Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My laptop is infected by Win32:Vitro and Virus.Chir(W32:Chir.B@mm)(Runouce.e


  • Please log in to reply
7 replies to this topic

#1 BulCon

BulCon

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 22 June 2014 - 10:18 AM

My laptop was infected by the above and, i've been trying to fight it for lyk a week,downloading AVs and tools,reading online forums and forums my head even hurts.I downloaded Malware Bytes and Super AntiSpyware but none of them could remove the virus permanently:it kept coming back.With time they even stopped detecting the virus.I downloaded the new Avast(2014) which detected hundreds of threats and infected files,but whenever the full scan was done and repair begun,it just froze,and the boot time scan made me delete many system files so i was forced to system restore.Almost all my applications including the browsers crached.All the the above AVs eventually crashed after a reboot or after two days maximum.I am computer savvy and i thought i could save my machine but i guess am reaching my limit.I cant understand the AV logs,so i need a helper to join me in this exasperating journey to save my machine.

If anyone can,pliz help.

Thx.


Edited by hamluis, 22 June 2014 - 10:25 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 wpgwpg

wpgwpg

  • Members
  • 1,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US of A
  • Local time:11:59 PM

Posted 22 June 2014 - 10:44 AM

 The first thing you should do is to back up any data you don't want to lose.  It sounds like your software is pretty far gone, but you could try running your antivirus program in Safe Mode since some viruses can hide in normal mode.  If that doesn't fix the problem, I'd restore to factory settings.  All laptops come with that capability, documented in your user guide.  Since you neglected to mention your make and model, I can't be more specific.

 

 Please download and run Speccy, then post the results here.  After Speccy runs, click File -> Publish snapshot.  That will save the report in the cloud and give you a link to it.  Post the link here.

 

Good luck.


Edited by wpgwpg, 22 June 2014 - 10:55 AM.

Everyone with a computer should back his system up to an external hard drive regularly.  :thumbsup:

#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,601 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:59 PM

Posted 22 June 2014 - 11:37 AM

If you backup the data it may be infected.  When you reinstall the data you will reintroduce the infection.
 
The appropriate action now is to find and remove the malware.  Try to do anything else at this point could exacerbate the situation.
 
Please post the malwarebytes log and any other logs you have from scans.  
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.
 

 
Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png

 

Please download and run RKill.

 

RKill is an easy to use tool that kills known processes and removes Windows Registry entries that stop a user from using their normal security applications.  These settings will remain until the computer is rebooted, for this reason you must run the security application before the computer is rebooted.  
 
Please download RKill and install it.
 
When RKill is run it will display a console screen similar to the one below:
 
RKill_zps2e34d4b8.png
 
When RKill has finished running a log will be displayed showing all of the processes that were terminated by RKill.
 
Attention:  At this time you need to run your security applications.
 
While RKill is running you may see a message from the malware stating that the program could not be run because it is a virus or is infected.  This is the malware trying to protect itself.  Two methods that you can try to get past this and allow RKill to run are:
 
1)  Rename Rkill so that it has a .com extension.
 
2)  Download a version that is already renamed as files that are commonly white-listed by malware. The main Rkill download page contains individual links to renamed versions.  
 
After the application has run successfully you should reboot the computer to restore the processes and Windows Registry entries. 
 

 


Please run the ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:59 PM

Posted 22 June 2014 - 07:48 PM

I'm afraid I have very bad news.

Win32:Vitro is the name (used by avast) for the Win32:Virut family of malware.

Virut is a polymorphic file infector with IRCBot functionality which infects .exe, .scr files, and opens a back door that compromises your computer. Using this backdoor, a remote attacker can access and instruct the infected computer to download and execute more malicious files.

-- Note: As with most malware infections, the threat name may be different depending on the anti-virus or anti-malware program which detected it. Each security vendor uses their own naming conventions to identify various types of malware.W32.Chir.B@mm is a mass-mailing worm and virus that sends itself to email addresses gathered from the compromised computer. It is also a file-infector virus.

With this particular infection, the safest solution and only sure way to remove it effectively is to reformat and reinstall the OS.

Why? According to this Norman White Paper Assessment of W32/Virut, some variants can infect the HOSTS file and block access to security related web sites. Other variants of virut can even penetrate and infect .exe files within compressed files (.zip, .cab, rar). The Virux and Win32/Virut.17408 variants are an even more complex file infectors which can embed an iframe into the body of web-related files and infect script files (.php, .asp, .htm, .html, .xml). When Virut creates infected files, it also creates non-functional files that are corrupted beyond repair and in some instances can disable Windows File Protection. In many cases the infected files cannot be disinfected properly by your anti-virus. When disinfection is attempted, the files become corrupted and the system may become irreparable. The longer virut remains on a computer, the more critical system files will become infected and corrupt so the degree of damage can vary.


The virus disables Windows File Protection by injecting code into the "winlogon.exe" process that patches system code in memory.

CA Virus detail of W32/Virut


The virus has a number of bugs in its code, and as a result it may misinfect a proportion of executable files....some W32/Virut.h infections are corrupted beyond repair.

McAfee Risk Assessment and Overview of W32/Virut


There are bugs in the viral code. When the virus produces infected files, it also creates non-functional files that also contain the virus...Due to the damaged caused to files by virut it's possible to find repaired but corrupted files. They became corrupted by the incorrect writing of the viral code during the process of infection. undetected, corrupted files (possibly still containing part of the viral code) can also be found. this is caused by incorrectly written and non-function viral code present in these files.

AVG Overview of W32/Virut

Virut is commonly spread via a flash drive (usb, pen, thumb, jump) infection using RUNDLL32.EXE and other malicious files. It is often contracted by visiting remote, crack and keygen sites. These type of sites are infested with a smörgåsbord of malware and a major source of system infection.


