Jump to content

Recommended Posts

  • Staff
What is Secure PC Tuneup?

The Malwarebytes research team has determined that Secure PC Tuneup is a "system optimizer". These so-called "system optimizer" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.
More information can be found on our Malwarebytes Unpacked blog.

How do I know if I am infected with Secure PC Tuneup?

This is how the main screen of the sytem optimizer looks:

main.png

You will find these icons in your taskbar and on your desktop:

icons.png

and see these warnings during install:

warning1.png

warning2.png

and these screens during "operations":

warning5.png

warning6.png

You may see this entry in your list of installed programs:

warning4.png

and these tasks in your Task Scheduler:

warning3.png

How did Secure PC Tuneup get on my computer?

These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their site.

How do I remove Secure PC Tuneup?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted application.
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-{version}.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to:
    Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • Once the program has loaded, select Scan Now. Or select the Threat Scan from the Scan menu.
  • If an update is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
Is there anything else I need to do to get rid of Secure PC Tuneup?
  • No, Malwarebytes' Anti-Malware removes Secure PC Tuneup completely.
  • This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks.
How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this system optimizer.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the Secure PC Tuneup installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.

 

protection1.png


and we block access to their domain:
 

protection2.png


Technical details for experts

You may see these entries in FRST logs:

 
 (Secure PC Tuneup) C:\Program Files (x86)\SecurePCTuneup\SecurePCTuneup.exe
 () C:\Users\{username}\AppData\Roaming\System Monitor\sm.exe
 C:\Windows\System32\Tasks\Secure PC Tuneup_DEFAULT
 C:\Windows\System32\Tasks\Secure PC Tuneup_UPDATES
 C:\Windows\Tasks\Secure PC Tuneup_UPDATES.job
 C:\Windows\Tasks\Secure PC Tuneup_DEFAULT.job
 C:\Users\{username}\AppData\Roaming\SecurePCTuneup
 C:\Windows\System32\Tasks\Secure PC Tuneup
 C:\Windows\System32\Tasks\RunAtStartup
 C:\Users\Public\Desktop\SecurePCTuneup.lnk
 C:\Users\{username}\AppData\Roaming\System Monitor
 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecurePCTuneup
 C:\Program Files (x86)\SecurePCTuneup

SecurePCTuneup (HKLM-x32\...\SecurePCTuneup_is1) (Version: 5.4 - www.securepctuneup.com)
Task: {043CF42D-5E25-4255-BDED-AF527256D33A} - System32\Tasks\Secure PC Tuneup => C:\Program Files (x86)\SecurePCTuneup\SecurePCTuneup.exe [2016-11-29] (Secure PC Tuneup)
Task: {AA67C9F2-1FD8-4AD4-97E7-A31D0BC2F625} - System32\Tasks\Secure PC Tuneup_DEFAULT => C:\Program Files (x86)\SecurePCTuneup\SecurePCTuneup.exe [2016-11-29] (Secure PC Tuneup)
Task: {B3AE31CF-0737-4F12-B82D-665654DB2F2C} - System32\Tasks\RunAtStartup => C:\Users\{username}\AppData\Roaming\System Monitor\sm.exe [2016-11-25] ()
Task: {FDDEE7B8-84B3-48C7-A224-A0BA2BA23E4F} - System32\Tasks\Secure PC Tuneup_UPDATES => C:\Program Files (x86)\SecurePCTuneup\SecurePCTuneup.exe [2016-11-29] (Secure PC Tuneup)
Task: C:\Windows\Tasks\Secure PC Tuneup_DEFAULT.job => C:\Program Files (x86)\SecurePCTuneup\SecurePCTuneup.exe
Task: C:\Windows\Tasks\Secure PC Tuneup_UPDATES.job => C:\Program Files (x86)\SecurePCTuneup\SecurePCTuneup.exe
Alterations made by the installer:
 
