Friday
2013-05-08, 12:55
The following instructions have been created to help you to get rid of "USTechSupport.MyCleanPC" manually.
Use this guide at your own risk; software should usually be better suited to remove malware, since it is able to look deeper.
If this guide was helpful to you, please consider donating towards this site (http://www.safer-networking.org/index.php?page=donate).
Threat Details:
Categories:
pups
Description:
USTechSupport.MyCleanPC is a fraudulent system registry cleaner. The EULA is displayed in a badly readable font. The EULA and privacy policy is marked to be accepted by default. After installation and after every reboot USTechSupport.MyCleanPC does a scan and shows thousands of entries which should be cleaned, the number includes fragmented disk space so the user is scared by the high number. Cleaning requires a paid registration while there is little to no user benefit.
Removal Instructions:
Autorun:
Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd), RunAlyzer (http://www.safer-networking.org/index.php?page=runalyzer) or msconfig.exe to remove the following autorun entries.
Entries named "MyCleanPC PC Optimizer" and pointing to "*<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCO.exe* /autorun".
Installed Software List:
You can try to uninstall products with the names listed below; for items identified by other properties or to avoid malware getting active again on uninstallation, use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) or RunAlyzer (http://www.safer-networking.org/index.php?page=runalyzer) to locate and get rid of these entries.
Products that have a key or property named "{4734A746-A503-4B8E-A4FA-7B7C84A18D79}".
Products that have a key or property named "{6AAEB4CB-0573-41ec-89B0-0FE0D5134A8B}_is1".
Files:
Please use Windows Explorer or another file manager of your choice to locate and delete these files.
The file at "<$APPDATA>\USTechSupport\PC Optimizer\Registry Cleaner\log_05-03-2013.log".
The file at "<$COMMONAPPDATA>\USTechSupport\ClientMonitoring\Log\PCOSetup_1.0.9.0.log".
The file at "<$COMMONAPPDATA>\USTechSupport\ClientMonitoring\Upload\Upload.log".
The file at "<$COMMONAPPDATA>\USTechSupport\DEL\del_archive_1.dat".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\MessageQueueService_CustomerSupport.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\MessageQueueService_Debug.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\MyCleanPC_CustomerSupport.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\MyCleanPC_Debug.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\PCOSetup_1.0.9.0_CustomerSupport.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\PCOSetup_1.0.9.0_Debug.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\SchedulerService_CustomerSupport.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\SchedulerService_Debug.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Scheduler\SchedulerService.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Scheduler\SchedulerService.xml.orig".
The file at "<$COMMONAPPDATA>\USTechSupport\Scheduler\SchedulerService.xml".
The file at "<$COMMONAPPDATA>\USTechSupport\Scheduler\SchedulerServiceArchive.bin".
The file at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c\client_config.xml".
The file at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c\embedded_config.xml".
The file at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c\FrameworkMSI.msi".
The file at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c\install_config.xml".
The file at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c\PCOSetup_1.0.9.0.exe".
The file at "<$COMMONDESKTOP>\Live PC Help.lnk".
The file at "<$COMMONDESKTOP>\MyCleanPC PC Optimizer.lnk".
The file at "<$COMMONPROGRAMFILES>\USTechSupport\DEL\DEL_Dll.dll".
The file at "<$COMMONPROGRAMS>\MyCleanPC\PC Optimizer\MyCleanPC PC Optimizer.lnk".
The file at "<$COMMONPROGRAMS>\MyCleanPC\PC Optimizer\Uninstall MyCleanPC PC Optimizer.lnk".
The file at "<$LOCALSETTINGS>\Temp\del.dll".
The file at "<$PROGRAMFILES>\USTechSupport\ClientMonitoring\MessageQueueService.exe".