...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

However, the CA Security Advisor Research Blog have found MySpace user pages carrying the malicious Virut URL. Either way you can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

Since virut is not effectively disinfectable, your best option is to perform a full reformat as there is no guarantee this infection can be completely removed. In most instances it may have caused so much damage to critical system files that it cannot be completely cleaned or repaired. In many cases the infected files (which could number in the thousands) cannot be deleted and anti-virus scanners cannot disinfect them properly. Security vendors that claim to be able to remove file infectors cannot guarantee that all traces of it will be removed as they may not find all the remnants. If something goes awry during the malware removal process there is always a risk the computer may become unstable or unbootable and you could loose access to all your data.

Further, your machine has likely been compromised by the backdoor Trojan and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if your anti-virus reports that the malware appears to have been removed.

Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat and reinstall the OS. Reinstalling Windows without first wiping the entire hard drive with a repartition and/or format will not remove the infection. The reinstall will only overwrite the Windows files. Any malware on the system will still be there afterwards. Please read:

Whenever a system has been compromised by a backdoor payload, it is impossible to know if or how much the backdoor has been used to affect your system...There are only a few ways to return a compromised system to a confident security configuration. These include:
Reimaging the system
Restoring the entire system using a full system backup from before the backdoor infection
Reformatting and reinstalling the system

Backdoors and What They Mean to You

This is what security expert miekiemoes has to say: Virut and other File infectors - Throwing in the Towel?

If I guide someone with Virut (or any other File Infector) present and their Antivirus cannot properly disinfect it, then I recommend a format and reinstall...dealing with such infections is a waste of time and that's why I prefer the fastest and safest solution - which is a format and reinstall...After all, I think it would be irresponsible to let the malware "stew" (download/spread/run more malware) for another couple of days/weeks if you already know it's a lost case.

This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.

The only way to clean a compromised system is to flatten and rebuild. Thats right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,601 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:59 PM

Posted 23 June 2014 - 09:23 AM

Thank you quietman7.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:59 PM

Posted 23 June 2014 - 12:09 PM

You're welcome.

Unfortunately we cannot BulCon. I do not know of any security vendor who will guarantee complete removal of file infectors since they cannot ensure that some files will not get corrupted during the disinfection process. This means that infected executables and system files can become unusable after attempting to repair them which then may affect the stability of the computer or worst, keep it from booting properly. If the computer is able to boot afterward, there is still no guarantee the virus is really gone. Since many of the affected files are legitimate critical files required by the operating system, deletion is not a viable option.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 BulCon

BulCon
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 26 June 2014 - 02:54 PM

Thank you all,i think i'll jst have to "flatten and rebuild" like quietman7 suggests;format and reinstall.Though for dc3's sake, if its anything here is the MalwareBytes

log.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/16/2014
Scan Time: 9:24:14 PM
Logfile: virus log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.16.07
Rootkit Database: v2014.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: DELL

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 240863
Time Elapsed: 6 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 10
PUP.Optional.SystemK.A, C:\Program Files\Settings Manager\systemk\SystemkService.exe, 1748, Delete-on-Reboot, [32f5caaf2358c17593ee3649f30ef10f]
PUP.Optional.SystemK.A, C:\Program Files\Settings Manager\systemk\SystemkService.exe, 1864, Delete-on-Reboot, [32f5caaf2358c17593ee3649f30ef10f]
PUP.Optional.Outobox.A, C:\Program Files\outobox\updateoutobox.exe, 1828, Delete-on-Reboot, [190ea3d6e29945f1e69d5800639e48b8]
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\utiloutobox.exe, 1896, Delete-on-Reboot, [c66179006e0d84b2295ad583c14003fd]
Worm.ChineseHacker, C:\Windows\System32\runouce.exe, 2332, Delete-on-Reboot, [1512cdace19a40f6717ba0cb7c8839c7]
Worm.ChineseHacker, C:\Windows\System32\runouce.exe, 2852, Delete-on-Reboot, [1512cdace19a40f6717ba0cb7c8839c7]
PUP.Optional.SystemK.A, C:\Program Files\Settings Manager\systemk\systemku.exe, 3772, Delete-on-Reboot, [9b8cf1882e4d6fc7265bd2ad1ee36898]
Virus.Chir, C:\Program Files\airtel mobile broadband\airtel mobile broadband.exe, 992, Delete-on-Reboot, [c265285180fb8caa03c087968f75f808]
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\outobox.BrowserAdapter.exe, 3960, Delete-on-Reboot, [87a0fc7da3d8d561a255994e748fa65a]
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\outobox.PurBrowse.exe, 2516, Delete-on-Reboot, [87a0fc7da3d8d561a255994e748fa65a]

Modules: 24
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\syskldr.dll, Delete-on-Reboot, [12155d1c83f82f075239ff6aae56b749],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\syskldr.dll, Delete-on-Reboot, [12155d1c83f82f075239ff6aae56b749],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\{1a147621-8c9a-4d6b-a557-6513a40d3207}.dll, Delete-on-Reboot, [87a0fc7da3d8d561a255994e748fa65a],