File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files (x86)\SecurePCTuneup
       Adds the file Chinese_pcp.ini"="11/18/2016 5:52 PM, 39470 bytes, A
       Adds the file Chinese_uninst.ini"="11/18/2016 5:39 PM, 2646 bytes, A
       Adds the file Danish_pcp.ini"="11/18/2016 5:52 PM, 82794 bytes, A
       Adds the file Danish_uninst.ini"="11/18/2016 5:39 PM, 2948 bytes, A
       Adds the file Dutch_pcp.ini"="11/18/2016 5:52 PM, 87054 bytes, A
       Adds the file Dutch_uninst.ini"="11/18/2016 5:39 PM, 2944 bytes, A
       Adds the file eng_pcp.ini"="11/18/2016 5:52 PM, 76258 bytes, A
       Adds the file eng_uninst.ini"="11/18/2016 5:39 PM, 2830 bytes, A
       Adds the file FileList.pcp"="11/18/2016 5:39 PM, 13612 bytes, A
       Adds the file Finnish_pcp_fi.ini"="11/18/2016 5:52 PM, 80252 bytes, A
       Adds the file Finnish_uninst_fi.ini"="11/18/2016 5:39 PM, 3024 bytes, A
       Adds the file French_pcp.ini"="11/18/2016 5:52 PM, 93086 bytes, A
       Adds the file French_uninst.ini"="11/18/2016 5:39 PM, 3040 bytes, A
       Adds the file German_pcp.ini"="11/18/2016 5:52 PM, 92532 bytes, A
       Adds the file German_uninst.ini"="11/18/2016 5:39 PM, 3382 bytes, A
       Adds the file greek_pcp_el.ini"="11/18/2016 5:52 PM, 91736 bytes, A
       Adds the file greek_uninst_el.ini"="11/18/2016 5:39 PM, 3206 bytes, A
       Adds the file isxdl.dll"="11/29/2016 6:35 PM, 157616 bytes, A
       Adds the file Italian_pcp.ini"="11/18/2016 5:52 PM, 89426 bytes, A
       Adds the file Italian_uninst.ini"="11/18/2016 5:39 PM, 2948 bytes, A
       Adds the file Japanese_pcp.ini"="11/18/2016 5:52 PM, 52284 bytes, A
       Adds the file Japanese_uninst.ini"="11/18/2016 5:39 PM, 2404 bytes, A
       Adds the file korean_pcp_ko.ini"="11/18/2016 5:52 PM, 60888 bytes, A
       Adds the file korean_uninst_ko.ini"="11/18/2016 5:39 PM, 2712 bytes, A
       Adds the file leftbmp.bmp"="11/18/2016 5:39 PM, 156296 bytes, A
       Adds the file Norwegian_pcp.ini"="11/18/2016 5:52 PM, 79186 bytes, A
       Adds the file Norwegian_uninst.ini"="11/18/2016 5:39 PM, 2888 bytes, A
       Adds the file polish_pcp_pl.ini"="11/18/2016 5:52 PM, 82744 bytes, A
       Adds the file polish_uninst_pl.ini"="11/18/2016 5:39 PM, 3066 bytes, A
       Adds the file portugese_pcp_pt.ini"="11/18/2016 5:52 PM, 86048 bytes, A
       Adds the file portugese_uninst_pt.ini"="11/18/2016 5:39 PM, 2950 bytes, A
       Adds the file Portuguese_pcp.ini"="11/18/2016 5:52 PM, 83668 bytes, A
       Adds the file Portuguese_uninst.ini"="11/18/2016 5:39 PM, 2950 bytes, A
       Adds the file RegList.pcp"="11/18/2016 5:39 PM, 92210 bytes, A
       Adds the file russian_pcp_ru.ini"="11/18/2016 5:52 PM, 86026 bytes, A
       Adds the file russian_uninst_ru.ini"="11/18/2016 5:39 PM, 3214 bytes, A
       Adds the file SecurePCTuneup.exe"="11/29/2016 6:35 PM, 8983984 bytes, A
       Adds the file smsetup.exe"="11/25/2016 7:07 PM, 1272608 bytes, A
       Adds the file Spanish_pcp.ini"="11/18/2016 5:52 PM, 87658 bytes, A
       Adds the file spanish_uninst.ini"="11/18/2016 5:39 PM, 3086 bytes, A
       Adds the file SPTUUns.exe"="11/29/2016 6:35 PM, 572848 bytes, A
       Adds the file Swedish_pcp.ini"="11/18/2016 5:52 PM, 77944 bytes, A
       Adds the file swedish_uninst.ini"="11/18/2016 5:39 PM, 2962 bytes, A
       Adds the file TraditionalCn_pcp_zh-tw.ini"="11/18/2016 5:52 PM, 39540 bytes, A
       Adds the file traditionalcn_uninst_zh-tw.ini"="11/18/2016 5:39 PM, 2654 bytes, A
       Adds the file turkish_pcp_tr.ini"="11/18/2016 5:52 PM, 83522 bytes, A
       Adds the file Turkish_uninst_tr.ini"="11/18/2016 5:39 PM, 3060 bytes, A