The file at "<$PROGRAMFILES>\USTechSupport\DataCollection\DataCollection.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\1.ico".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\2.ico".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\3.ico".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\4.ico".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\ASEng.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\AsInvoker.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\aso.ini".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\asohtm.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\asores.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\atl90.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\Downloader.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\HighestAvailable.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\KillUSTSPCOProcesses.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90CHS.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90CHT.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90DEU.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90ENU.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90ESN.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90ESP.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90FRA.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90ITA.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90JPN.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90KOR.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\mfc90u.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\msvcp90.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\msvcr90.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\Network.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\RequireAdministrator.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\sqlite3.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\unrar.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCO.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOCheckUpdate.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCODefragServiceManager.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCODefragSrv.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCODefragSrv64.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCODiskOptimizer.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOHelper.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOPrivacyProtector.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCORegClean.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCORegistryOptimizer.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOsys.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOSysFileBakRes.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOSystemCleaner.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOuninstaller.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\xmllite.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\zlibwapi.dll".
The file at "<$PROGRAMFILES>\USTechSupport\SchedulerService\SchedulerService.exe".
The file at "<$PROGRAMFILES>\USTechSupport\SchedulerService\SchedulerService.log".
The file at "<$PROGRAMFILES>\USTechSupport\SchedulerService\SchedulerServiceSettings.xml".
The file at "<$PROGRAMFILES>\USTechSupport\Update\TinyUpdater.exe".
The file at "<$SYSDIR>\roboot.exe".
The file at "<$WINDIR>\Installer\{4734A746-A503-4B8E-A4FA-7B7C84A18D79}\LiveTechDesktop.ico".
The file at "<$WINDIR>\Installer\{4734A746-A503-4B8E-A4FA-7B7C84A18D79}\USTechSupport.ico".
The file at "<$WINDIR>\Tasks\USTSPCO-USTSPCOOneClickCare.job".
The file at "c:\Config.msi\{AB56B977-66D9-411E-B4AA-F4BAD1AD5EBF}\PCOSetup_1.0.9.0.exe".
Make sure you set your file manager to display hidden and system files. If USTechSupport.MyCleanPC uses rootkit technologies, use our RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
You will have to use a global search for files without a name specified. Be extra careful, because just the name might not be enough to identify files!
Important: There are more files that cannot be safely described in simple words. Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) to remove them.
Folders:
Please use Windows Explorer or another file manager of your choice to locate and delete these folders.
The directory at "<$APPDATA>\USTechSupport\PC Optimizer\Disk Optimizer".
The directory at "<$APPDATA>\USTechSupport\PC Optimizer\Registry Cleaner".
The directory at "<$APPDATA>\USTechSupport\PC Optimizer\Registry Optimizer".
The directory at "<$APPDATA>\USTechSupport\PC Optimizer".
The directory at "<$APPDATA>\USTechSupport".
The directory at "<$COMMONAPPDATA>\USTechSupport\ClientMonitoring\Log".
The directory at "<$COMMONAPPDATA>\USTechSupport\ClientMonitoring\Upload".
The directory at "<$COMMONAPPDATA>\USTechSupport\ClientMonitoring".
The directory at "<$COMMONAPPDATA>\USTechSupport\DEL".
The directory at "<$COMMONAPPDATA>\USTechSupport\Log".
The directory at "<$COMMONAPPDATA>\USTechSupport\PC Optimizer\Disk Optimizer".
The directory at "<$COMMONAPPDATA>\USTechSupport\PC Optimizer".
The directory at "<$COMMONAPPDATA>\USTechSupport\Scheduler".
The directory at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c".
The directory at "<$COMMONAPPDATA>\USTechSupport\Stub".
The directory at "<$COMMONAPPDATA>\USTechSupport".
The directory at "<$COMMONPROGRAMFILES>\USTechSupport\DEL".
The directory at "<$COMMONPROGRAMFILES>\USTechSupport".
The directory at "<$COMMONPROGRAMS>\MyCleanPC\PC Optimizer".
The directory at "<$COMMONPROGRAMS>\MyCleanPC".
The directory at "<$PROGRAMFILES>\USTechSupport\ClientMonitoring".
The directory at "<$PROGRAMFILES>\USTechSupport\DataCollection".
The directory at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\DefragReport".
The directory at "<$PROGRAMFILES>\USTechSupport\PC Optimizer".
The directory at "<$PROGRAMFILES>\USTechSupport\SchedulerService".
The directory at "<$PROGRAMFILES>\USTechSupport\Update".