Registry Keys: 105
PUP.Optional.SystemK.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SystemkService, Delete-on-Reboot, [32f5caaf2358c17593ee3649f30ef10f],
PUP.Optional.Outobox.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update outobox, Quarantined, [190ea3d6e29945f1e69d5800639e48b8],
PUP.Optional.Outobox.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util outobox, Quarantined, [c66179006e0d84b2295ad583c14003fd],
Virus.Chir, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BackupStack, Quarantined, [d5529adff784c2747c474ecff80c0df3],
PUP.Optional.SystemK.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A91196222, Delete-on-Reboot, [3deaa7d24c2f6dc92e536a159d64da26],
Virus.Chir, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Steam Client Service, Quarantined, [a87ff0893942e056fcc7c6570df747b9],
Virus.Chir, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\odserv, Quarantined, [7daa3742d3a8d1659c2774a9d331c53b],
Virus.Chir, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vToolbarUpdater18.1.6, Quarantined, [4cdb5524413a0432ead92af3a95b3ec2],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, Quarantined, [032479007b00152171f6beb016eb52ae],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\Linkey.Linkey, Quarantined, [032479007b00152171f6beb016eb52ae],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, Quarantined, [032479007b00152171f6beb016eb52ae],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, Quarantined, [032479007b00152171f6beb016eb52ae],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, Quarantined, [032479007b00152171f6beb016eb52ae],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{726E90BE-DC22-4965-B215-E0784DC26F47}, Quarantined, [032479007b00152171f6beb016eb52ae],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}, Quarantined, [032479007b00152171f6beb016eb52ae],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\INPROCSERVER32, Quarantined, [032479007b00152171f6beb016eb52ae],
PUP.Optional.SoftonicTB.A, HKLM\SOFTWARE\CLASSES\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}, Quarantined, [3ee9a4d51665e254fcf55624d03120e0],
PUP.Optional.SoftonicTB.A, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr.1, Quarantined, [3ee9a4d51665e254fcf55624d03120e0],
PUP.Optional.SoftonicTB.A, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr, Quarantined, [3ee9a4d51665e254fcf55624d03120e0],
PUP.Optional.SoftonicTB.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, Quarantined, [3ee9a4d51665e254fcf55624d03120e0],
PUP.Optional.SoftonicTB.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, Quarantined, [3ee9a4d51665e254fcf55624d03120e0],
PUP.Optional.SoftonicTB.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, Quarantined, [3ee9a4d51665e254fcf55624d03120e0],
PUP.Optional.SoftonicTB.A, HKLM\SOFTWARE\CLASSES\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}\INPROCSERVER32, Quarantined, [3ee9a4d51665e254fcf55624d03120e0],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\APPID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}, Quarantined, [4ed9de9b96e5ff37ce31360af1113cc4],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Quarantined, [39ee31482556cf673dfad89f07fb5fa1],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, Quarantined, [68bfd1a8116ae056962cd769b34f718f],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd.1, Quarantined, [68bfd1a8116ae056962cd769b34f718f],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd, Quarantined, [68bfd1a8116ae056962cd769b34f718f],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, Quarantined, [68bfd1a8116ae056962cd769b34f718f],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, Quarantined, [68bfd1a8116ae056962cd769b34f718f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\CLSID\{D7A09A0B-D2E6-413F-9EBF-F8AD66839544}, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\CLSID\{70170253-4565-4F72-AABC-264A3F35E97F}, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{D43542E1-A3D0-415A-BD94-D190DEA9FA2E}, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test 125.Tool.1, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test 125.Tool, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\CLSID\{D7A09A0B-D2E6-413F-9EBF-F8AD66839544}\INPROCSERVER32, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test 125.ScriptHostObject.1, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test 125.ScriptHostObject, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D7A09A0B-D2E6-413F-9EBF-F8AD66839544}, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.SpeedTest.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D7A09A0B-D2E6-413F-9EBF-F8AD66839544}, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.SpeedTest.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D7A09A0B-D2E6-413F-9EBF-F8AD66839544}, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
PUP.Optional.Outobox.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{30F06672-0E95-41A9-80CB-DEE386AF99AD}, Quarantined, [90978bee3d3eb482eebeea5941c113ed],
PUP.Optional.Outobox.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{30F06672-0E95-41A9-80CB-DEE386AF99AD}, Quarantined, [90978bee3d3eb482eebeea5941c113ed],
Virus.Chir, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DRPSu Updater, Quarantined, [7daa384128533cfaf6cdda4303018f71],
Virus.Chir, HKLM\SOFTWARE\CLASSES\TYPELIB\{D6957D57-E5A7-4d4e-93DF-84C5585D4FEB}, Quarantined, [28ff2f4ab5c6aa8c744f7ca16e969070],
Virus.Chir, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA377CBB-1BBD-45E2-A375-46D8A06FD3E7}, Quarantined, [28ff2f4ab5c6aa8c744f7ca16e969070],
Virus.Chir, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEINSTAL.EXE, Delete-on-Reboot, [9c8b3445bcbf3303319241dca55f33cd],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, Quarantined, [fe29225745363105c12915a0f80a8c74],
PUP.Optional.Outobox.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\outobox, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, HKLM\SOFTWARE\outobox, Quarantined, [998e88f174071224da1e994ec24111ef],
PUP.Optional.SystemK.A, HKLM\SOFTWARE\SystemK, Quarantined, [a87ff4855b20f0465e2ce6bb07fb4eb2],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test 125.BackgroundHostObject, Quarantined, [79aed8a12b50e3531e504979e022f907],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test 125.BackgroundHostObject.1, Quarantined, [41e6c6b39cdf4cea0965eed434ce4fb1],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test 125.Navbar, Quarantined, [10177ffafc7f49ed9ad4ffc39d65bd43],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test 125.Navbar.1, Quarantined, [1611d2a71863f2442c42dfe3887a2bd5],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc, Quarantined, [4addcbaea6d53bfb8e26bcf8e220659b],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc.1, Quarantined, [47e0bebbceadd165a113169e5fa3639d],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\elchiiiejkobdbblfejjkbphbddgmljf, Quarantined, [35f23f3ae992a393d2e56d47887a0cf4],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\LINKEY, Quarantined, [79ae6d0cc9b22412bc316b4a27db817f],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXE, Quarantined, [4dda6c0d2556270fbd30153156ad7c84],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\SOFTONIC\Softonic, Quarantined, [29feb2c7e09bc86e8137f1c3c83a08f8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\SYSTEMK\General, Quarantined, [b077d9a0cab1e056de8f7441df23e719],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Quarantined, [5acdbdbc99e268ce330922b8fb088d73],
PUP.Optional.Outobox.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\outobox, Quarantined, [74b3f683bdbe39fd00f9dc0ba06338c8],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\softonicToolbar, Quarantined, [e93eadccbbc0f6409b1bcde7dd253dc3],
PUP.Optional.SystemK.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SystemK, Quarantined, [2304d7a2abd01323e08d5151f40e5ca4],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Softonic, Quarantined, [a97e0a6f7b00ed49476e4a6afb0725db],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [91967207cfac35018005d0e18d759f61],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{40E121D6-8605-4E62-8BA3-FE4F2E61A67B}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{045F91B3-695F-423A-98C7-8DE3C47AA020}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A1440EC3-F0FA-407A-B811-DE6668C06D29}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C815E3DA-0823-49B0-9270-D1771D58B317}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E4A994B0-5550-4680-A4C6-B9470B888069}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F9EB11AB-9384-4736-9B33-993940F88895}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B16FA26A-68F3-47B0-BC3C-F4F5597B5E42}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\CLSID\{802D8270-DC65-4D94-A8DC-FB5CD12757D8}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{3AEE04F7-2C58-4D60-BDA4-3B239DC605D4}, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Speed Test 125, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}, Quarantined, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\SettingsManagerIEHelper.DNSGuard, Quarantined, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\SettingsManagerIEHelper.DNSGuard.1, Quarantined, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{54739D49-AC03-4C57-9264-C5195596B3A1}, Quarantined, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}, Quarantined, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}, Quarantined, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA760BA8-5862-4BC5-9263-4452CBC0B264}, Quarantined, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Settings Manager, Quarantined, [7daae099166572c4d454aae7a260718f],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\SoftonicApp.appCore.1, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\SoftonicApp.appCore, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B15F118E-AF21-45E8-A809-29FDD7362565}, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],