       Adds the file unins000.dat"="11/30/2016 9:14 AM, 35259 bytes, A
       Adds the file unins000.exe"="11/30/2016 9:14 AM, 1210800 bytes, A
       Adds the file unins000.msg"="11/30/2016 9:14 AM, 22701 bytes, A
       Adds the file xmllite.dll"="11/18/2016 5:39 PM, 126976 bytes, A
    Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecurePCTuneup
       Adds the file Register SecurePCTuneup.lnk"="11/30/2016 9:14 AM, 1123 bytes, A
       Adds the file SecurePCTuneup.lnk"="11/30/2016 9:14 AM, 1097 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\SecurePCTuneup
       Adds the file backup6.bin"="11/30/2016 9:14 AM, 753 bytes, A
       Adds the file eng_pcp.dat"="11/30/2016 9:14 AM, 29546 bytes, A
       Adds the file ipini.ini"="11/30/2016 9:14 AM, 15 bytes, A
       Adds the file log_11-30-2016.log"="11/30/2016 9:14 AM, 0 bytes, A
       Adds the file results.pcp"="11/30/2016 9:15 AM, 7178 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\System Monitor
       Adds the file eng_em.ini"="6/17/2016 12:42 PM, 636 bytes, A
       Adds the file French_em.ini"="6/17/2016 12:42 PM, 664 bytes, A
       Adds the file German_em.ini"="6/17/2016 12:43 PM, 720 bytes, A
       Adds the file ininotfound0.ini"="11/30/2016 9:14 AM, 172 bytes, A
       Adds the file isxdl.dll"="11/25/2016 7:07 PM, 157640 bytes, A
       Adds the file japan_em.ini"="6/17/2016 12:42 PM, 564 bytes, A
       Adds the file sm.exe"="11/25/2016 7:07 PM, 2933192 bytes, A
    In the existing folder C:\Users\Public\Desktop
       Adds the file SecurePCTuneup.lnk"="11/30/2016 9:14 AM, 1079 bytes, A
    In the existing folder C:\Windows\System32\Tasks
       Adds the file RunAtStartup"="11/30/2016 9:14 AM, 3014 bytes, A
       Adds the file Secure PC Tuneup"="11/30/2016 9:14 AM, 3142 bytes, A
       Adds the file Secure PC Tuneup_DEFAULT"="11/30/2016 9:15 AM, 3248 bytes, A
       Adds the file Secure PC Tuneup_UPDATES"="11/30/2016 9:15 AM, 3060 bytes, A
    In the existing folder C:\Windows\Tasks
       Adds the file Secure PC Tuneup_DEFAULT.job"="11/30/2016 9:15 AM, 294 bytes, A
       Adds the file Secure PC Tuneup_UPDATES.job"="11/30/2016 9:15 AM, 302 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
       "Secure PC Tuneup_DEFAULT.job"="REG_BINARY, ................................
       "Secure PC Tuneup_DEFAULT.job.fp"="REG_DWORD", -159504095
       "Secure PC Tuneup_UPDATES.job"="REG_BINARY, ................................
       "Secure PC Tuneup_UPDATES.job.fp"="REG_DWORD", -1056520787
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Jawego\Params]
       "SPTU"="REG_DWORD", 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SecurePCTuneup_is1]
       "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\SecurePCTuneup\SecurePCTuneup.exe"
       "DisplayName"="REG_SZ", "SecurePCTuneup"
       "DisplayVersion"="REG_SZ", "5.4"
       "EstimatedSize"="REG_DWORD", 13865
       "HelpLink"="REG_SZ", "www.securepctuneup.com"
       "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\SecurePCTuneup"
       "Inno Setup: Icon Group"="REG_SZ", "SecurePCTuneup"
       "Inno Setup: Language"="REG_SZ", "en"
       "Inno Setup: Setup Version"="REG_SZ", "5.5.6 (u)"
       "Inno Setup: User"="REG_SZ", "{username}"
       "InstallDate"="REG_SZ", "20161130"
       "InstallLocation"="REG_SZ", "C:\Program Files (x86)\SecurePCTuneup\"
       "MajorVersion"="REG_DWORD", 5
       "MinorVersion"="REG_DWORD", 4
       "NoModify"="REG_DWORD", 1
       "NoRepair"="REG_DWORD", 1
       "Publisher"="REG_SZ", "www.securepctuneup.com"
       "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\SecurePCTuneup\unins000.exe" /SILENT"