The directory at "<$PROGRAMFILES>\USTechSupport".
The directory at "<$WINDIR>\Installer\{4734A746-A503-4B8E-A4FA-7B7C84A18D79}".
Make sure you set your file manager to display hidden and system files. If USTechSupport.MyCleanPC uses rootkit technologies, use our RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
You will have to use a global search for files without a name specified. Be extra careful, because just the name might not be enough to identify folders!
Registry:
You can use regedit.exe (included in Windows) to locate and delete these registry entries.
Delete the registry key "647A4374305AE8B44AAFB7C7481AD897" at "HKEY_CLASSES_ROOT\Installer\Features\".
Delete the registry key "647A4374305AE8B44AAFB7C7481AD897" at "HKEY_CLASSES_ROOT\Installer\Products\".
Delete the registry key "F29601071EC0B114FBC6E22DC99FD534" at "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\".
Delete the registry key "LiveTech" at "HKEY_CURRENT_USER\Software\USTechSupport\".
Delete the registry key "PC Optimizer" at "HKEY_CURRENT_USER\Software\USTechSupport\".
Delete the registry key "PC Optimizer" at "HKEY_LOCAL_MACHINE\SOFTWARE\USTechSupport\".
Delete the registry key "USTSPCODiskOptimizer" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\".
Delete the registry key "USTSPCODiskOptimizer" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\".
Delete the registry key "USTSPCODiskOptimizer" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\".
Delete the registry key "USTSScheduler" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\".
Delete the registry key "USTSScheduler" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\".
Delete the registry key "USTSScheduler" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\".
If USTechSupport.MyCleanPC uses rootkit technologies, use our RegAlyzer (http://www.safer-networking.org/index.php?page=regalyzer), RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
Final Words:
If neither Spybot-S&D nor self help did resolve the issue or you would prefer one on one help,
Please read these instructions (http://forums.spybot.info/showthread.php?t=288) before requesting assistance,
Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) where a volunteer analyst will advise you as soon as available.
Use this guide at your own risk; software should usually be better suited to remove malware, since it is able to look deeper.
If this guide was helpful to you, please consider donating towards this site (http://www.safer-networking.org/index.php?page=donate).
Threat Details:
Categories:
pups
Description:
USTechSupport.MyCleanPC is a fraudulent system registry cleaner. The EULA is displayed in a badly readable font. The EULA and privacy policy is marked to be accepted by default. After installation and after every reboot USTechSupport.MyCleanPC does a scan and shows thousands of entries which should be cleaned, the number includes fragmented disk space so the user is scared by the high number. Cleaning requires a paid registration while there is little to no user benefit.
Removal Instructions:
Autorun:
Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd), RunAlyzer (http://www.safer-networking.org/index.php?page=runalyzer) or msconfig.exe to remove the following autorun entries.
Entries named "MyCleanPC PC Optimizer" and pointing to "*<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCO.exe* /autorun".
Installed Software List:
You can try to uninstall products with the names listed below; for items identified by other properties or to avoid malware getting active again on uninstallation, use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) or RunAlyzer (http://www.safer-networking.org/index.php?page=runalyzer) to locate and get rid of these entries.
Products that have a key or property named "{4734A746-A503-4B8E-A4FA-7B7C84A18D79}".
Products that have a key or property named "{6AAEB4CB-0573-41ec-89B0-0FE0D5134A8B}_is1".
Files:
Please use Windows Explorer or another file manager of your choice to locate and delete these files.
The file at "<$APPDATA>\USTechSupport\PC Optimizer\Registry Cleaner\log_05-03-2013.log".
The file at "<$COMMONAPPDATA>\USTechSupport\ClientMonitoring\Log\PCOSetup_1.0.9.0.log".
The file at "<$COMMONAPPDATA>\USTechSupport\ClientMonitoring\Upload\Upload.log".
The file at "<$COMMONAPPDATA>\USTechSupport\DEL\del_archive_1.dat".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\MessageQueueService_CustomerSupport.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\MessageQueueService_Debug.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\MyCleanPC_CustomerSupport.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\MyCleanPC_Debug.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\PCOSetup_1.0.9.0_CustomerSupport.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\PCOSetup_1.0.9.0_Debug.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\SchedulerService_CustomerSupport.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Log\SchedulerService_Debug.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Scheduler\SchedulerService.log".