Registry Values: 7
Worm.ChineseHacker, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Runonce, C:\Windows\system32\runouce.exe, Quarantined, [1512cdace19a40f6717ba0cb7c8839c7]
Virus.Chir, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Broadcom Wireless Manager UI, C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe, Quarantined, [5acdc8b1c1ba4de9863d0e0f877dbd43]
PUP.Optional.Softonic.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, Softonic Toolbar, Quarantined, [68bfd1a8116ae056962cd769b34f718f]
PUP.Optional.Softonic.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, Quarantined, [0f187405532863d34c76ab95ee1441bf],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\LINKEY|ie_jsurl, http://app.linkeyproject.com/popup/IE/background.js, Quarantined, [79ae6d0cc9b22412bc316b4a27db817f]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXE|Debugger, "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe", Quarantined, [4dda6c0d2556270fbd30153156ad7c84]
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\SYSTEMK|browser,  ff, Quarantined, [7daa0d6cb0cb69cdd69806afc042e818]

Registry Data: 1
PUP.Optional.DefaultSearch.A, HKU\S-1-5-21-3153937261-1317232734-1648348341-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.default-search.net?sid=476&aid=107&itype=a&ver=12692&tm=270&src=hmp, Good: (www.google.com), Bad: (http://www.default-search.net?sid=476&aid=107&itype=a&ver=12692&tm=270&src=hmp),Replaced,[7aad80f9a3d8bd796b735618659ffc04]

Folders: 26
PUP.Optional.SystemK.A, C:\ProgramData\systemk, Quarantined, [ad7a7bfebcbf320409145c589969c739],
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Softonic, Quarantined, [eb3c5029027986b03d748133e22017e9],
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Softonic\Softonic, Quarantined, [eb3c5029027986b03d748133e22017e9],
PUP.Optional.Linkey.A, C:\Program Files\Linkey, Quarantined, [fe29225745363105c12915a0f80a8c74],
PUP.Optional.Linkey.A, C:\Program Files\Linkey\ChromeExtension, Quarantined, [fe29225745363105c12915a0f80a8c74],
PUP.Optional.Linkey.A, C:\Program Files\Linkey\IEExtension, Quarantined, [fe29225745363105c12915a0f80a8c74],
PUP.Optional.Outobox.A, C:\Program Files\outobox, Delete-on-Reboot, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin, Delete-on-Reboot, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\plugins, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\TEMP, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.NextLive.A, C:\Users\DELL\AppData\Roaming\newnext.me, Quarantined, [db4c2a4f7ffcbc7a814c7d0e05fd5ba5],
PUP.Optional.NextLive.A, C:\Users\DELL\AppData\Roaming\newnext.me\cache, Quarantined, [db4c2a4f7ffcbc7a814c7d0e05fd5ba5],
PUP.Optional.SpeedTest.A, C:\Users\DELL\AppData\Roaming\speedtest125, Quarantined, [e4432653c1ba58de1510741862a0fb05],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\mz, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\content, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\content\js, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\skin, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.Softonic.A, C:\Program Files\Softonic\Softonic, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, C:\Program Files\Softonic\Softonic\1.8.28.14, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, C:\Program Files\Softonic\Softonic\1.8.28.14\bh, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Local\Temp\mt_ffx\Softonic, Quarantined, [02255722f487a294cde60c8541c111ef],
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Local\Temp\mt_ffx\Softonic\Softonic, Quarantined, [02255722f487a294cde60c8541c111ef],
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Local\Temp\mt_ffx\Softonic\Softonic\1.8.28.14, Quarantined, [02255722f487a294cde60c8541c111ef],