       "UninstallString"="REG_SZ", ""C:\Program Files (x86)\SecurePCTuneup\unins000.exe" /silent"
       "URLInfoAbout"="REG_SZ", "www.securepctuneup.com"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Secure\PC\Tuneup\key\6]
       "(Default)"="REG_BINARY, .......................................................................................................................o............................................................................................................................H...........
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SecurePCTuneup]
       "Expired"="REG_DWORD", 0
       "FirstTimeASPFired"="REG_DWORD", 1
       "MaxFixLimit"="REG_DWORD", 15
       "PCPURL"="REG_SZ", "http://www.securepctuneup.com/buynow/?"
       "RENEWALURL"="REG_SZ", "http://www.securepctuneup.com/renewal/?"
       "ShowExitPage"="REG_DWORD", 0
       "TELNO"="REG_SZ", "(844) 763-5836"
       "TELNODE"="REG_SZ", "(800) 180-6512"
       "TELNOFR"="REG_SZ", "01.76.54.27.59"
       "TELNOJP"="REG_SZ", "03-5050-1410 "
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SecurePCTuneup\LANG]
       "LangID"="REG_DWORD", 0
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\System Monitor]
       "bShowCongratsAfterUpdateRestart"="REG_DWORD", 0
       "Expired"="REG_DWORD", 0
       "first"="REG_DWORD", 1
       "TELNO"="REG_SZ", "(844) 763-5838"
       "TELNOAU"="REG_SZ", "1800 154 231"
       "TELNODE"="REG_SZ", "(800) 180-6512"
       "TELNOFR"="REG_SZ", "01.76.54.05.61"
       "TELNOJP"="REG_SZ", "03-5050-1410 "
       "TELNOUK"="REG_SZ", "0800 031 4657"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\System Monitor\LANG]
       "LangCode"="REG_SZ", "en"
       "LangID"="REG_DWORD", 0
    [HKEY_CURRENT_USER\Software\Secure\PC\Tuneup\key\6]
       "(Default)"="REG_BINARY, .......................................................................................................................o............................................................................................................................H...........
    [HKEY_CURRENT_USER\Software\SecurePCTuneup]
       "1stInstalled_Time"="REG_SZ", "11/30/2016 9:14:49 AM"
       "AutoRepair"="REG_DWORD", 0
       "CanAutoScan"="REG_DWORD", 0
       "CanScanOnLaunch"="REG_DWORD", 0
       "ConfirmBkUps"="REG_DWORD", 1
       "CurrentScanTime"="REG_BINARY, ......0.
       "ErrorCount"="REG_DWORD", 19
       "FirstRun"="REG_DWORD", 1
       "GoToSystemTrayOnClose"="REG_DWORD", 0
       "ImprovementProgram"="REG_DWORD", 1
       "NumTimesPCPRunned"="REG_DWORD", 1
       "RegErrFoundTillDate"="REG_DWORD", 0
       "RegErrsFixedLast"="REG_DWORD", 0
       "RegErrsFixedTillDate"="REG_DWORD", 0
       "ScheduledTime"="REG_SZ", ""
       "SetChkDontShowRedTrayPopup"="REG_DWORD", 0
       "SetChkREmovableMedia"="REG_DWORD", 1
       "SetChkSkipEmptyKeys"="REG_DWORD", 1
       "SetEnableSound"="REG_DWORD", 1
       "StartMinimized"="REG_DWORD", 0
       "StartScan"="REG_DWORD", 0
       "StartWhenWinBoots"="REG_DWORD", 1
       "StrLastOptimizeTime"="REG_SZ", ""
       "StrLastScan"="REG_SZ", "Wed. November 30, 2016. 09:15 AM"
       "StrLastScanResults"="REG_SZ", "19"
       "StrLastStartupOpt"="REG_SZ", ""
       "StrLatestRegDefrag"="REG_SZ", ""
       "StrLatestRestorePoint"="REG_SZ", ""
    [HKEY_CURRENT_USER\Software\SecurePCTuneup\LANG]
       "LangCode"="REG_SZ", "en"
       "LangID"="REG_DWORD", 0
    [HKEY_CURRENT_USER\Software\System Monitor\LANG]
       "LangCode"="REG_SZ", "en"
       "LangID"="REG_DWORD", 0
Malwarebytes Anti-Malware log:
 