The file at "<$COMMONAPPDATA>\USTechSupport\Scheduler\SchedulerService.xml.orig".
The file at "<$COMMONAPPDATA>\USTechSupport\Scheduler\SchedulerService.xml".
The file at "<$COMMONAPPDATA>\USTechSupport\Scheduler\SchedulerServiceArchive.bin".
The file at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c\client_config.xml".
The file at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c\embedded_config.xml".
The file at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c\FrameworkMSI.msi".
The file at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c\install_config.xml".
The file at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c\PCOSetup_1.0.9.0.exe".
The file at "<$COMMONDESKTOP>\Live PC Help.lnk".
The file at "<$COMMONDESKTOP>\MyCleanPC PC Optimizer.lnk".
The file at "<$COMMONPROGRAMFILES>\USTechSupport\DEL\DEL_Dll.dll".
The file at "<$COMMONPROGRAMS>\MyCleanPC\PC Optimizer\MyCleanPC PC Optimizer.lnk".
The file at "<$COMMONPROGRAMS>\MyCleanPC\PC Optimizer\Uninstall MyCleanPC PC Optimizer.lnk".
The file at "<$LOCALSETTINGS>\Temp\del.dll".
The file at "<$PROGRAMFILES>\USTechSupport\ClientMonitoring\MessageQueueService.exe".
The file at "<$PROGRAMFILES>\USTechSupport\DataCollection\DataCollection.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\1.ico".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\2.ico".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\3.ico".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\4.ico".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\ASEng.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\AsInvoker.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\aso.ini".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\asohtm.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\asores.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\atl90.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\Downloader.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\HighestAvailable.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\KillUSTSPCOProcesses.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90CHS.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90CHT.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90DEU.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90ENU.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90ESN.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90ESP.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90FRA.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90ITA.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90JPN.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\MFC90KOR.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\mfc90u.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\msvcp90.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\msvcr90.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\Network.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\RequireAdministrator.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\sqlite3.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\unrar.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCO.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOCheckUpdate.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCODefragServiceManager.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCODefragSrv.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCODefragSrv64.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCODiskOptimizer.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOHelper.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOPrivacyProtector.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCORegClean.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCORegistryOptimizer.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOsys.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOSysFileBakRes.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOSystemCleaner.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\USTSPCOuninstaller.exe".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\xmllite.dll".
The file at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\zlibwapi.dll".
The file at "<$PROGRAMFILES>\USTechSupport\SchedulerService\SchedulerService.exe".
The file at "<$PROGRAMFILES>\USTechSupport\SchedulerService\SchedulerService.log".
The file at "<$PROGRAMFILES>\USTechSupport\SchedulerService\SchedulerServiceSettings.xml".
The file at "<$PROGRAMFILES>\USTechSupport\Update\TinyUpdater.exe".
The file at "<$SYSDIR>\roboot.exe".
The file at "<$WINDIR>\Installer\{4734A746-A503-4B8E-A4FA-7B7C84A18D79}\LiveTechDesktop.ico".
The file at "<$WINDIR>\Installer\{4734A746-A503-4B8E-A4FA-7B7C84A18D79}\USTechSupport.ico".
The file at "<$WINDIR>\Tasks\USTSPCO-USTSPCOOneClickCare.job".
The file at "c:\Config.msi\{AB56B977-66D9-411E-B4AA-F4BAD1AD5EBF}\PCOSetup_1.0.9.0.exe".
Make sure you set your file manager to display hidden and system files. If USTechSupport.MyCleanPC uses rootkit technologies, use our RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
You will have to use a global search for files without a name specified. Be extra careful, because just the name might not be enough to identify files!
Important: There are more files that cannot be safely described in simple words. Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) to remove them.
Folders:
Please use Windows Explorer or another file manager of your choice to locate and delete these folders.
The directory at "<$APPDATA>\USTechSupport\PC Optimizer\Disk Optimizer".