Files: 251
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\sysapcrt.dll, Delete-on-Reboot, [41e6cbaef982c76f4e4db1b8e71da45c],
PUP.Optional.SystemK.A, C:\Program Files\Settings Manager\systemk\SystemkService.exe, Delete-on-Reboot, [32f5caaf2358c17593ee3649f30ef10f],
PUP.Optional.AztecMedia.A, C:\Program Files\Settings Manager\systemk\syskldr.dll, Delete-on-Reboot, [12155d1c83f82f075239ff6aae56b749],
PUP.Optional.Outobox.A, C:\Program Files\outobox\updateoutobox.exe, Delete-on-Reboot, [190ea3d6e29945f1e69d5800639e48b8],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\utiloutobox.exe, Delete-on-Reboot, [c66179006e0d84b2295ad583c14003fd],
Worm.ChineseHacker, C:\Windows\System32\runouce.exe, Delete-on-Reboot, [1512cdace19a40f6717ba0cb7c8839c7],
PUP.Optional.SystemK.A, C:\Program Files\Settings Manager\systemk\systemku.exe, Delete-on-Reboot, [9b8cf1882e4d6fc7265bd2ad1ee36898],
Virus.Chir, C:\Program Files\airtel mobile broadband\airtel mobile broadband.exe, Delete-on-Reboot, [c265285180fb8caa03c087968f75f808],
Virus.Chir, C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE, Quarantined, [5acdc8b1c1ba4de9863d0e0f877dbd43],
Virus.Chir, C:\Program Files\MyPC Backup\BackupStack.exe, Quarantined, [d5529adff784c2747c474ecff80c0df3],
PUP.Optional.SystemK.A, C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg, Delete-on-Reboot, [3deaa7d24c2f6dc92e536a159d64da26],
Virus.Chir, C:\Program Files\Common Files\Steam\SteamService.exe, Quarantined, [a87ff0893942e056fcc7c6570df747b9],
Virus.Chir, C:\Program Files\Common Files\microsoft shared\OFFICE12\ODSERV.EXE, Quarantined, [7daa3742d3a8d1659c2774a9d331c53b],
Virus.Chir, C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE, Quarantined, [0f185c1d69126bcb1ea52df0eb1901ff],
Virus.Chir, C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.6\ToolbarUpdater.exe, Quarantined, [4cdb5524413a0432ead92af3a95b3ec2],
PUP.Optional.Linkey.A, C:\Program Files\Linkey\IEExtension\iedll.dll, Quarantined, [032479007b00152171f6beb016eb52ae],
PUP.Optional.SoftonicTB.A, C:\Program Files\Softonic\Softonic\1.8.28.14\bh\Softonic.dll, Quarantined, [3ee9a4d51665e254fcf55624d03120e0],
PUP.Optional.Softonic.A, C:\Program Files\Softonic\Softonic\1.8.28.14\SoftonicTlbr.dll, Quarantined, [68bfd1a8116ae056962cd769b34f718f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\ScriptHost.dll, Quarantined, [48dfafcae09b0d292558bb85e41e30d0],
Virus.Chir, C:\ProgramData\pclunst.exe, Quarantined, [e5425f1ae5961a1c9d262bf224e05da3],
Virus.Chir, C:\ProgramData\airtel mobile broadband\OnlineUpdate\LiveUpd.exe, Quarantined, [b572e0995229c571a41fec3100044cb4],
Virus.Chir, C:\ProgramData\airtel mobile broadband\OnlineUpdate\ouc.exe, Quarantined, [988f2059c1ba32043b88f22b60a43cc4],
Virus.Chir, C:\ProgramData\Avg_Update_0414c\0414c_{EF93F75D-19E8-4A27-8569-895D99A84632}.exe, Quarantined, [0e1986f3a9d2f73fc102e4393fc501ff],
Virus.Chir, C:\ProgramData\DatacardService\DCService.exe, Quarantined, [73b45f1a0e6d1a1c467de33aa460718f],
Virus.Chir, C:\Users\DELL\AppData\Roaming\DRPSu\DrvUpdater.exe, Quarantined, [7daa384128533cfaf6cdda4303018f71],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\Del_CD_ROM.exe, Quarantined, [d94ec2b765166bcbc6fd5ebff80c53ad],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\Huaweiregcleaner.exe, Quarantined, [a97ea2d780fb0f2717ac2fee2dd75aa6],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\InstallWTGService.exe, Quarantined, [7bacabce89f28ea811b219040ef6cd33],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\InternetEverywhere.exe, Quarantined, [d25514657a0190a65073ae6f07fdbf41],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\InternetEverywhere_Launcher.exe, Quarantined, [d156ed8c90eb62d407bcbc61b054738d],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\InternetEverywhere_Service.exe, Quarantined, [59ce22577efdc076f0d3bd6061a338c8],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\InternetEverywhere_SMSMMS.exe, Quarantined, [38ef35443744d3630ab9b469000441bf],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\OSU.exe, Quarantined, [4bdcd2a76f0cec4a9e25e03d90746a96],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\Setup.exe, Quarantined, [50d7dd9c225976c04c7737e6bd470000],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\Uninstaller.exe, Quarantined, [1116c3b67902ef47f5ce67b682828878],
Virus.Chir, C:\Users\DELL\AppData\Roaming\InternetEverywhere\BackUp\WTGVistaUtil.exe, Quarantined, [e1467bfe7efdd4625c67ef2eb74d8080],
PUP.Optional.NextLive.A, C:\Users\DELL\AppData\Roaming\newnext.me\nengine.dll, Quarantined, [6dbab9c0b7c4b680d11ca8af42bf2ad6],
Virus.Chir, C:\Users\DELL\AppData\Roaming\speedtest125\install_helper.exe, Quarantined, [33f4f08980fbd46222a1bd6019eb4fb1],
Virus.Chir, C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe, Quarantined, [e7404d2c4f2c4ceabe05e934887c6e92],
Virus.Chir, C:\Program Files\Common Files\microsoft shared\MSInfo\OINFOP12.EXE, Quarantined, [28ff2f4ab5c6aa8c744f7ca16e969070],
Virus.Chir, C:\Users\DELL\Desktop\ChromeSetup.exe, Quarantined, [1e09fc7d0675ea4c339057c652b2d12f],
Virus.Chir, C:\Program Files\Internet Explorer\ExtExport.exe, Quarantined, [be6902770873fd39aa19e13ca163a060],
Virus.Chir, C:\Program Files\Internet Explorer\ieinstal.exe, Quarantined, [9c8b3445bcbf3303319241dca55f33cd],
Virus.Chir, C:\Program Files\Internet Explorer\ielowutil.exe, Quarantined, [1c0b4336c1ba22147d4632eb23e1d42c],
PUP.Optional.Softonic.A, C:\$Recycle.Bin\S-1-5-21-3153937261-1317232734-1648348341-1000\$R359KEX.exe, Quarantined, [32f5fe7bf487f244b3c3ef34877a7987],
PUP.Optional.Softonic.A, C:\$Recycle.Bin\S-1-5-21-3153937261-1317232734-1648348341-1000\$RPCXSF7.exe, Quarantined, [f433accd5b204aecc9addb488978926e],