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/30/2016
Scan Time: 9:27 AM
Logfile: mbamSecurePCTuneup.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.11.30.04
Rootkit Database: v2016.11.20.01
License: Premium
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {username}

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 303584
Time Elapsed: 8 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
PUP.Optional.SystemMonitor, C:\Users\{username}\AppData\Roaming\System Monitor\sm.exe, 3588, Delete-on-Reboot, [313be7df9ffb7abc1ff33276887bf709]
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\SecurePCTuneup.exe, 1700, Delete-on-Reboot, [56169f273367d4624b94f7eea45f8779]

Modules: 3
PUP.Optional.SystemMonitor, C:\Users\{username}\AppData\Roaming\System Monitor\isxdl.dll, Delete-on-Reboot, [313be7df9ffb7abc1ff33276887bf709], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\isxdl.dll, Delete-on-Reboot, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\xmllite.dll, Delete-on-Reboot, [56169f273367d4624b94f7eea45f8779], 

Registry Keys: 9
PUP.Optional.SecurePCTuneup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{043CF42D-5E25-4255-BDED-AF527256D33A}, Delete-on-Reboot, [cf9d40868e0c0d297c682abbe320b749], 
PUP.Optional.SecurePCTuneup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AA67C9F2-1FD8-4AD4-97E7-A31D0BC2F625}, Delete-on-Reboot, [4c20dcea0595e65040a41fc6c53e1ce4], 
PUP.Optional.SecurePCTuneup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FDDEE7B8-84B3-48C7-A224-A0BA2BA23E4F}, Delete-on-Reboot, [de8e8b3bd2c8ba7c03e1ffe6f90a4ab6], 
PUP.Optional.SecurePCTuneup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Secure PC Tuneup, Delete-on-Reboot, [92daf7cf168492a440a345a0af546898], 
PUP.Optional.SecurePCTuneup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Secure PC Tuneup_DEFAULT, Delete-on-Reboot, [1458a2240f8bc373eef512d3c43f05fb], 
PUP.Optional.SecurePCTuneup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Secure PC Tuneup_UPDATES, Delete-on-Reboot, [66064284c8d256e0a63ddf0658ab26da], 
PUP.Optional.SystemMonitor, HKLM\SOFTWARE\WOW6432NODE\SYSTEM MONITOR, Quarantined, [eb81ab1b6b2f7fb7a66f3e6ae51e08f8], 
PUP.Optional.SystemMonitor, HKCU\SOFTWARE\SYSTEM MONITOR\LANG, Quarantined, [e68671554e4cef479398396f13f04eb2], 
PUP.Optional.SecurePCTuneup, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SecurePCTuneup_is1, Quarantined, [56169f273367d4624b94f7eea45f8779], 