The directory at "<$APPDATA>\USTechSupport\PC Optimizer\Registry Cleaner".
The directory at "<$APPDATA>\USTechSupport\PC Optimizer\Registry Optimizer".
The directory at "<$APPDATA>\USTechSupport\PC Optimizer".
The directory at "<$APPDATA>\USTechSupport".
The directory at "<$COMMONAPPDATA>\USTechSupport\ClientMonitoring\Log".
The directory at "<$COMMONAPPDATA>\USTechSupport\ClientMonitoring\Upload".
The directory at "<$COMMONAPPDATA>\USTechSupport\ClientMonitoring".
The directory at "<$COMMONAPPDATA>\USTechSupport\DEL".
The directory at "<$COMMONAPPDATA>\USTechSupport\Log".
The directory at "<$COMMONAPPDATA>\USTechSupport\PC Optimizer\Disk Optimizer".
The directory at "<$COMMONAPPDATA>\USTechSupport\PC Optimizer".
The directory at "<$COMMONAPPDATA>\USTechSupport\Scheduler".
The directory at "<$COMMONAPPDATA>\USTechSupport\Stub\77dac60f70574a7daf35b244ceba8a1c".
The directory at "<$COMMONAPPDATA>\USTechSupport\Stub".
The directory at "<$COMMONAPPDATA>\USTechSupport".
The directory at "<$COMMONPROGRAMFILES>\USTechSupport\DEL".
The directory at "<$COMMONPROGRAMFILES>\USTechSupport".
The directory at "<$COMMONPROGRAMS>\MyCleanPC\PC Optimizer".
The directory at "<$COMMONPROGRAMS>\MyCleanPC".
The directory at "<$PROGRAMFILES>\USTechSupport\ClientMonitoring".
The directory at "<$PROGRAMFILES>\USTechSupport\DataCollection".
The directory at "<$PROGRAMFILES>\USTechSupport\PC Optimizer\DefragReport".
The directory at "<$PROGRAMFILES>\USTechSupport\PC Optimizer".
The directory at "<$PROGRAMFILES>\USTechSupport\SchedulerService".
The directory at "<$PROGRAMFILES>\USTechSupport\Update".
The directory at "<$PROGRAMFILES>\USTechSupport".
The directory at "<$WINDIR>\Installer\{4734A746-A503-4B8E-A4FA-7B7C84A18D79}".
Make sure you set your file manager to display hidden and system files. If USTechSupport.MyCleanPC uses rootkit technologies, use our RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
You will have to use a global search for files without a name specified. Be extra careful, because just the name might not be enough to identify folders!
Registry:
You can use regedit.exe (included in Windows) to locate and delete these registry entries.
Delete the registry key "647A4374305AE8B44AAFB7C7481AD897" at "HKEY_CLASSES_ROOT\Installer\Features\".
Delete the registry key "647A4374305AE8B44AAFB7C7481AD897" at "HKEY_CLASSES_ROOT\Installer\Products\".
Delete the registry key "F29601071EC0B114FBC6E22DC99FD534" at "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\".
Delete the registry key "LiveTech" at "HKEY_CURRENT_USER\Software\USTechSupport\".
Delete the registry key "PC Optimizer" at "HKEY_CURRENT_USER\Software\USTechSupport\".
Delete the registry key "PC Optimizer" at "HKEY_LOCAL_MACHINE\SOFTWARE\USTechSupport\".
Delete the registry key "USTSPCODiskOptimizer" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\".
Delete the registry key "USTSPCODiskOptimizer" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\".
Delete the registry key "USTSPCODiskOptimizer" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\".
Delete the registry key "USTSScheduler" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\".
Delete the registry key "USTSScheduler" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\".
Delete the registry key "USTSScheduler" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\".
If USTechSupport.MyCleanPC uses rootkit technologies, use our RegAlyzer (http://www.safer-networking.org/index.php?page=regalyzer), RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
Final Words:
If neither Spybot-S&D nor self help did resolve the issue or you would prefer one on one help,
Please read these instructions (http://forums.spybot.info/showthread.php?t=288) before requesting assistance,
Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) where a volunteer analyst will advise you as soon as available.