Virus.Chir, C:\$Recycle.Bin\S-1-5-21-3153937261-1317232734-1648348341-1000\$R6EIXUA\AddPbk.exe, Quarantined, [f23532476219b383457e8f8e5da7b947],
Virus.Chir, C:\$Recycle.Bin\S-1-5-21-3153937261-1317232734-1648348341-1000\$R6EIXUA\airtel mobile broadband.exe, Quarantined, [42e5f980c5b6d1654e751706b4508779],
Virus.Chir, C:\$Recycle.Bin\S-1-5-21-3153937261-1317232734-1648348341-1000\$R6EIXUA\mt.exe, Quarantined, [c85f3b3e83f8ee48b70c021b58acce32],
Virus.Chir, C:\$Recycle.Bin\S-1-5-21-3153937261-1317232734-1648348341-1000\$R6EIXUA\subinacl.exe, Quarantined, [1710a4d5a9d20630d4efda43d52fd22e],
Virus.Chir, C:\$Recycle.Bin\S-1-5-21-3153937261-1317232734-1648348341-1000\$R6EIXUA\UnblockPin.exe, Quarantined, [d0578fea9edd0d29b50e21fc16ee6997],
Virus.Chir, C:\$Recycle.Bin\S-1-5-21-3153937261-1317232734-1648348341-1000\$R6EIXUA\uninst.exe, Quarantined, [3ee905744d2ef5415d66928b877d20e0],
Virus.Chir, C:\$Recycle.Bin\S-1-5-21-3153937261-1317232734-1648348341-1000\$R6EIXUA\XStartScreen.exe, Quarantined, [15123a3f0972ab8bd5ee36e708fc9a66],
Virus.Chir, C:\$Recycle.Bin\S-1-5-21-3153937261-1317232734-1648348341-1000\$RRF1GMK.1\semad4v931.exe, Quarantined, [56d1f386a4d7fb3b5b68a974fd07c43c],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\My PC Backup.exe, Quarantined, [4addc5b4daa12511a41fb06d8c78cc34],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\BackupSetup.exe, Quarantined, [899e5227740783b3dce758c5ea1ae31d],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\{88E7023F-FED9-45C8-A723-B6FB530420C9}\Setup.exe, Quarantined, [53d494e5057666d0c003d6478c780df3],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe, Quarantined, [1710b6c392e9ce68685b7f9e7094a45c],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\airtel_C1137\mobilepartner.exe, Quarantined, [52d50c6d0279152143806bb231d3ba46],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\airtel_C1137\Driver\devsetup32.exe, Quarantined, [31f62b4e493279bd31926cb134d0f40c],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\airtel_C1137\Driver\DriverSetup.exe, Quarantined, [c265afcafa81072f457e21fce420837d],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\airtel_C1137\Driver\DriverUninstall.exe, Quarantined, [ec3b097059225dd9289b011c30d445bb],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\airtel_C1137\UpdateDog\LiveUpd.exe, Quarantined, [1b0ce2974b30eb4b388b05184fb5ae52],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\airtel_C1137\UpdateDog\ouc.exe, Quarantined, [a97e9ddc9be08fa7cff472ab1ce86e92],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\airtel_C1137\UpdateDog\RunLiveUpd.exe, Quarantined, [a285fe7b6219aa8c962d2bf29a6a24dc],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\airtel_C1137\UpdateDog\RunOuc.exe, Quarantined, [5bcce990fd7eb58121a2dd4007fdd927],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\mobilepartner.exe, Quarantined, [33f43346f487a393e0e3b8657d87718f],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\mt.exe, Quarantined, [62c59fda6318b77fe1e26ab3be467e82],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\AddPbk.exe, Quarantined, [66c16a0f334868ce8d36ae6ffd07d729],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\subinacl.exe, Quarantined, [ab7cd7a22754cb6b30935cc116ee2ad6],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\UnblockPin.exe, Quarantined, [9493c4b556253cfafac956c7df25f010],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\XStartScreen.exe, Quarantined, [17100d6c5c1f32047b48ea33b3519f61],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\AutoRun\AutoRunSetup.exe, Quarantined, [92959ddcf784ec4ac300e8357e868d73],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\AutoRun\AutoRunUninstall.exe, Quarantined, [80a7275226551e18d9eab469c2425fa1],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\Driver\devsetup32.exe, Quarantined, [a7807405fd7e86b0873c1409a0647e82],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\Driver\DriverSetup.exe, Quarantined, [200719602c4fa096358eeb3208fcb749],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\Driver\DriverUninstall.exe, Quarantined, [ee39aecb0d6ee15516ada974a95be51b],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\UpdateDog\LiveUpd.exe, Quarantined, [4ed9fc7d3348e1559d26da435da7da26],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\UpdateDog\ouc.exe, Quarantined, [e54255247a01ff37c4ff3be20ff507f9],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\UpdateDog\RunLiveUpd.exe, Quarantined, [a681a7d24e2d2f07b013d647a75d1be5],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\UTPS\common\UpdateDog\RunOuc.exe, Quarantined, [39ee3d3c700bef47715297867b89ec14],
Virus.Chir, C:\Users\DELL\AppData\Local\Temp\OCS\ocs_v71a.exe, Quarantined, [1611d6a3a8d3f83e2c97ab72fb09d927],
Virus.Chir, C:\Users\DELL\Documents\ComputerSpeedOptimizerSetup.exe, Quarantined, [13140d6cc8b30234398ab6670202f50b],
PUP.Optional.Softonic.A, C:\Users\DELL\Documents\SoftonicDownloader_for_the-lord-of-the-rings-war-of-the-ring.exe, Quarantined, [cb5c1f5aea91b2840d69859e1ee36997],
PUP.Optional.Softonic.A, C:\Users\DELL\Documents\SoftonicDownloader_for_voice-changer-software.exe, Quarantined, [85a236435f1ca096adc965bea75a8b75],
Virus.Chir, C:\Users\DELL\Documents\yahoo_firefox_uk_wrap_2013.10.18.11.12.21.exe, Quarantined, [b374bebb2b502b0b358e47d6d430da26],
Virus.Chir, C:\Users\DELL\Downloads\smadav97.exe, Quarantined, [b7700772c4b78aacd1f2e736b74de719],
PUP.Optional.Softonic.A, C:\Users\DELL\Downloads\SoftonicDownloader_for_the-lord-of-the-rings-the-return-of-the-king(1).exe, Quarantined, [6abdc3b6403b59dd2b4b879c15ec9d63],
