Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

Alex NightWatcher: Solved! (5 / 5)

Malware Analysis of Program.Unwanted.1183 – ABOUT.DLL

Created files:

%Common Startmenu%\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk
%Common Startmenu%\Programs\IObit Uninstaller.lnk
%Program Files%\IObit\Advanced SystemCare\About.dll
%Program Files%\IObit\Advanced SystemCare\About.exe
%Program Files%\IObit\Advanced SystemCare\ActionCenter2.log

Autostart registry keys:

HKLM\Software\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}\InprocServer32\: “%Program Files%\IObit\IObit Uninstaller\UninstallExplorer.dll”
HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}\InprocServer32\: “%Program Files%\IObit\Advanced SystemCare\ASCExtMenu.dll”
HKLM\Software\Classes\CLSID\{8DE189EC-C9C8-4D31-9F18-E0B7407019A9}\Shell\Open\command\: “”%Program Files%\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe” control_statistics”
HKLM\Software\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027}\InprocServer32\: “%Program Files%\IObit\IObit Uninstaller\UninstallMenuRight.dll”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1\DisplayName: “Advanced SystemCare 9”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1\UninstallString: “”%Program Files%\IObit\Advanced SystemCare\unins000.exe””
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IObitUninstall\DisplayName: “IObit Uninstaller”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IObitUninstall\UninstallString: “”%Program Files%\IObit\IObit Uninstaller\unins000.exe””
HKLM\System\CurrentControlSet\Services\AdvancedSystemCareService9\ImagePath: “%Program Files%\IObit\Advanced SystemCare\ASCService.exe”
HKLM\System\CurrentControlSet\Services\AdvancedSystemCareService9\DisplayName: “Advanced SystemCare Service 9”
HKLM\System\CurrentControlSet\Services\LiveUpdateSvc\ImagePath: “%Program Files%\IObit\LiveUpdate\LiveUpdate.exe”
HKLM\System\CurrentControlSet\Services\LiveUpdateSvc\DisplayName: “LiveUpdate”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Advanced SystemCare 9: “”%Program Files%\IObit\Advanced SystemCare\ASCTray.exe” /Auto”
HKLM\System\CurrentControlSet\Services\sr\ImagePath: “system32\DRIVERS\sr.sys”

Detected by UnHackMe:

ABOUT.DLL
Default location: %PROGRAM FILES%\IOBIT\ADVANCED SYSTEMCARE\ABOUT.DLL

Dropper hash(md5): 5d227837a4241fd1d1722fd5a787bd46

Written by NightWatcher

Malware Hunter.
Google+

UnHackMe removes malware invisible for your antivirus!

UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.