM_FILES%\ASP\Xceed.Compression.Formats.dll
- from %PROGRAM_FILES%\ASP\is-4RE0S.tmp to %PROGRAM_FILES%\ASP\Xceed.FileSystem.dll
- from %PROGRAM_FILES%\ASP\is-FP1C0.tmp to %PROGRAM_FILES%\ASP\unrar.dll
- from %PROGRAM_FILES%\ASP\is-N8HIO.tmp to %PROGRAM_FILES%\ASP\Xceed.Compression.dll
- from %PROGRAM_FILES%\ASP\is-M7AK5.tmp to %PROGRAM_FILES%\ASP\scandll.dll
- from %PROGRAM_FILES%\ASP\clamunpack\is-4VIHT.tmp to %PROGRAM_FILES%\ASP\clamunpack\clamscan.exe
- from %PROGRAM_FILES%\ASP\is-2R4VP.tmp to %PROGRAM_FILES%\ASP\Xceed.Zip.dll
- from %PROGRAM_FILES%\ASP\is-MD7GL.tmp to %PROGRAM_FILES%\ASP\Communication.dll
- from %PROGRAM_FILES%\ASP\is-26ASN.tmp to %PROGRAM_FILES%\ASP\swedish_asp_SV.ini
- from %PROGRAM_FILES%\ASP\is-EQ9QP.tmp to %PROGRAM_FILES%\ASP\italian_asp_IT.ini
- from %PROGRAM_FILES%\ASP\is-B561T.tmp to %PROGRAM_FILES%\ASP\japanese_asp_JA.ini
- from %PROGRAM_FILES%\ASP\is-08902.tmp to %PROGRAM_FILES%\ASP\french_asp_FR.ini
- from %PROGRAM_FILES%\ASP\is-5ALEQ.tmp to %PROGRAM_FILES%\ASP\german_asp_DE.ini
- from %PROGRAM_FILES%\ASP\is-7BNLD.tmp to %PROGRAM_FILES%\ASP\russian_asp_ru.ini
- from %PROGRAM_FILES%\ASP\is-JTLDT.tmp to %PROGRAM_FILES%\ASP\spanish_asp_ES.ini
- from %PROGRAM_FILES%\ASP\is-EUATM.tmp to %PROGRAM_FILES%\ASP\norwegian_asp_NO.ini
- from %PROGRAM_FILES%\ASP\is-4A21U.tmp to %PROGRAM_FILES%\ASP\portuguese_asp_PT-BR.ini
- DNS ASK www.google.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'BUTTON' WindowName: ''
- ClassName: 'OleMainThreadWndClass' WindowName: ''
- ClassName: '' WindowName: ''