Registry Values: 5
PUP.Optional.SecurePCTuneup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{043CF42D-5E25-4255-BDED-AF527256D33A}|Path, \Secure PC Tuneup, Delete-on-Reboot, [cf9d40868e0c0d297c682abbe320b749]
PUP.Optional.SecurePCTuneup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AA67C9F2-1FD8-4AD4-97E7-A31D0BC2F625}|Path, \Secure PC Tuneup_DEFAULT, Delete-on-Reboot, [4c20dcea0595e65040a41fc6c53e1ce4]
PUP.Optional.SecurePCTuneup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FDDEE7B8-84B3-48C7-A224-A0BA2BA23E4F}|Path, \Secure PC Tuneup_UPDATES, Delete-on-Reboot, [de8e8b3bd2c8ba7c03e1ffe6f90a4ab6]
PUP.Optional.SystemMonitor, HKLM\SOFTWARE\WOW6432NODE\SYSTEM MONITOR|TELNO, (844) 763-5838, Quarantined, [eb81ab1b6b2f7fb7a66f3e6ae51e08f8]
PUP.Optional.SystemMonitor, HKCU\SOFTWARE\SYSTEM MONITOR\LANG|LangID, 0, Quarantined, [e68671554e4cef479398396f13f04eb2]

Registry Data: 0
(No malicious items detected)

Folders: 4
PUP.Optional.SystemMonitor, C:\Users\{username}\AppData\Roaming\System Monitor, Delete-on-Reboot, [313be7df9ffb7abc1ff33276887bf709], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup, Delete-on-Reboot, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecurePCTuneup, Quarantined, [da92e1e57e1c59dd33ad4f96be451ae6], 
PUP.Optional.SecurePCTuneup, C:\Users\{username}\AppData\Roaming\SecurePCTuneup, Delete-on-Reboot, [c1ab4b7b7d1d9b9b965040a581822dd3], 