PUP.Optional.Softonic.A, C:\Users\DELL\Downloads\SoftonicDownloader_for_the-lord-of-the-rings-the-return-of-the-king.exe, Quarantined, [081f99e02f4cd1658ee8f92a6a971ce4],
PUP.Optional.Softonic.A, C:\Users\DELL\Downloads\SoftonicDownloader_for_the-lord-of-the-rings-war-of-the-ring.exe, Quarantined, [2bfc0e6bde9ddb5b80f6bf6425dc4ab6],
PUP.Optional.Softonic.A, C:\Users\DELL\Downloads\SoftonicDownloader_for_utorrent.exe, Quarantined, [70b762170a715ed8d3a33ae9946dc739],
Virus.Chir, C:\Users\DELL\Downloads\PCSpeedMaximizer(4).exe, Quarantined, [7fa894e59fdcc076f3d0c657e1237888],
Virus.Chir, C:\Users\DELL\Downloads\PCSpeedMaximizer.exe, Quarantined, [998e4237c5b6072f348faf6e45bfe719],
Virus.Chir, C:\Users\DELL\Downloads\rcpafterdownloadcp_ntb_ad_7882_cpntb1.exe, Quarantined, [56d16514bac1f145cbf8ca5326dec23e],
PUP.Optional.NextLive.A, C:\Users\DELL\AppData\Local\genienext\nengine.dll, Quarantined, [70b7a3d6126967cf32bb8acdf60b966a],
PUP.Optional.SystemK.A, C:\ProgramData\systemk\general.cfg, Quarantined, [ad7a7bfebcbf320409145c589969c739],
PUP.Optional.SystemK.A, C:\ProgramData\systemk\coordinator.cfg, Quarantined, [ad7a7bfebcbf320409145c589969c739],
PUP.Optional.SystemK.A, C:\ProgramData\systemk\S-1-5-21-3153937261-1317232734-1648348341-1000.cfg, Quarantined, [ad7a7bfebcbf320409145c589969c739],
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Softonic\sqlite3.dll, Quarantined, [eb3c5029027986b03d748133e22017e9],
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\searchplugins\softonic.xml, Quarantined, [d0574e2bd7a455e1e7cb9e16e51d7a86],
PUP.Optional.DefaultSearch.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\searchplugins\default-search.xml, Quarantined, [c95eceab9cdfab8b6ef66a4b8a78f010],
PUP.Optional.DefaultSearch.A, C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml, Quarantined, [d453f683b3c8f0469cc9f5c0dc2632ce],
PUP.Optional.Linkey.A, C:\Program Files\Linkey\log.log, Quarantined, [fe29225745363105c12915a0f80a8c74],
PUP.Optional.Linkey.A, C:\Program Files\Linkey\Helper.dll, Quarantined, [fe29225745363105c12915a0f80a8c74],
PUP.Optional.Linkey.A, C:\Program Files\Linkey\Uninstall.exe, Quarantined, [fe29225745363105c12915a0f80a8c74],
PUP.Optional.Linkey.A, C:\Program Files\Linkey\ChromeExtension\ChromeExtension.crx, Quarantined, [fe29225745363105c12915a0f80a8c74],
PUP.Optional.Linkey.A, C:\Program Files\Linkey\IEExtension\iedll64.dll, Quarantined, [fe29225745363105c12915a0f80a8c74],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win32cert.dll, Quarantined, [69be69104932ff3798ddedef35ce8b75],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win64cert.dll, Quarantined, [3bec36439fdc37ffa3d20ad211f2659b],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win32prop.dll, Quarantined, [ae79770275065cdaea8c7963ac578779],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win64prop.dll, Quarantined, [0720e89168139c9abcba15c723e0c13f],
PUP.Optional.Outobox.A, C:\Program Files\outobox\outobox.ico, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\outoboxUninstall.exe, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\updateoutobox.InstallState, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\7za.exe, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\BrowserAdapterS.7z, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\outobox.BrowserAdapter.exe, Delete-on-Reboot, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\outobox.BrowserFilter.Helper.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\outobox.BrowserFilter.Helper.dll.old.09e04db8-b21b-4829-8b54-5451706f4ac9, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\outobox.PurBrowse.exe, Delete-on-Reboot, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\outobox.PurBrowse.zip, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\outoboxBAApp.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\outoboxBrowserFilter.exe, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\sqlite3.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\utiloutobox.InstallState, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\{1a147621-8c9a-4d6b-a557-6513a40d3207}.dll, Delete-on-Reboot, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\plugins\outobox.Bromon.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\plugins\outobox.BroStats.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\plugins\outobox.BrowserAdapterS.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\plugins\outobox.BrowserFilter.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\plugins\outobox.CompatibilityChecker.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\plugins\outobox.FFUpdate.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\plugins\outobox.GCUpdate.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Outobox.A, C:\Program Files\outobox\bin\plugins\outobox.PurBrowse.dll, Quarantined, [87a0fc7da3d8d561a255994e748fa65a],
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\ffxtlbra@softonic.com.xpi, Quarantined, [1c0b7900fe7d300695c811e53ec520e0],
PUP.Optional.NextLive.A, C:\Users\DELL\AppData\Roaming\newnext.me\nengine.cookie, Quarantined, [db4c2a4f7ffcbc7a814c7d0e05fd5ba5],
PUP.Optional.NextLive.A, C:\Users\DELL\AppData\Roaming\newnext.me\cache\spark.bin, Quarantined, [db4c2a4f7ffcbc7a814c7d0e05fd5ba5],
PUP.Optional.SpeedTest.A, C:\Users\DELL\AppData\Roaming\speedtest125\DeskTopIcon.ico, Quarantined, [e4432653c1ba58de1510741862a0fb05],
PUP.Optional.SpeedTest.A, C:\Users\DELL\AppData\Roaming\speedtest125\install_helper.exe, Quarantined, [e4432653c1ba58de1510741862a0fb05],