Files: 73
PUP.Optional.SecurePCTuneup, C:\Users\{username}\Desktop\setup.exe, Quarantined, [5d0fccfa1783f6404099d411c241e818], 
PUP.Optional.SystemMonitor, C:\Users\{username}\AppData\Roaming\System Monitor\eng_em.ini, Quarantined, [313be7df9ffb7abc1ff33276887bf709], 
PUP.Optional.SystemMonitor, C:\Users\{username}\AppData\Roaming\System Monitor\French_em.ini, Quarantined, [313be7df9ffb7abc1ff33276887bf709], 
PUP.Optional.SystemMonitor, C:\Users\{username}\AppData\Roaming\System Monitor\German_em.ini, Quarantined, [313be7df9ffb7abc1ff33276887bf709], 
PUP.Optional.SystemMonitor, C:\Users\{username}\AppData\Roaming\System Monitor\ininotfound0.ini, Quarantined, [313be7df9ffb7abc1ff33276887bf709], 
PUP.Optional.SystemMonitor, C:\Users\{username}\AppData\Roaming\System Monitor\isxdl.dll, Delete-on-Reboot, [313be7df9ffb7abc1ff33276887bf709], 
PUP.Optional.SystemMonitor, C:\Users\{username}\AppData\Roaming\System Monitor\japan_em.ini, Quarantined, [313be7df9ffb7abc1ff33276887bf709], 
PUP.Optional.SystemMonitor, C:\Users\{username}\AppData\Roaming\System Monitor\sm.exe, Delete-on-Reboot, [313be7df9ffb7abc1ff33276887bf709], 
PUP.Optional.SecurePCTuneup, C:\Users\Public\Desktop\SecurePCTuneup.lnk, Quarantined, [96d6cff75b3f50e600de6d78798a6799], 
PUP.Optional.SecurePCTuneup, C:\Windows\Tasks\Secure PC Tuneup_DEFAULT.job, Quarantined, [1d4f6e58acee77bf548d4a9b778c53ad], 
PUP.Optional.SecurePCTuneup, C:\Windows\Tasks\Secure PC Tuneup_UPDATES.job, Quarantined, [0a62f2d458423204a73a598c31d239c7], 
PUP.Optional.SecurePCTuneup, C:\Windows\System32\Tasks\Secure PC Tuneup, Quarantined, [d29abd099802f83ed012786dcf34f20e], 
PUP.Optional.SecurePCTuneup, C:\Windows\System32\Tasks\Secure PC Tuneup_DEFAULT, Quarantined, [e58726a0f0aab5817a6803e2f60dbd43], 
PUP.Optional.SecurePCTuneup, C:\Windows\System32\Tasks\Secure PC Tuneup_UPDATES, Quarantined, [204cb0166634a1959e447d68d92a9b65], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Finnish_uninst_fi.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Japanese_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\RegList.pcp, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Chinese_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Chinese_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Danish_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Danish_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Dutch_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Dutch_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\eng_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\eng_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\FileList.pcp, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Finnish_pcp_fi.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Japanese_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\korean_pcp_ko.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\korean_uninst_ko.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\leftbmp.bmp, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Norwegian_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Norwegian_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\polish_pcp_pl.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\polish_uninst_pl.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\portugese_pcp_pt.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\portugese_uninst_pt.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Portuguese_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Portuguese_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\French_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\French_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\German_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\German_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\greek_pcp_el.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\greek_uninst_el.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\isxdl.dll, Delete-on-Reboot, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Italian_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Italian_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\russian_pcp_ru.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\russian_uninst_ru.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\SecurePCTuneup.exe, Delete-on-Reboot, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\smsetup.exe, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Spanish_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\spanish_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\SPTUUns.exe, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Swedish_pcp.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\swedish_uninst.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\TraditionalCn_pcp_zh-tw.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\traditionalcn_uninst_zh-tw.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\turkish_pcp_tr.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\Turkish_uninst_tr.ini, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\unins000.dat, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\unins000.exe, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\unins000.msg, Quarantined, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\Program Files (x86)\SecurePCTuneup\xmllite.dll, Delete-on-Reboot, [56169f273367d4624b94f7eea45f8779], 
PUP.Optional.SecurePCTuneup, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecurePCTuneup\Register SecurePCTuneup.lnk, Quarantined, [da92e1e57e1c59dd33ad4f96be451ae6], 
PUP.Optional.SecurePCTuneup, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecurePCTuneup\SecurePCTuneup.lnk, Quarantined, [da92e1e57e1c59dd33ad4f96be451ae6], 
PUP.Optional.SecurePCTuneup, C:\Users\{username}\AppData\Roaming\SecurePCTuneup\1480494393.reg, Quarantined, [c1ab4b7b7d1d9b9b965040a581822dd3], 
PUP.Optional.SecurePCTuneup, C:\Users\{username}\AppData\Roaming\SecurePCTuneup\backup6.bin, Quarantined, [c1ab4b7b7d1d9b9b965040a581822dd3], 
PUP.Optional.SecurePCTuneup, C:\Users\{username}\AppData\Roaming\SecurePCTuneup\eng_pcp.dat, Quarantined, [c1ab4b7b7d1d9b9b965040a581822dd3], 
PUP.Optional.SecurePCTuneup, C:\Users\{username}\AppData\Roaming\SecurePCTuneup\ipini.ini, Quarantined, [c1ab4b7b7d1d9b9b965040a581822dd3], 
PUP.Optional.SecurePCTuneup, C:\Users\{username}\AppData\Roaming\SecurePCTuneup\log_11-30-2016.log, Delete-on-Reboot, [c1ab4b7b7d1d9b9b965040a581822dd3], 
PUP.Optional.SecurePCTuneup, C:\Users\{username}\AppData\Roaming\SecurePCTuneup\results.pcp, Quarantined, [c1ab4b7b7d1d9b9b965040a581822dd3], 

Physical Sectors: 0
(No malicious items detected)


(end)
As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.
We use different ways of protecting your computer(s):
  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention
Save yourself the hassle and get protected.
Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.