PUP.Optional.SpeedTest.A, C:\Users\DELL\AppData\Roaming\speedtest125\speedtest125.crx, Quarantined, [e4432653c1ba58de1510741862a0fb05],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon128.ico, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\AddonsFramework.Typelib.dll, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\AddonsFramework.Typelib64.dll, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\background.html, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\BackgroundHost.exe, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\BackgroundHost64.exe, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\bg.js, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\button.js, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\ButtonSite.dll, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\ButtonSite64.dll, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\config.xml, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\content.js, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon128.png, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon16.ico, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon16.png, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon18.ico, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon18.png, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon24.ico, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon24.png, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon32.ico, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon32.png, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon48.ico, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon48.png, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon64.ico, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\icon64.png, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\jquery-1.9.1.min.js, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\json2.min.js, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\options.htm, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\readme.eml, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\rjs.js, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\ScriptHost64.dll, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\uninst.exe, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\uninstall.exe, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\updater.js, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\updaterWrapper.js, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\mz\background.js, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.SpeedTest.A, C:\Program Files\Speed Test 125\mz\content.js, Quarantined, [72b57405c2b9f046ce612d5fde24e11f],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\chrome.manifest, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\install.rdf, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\content\button.css, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\content\overlay.xul, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\content\js\common.js, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\content\js\LinkeyManager.js, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\skin\bright_green_19_19.png, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\skin\default_19_19.png, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\skin\hard_green_19_19.png, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\skin\icon.png, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\skin\icon64.png, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\skin\orange_19_19.png, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\skin\red_19_19.png, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.Linkey.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\extensions\extension@linkeyproject.com\skin\yellow_19_19.png, Quarantined, [5fc82455aad1cf675f9df0a0a45e59a7],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\del_DM_DLL_nsi3BFB.dll, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\del_DM_LL_nsi3BFB.dll, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\del_mg_nsi3BFB.dll, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\favicon.ico, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\Helper.dll, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\Internet Explorer Settings.exe, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\syskldr_u.dll, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\systemk.dll, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\systemkbho.dll, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\systemkChrome.dll, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\tbicon.exe, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.SettingsManager.A, C:\Program Files\Settings Manager\systemk\Uninstall.exe, Delete-on-Reboot, [7daae099166572c4d454aae7a260718f],
PUP.Optional.Softonic.A, C:\Program Files\Softonic\Softonic\1.8.28.14\softonic.crx, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, C:\Program Files\Softonic\Softonic\1.8.28.14\SoftonicApp.dll, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, C:\Program Files\Softonic\Softonic\1.8.28.14\SoftonicEng.dll, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, C:\Program Files\Softonic\Softonic\1.8.28.14\Softonicsrv.exe, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.Softonic.A, C:\Program Files\Softonic\Softonic\1.8.28.14\sqlite3.dll, Quarantined, [6fb81c5d0873b086e9c97819a35f966a],
PUP.Optional.DefaultSearch.A, C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (        "homepage" : "http://www.default-search.net?sid=476&aid=107&itype=a&ver=12692&tm=270&src=hmp",), Removal Failed,[78afb8c1ceadfc3aeab211954db737c9]
PUP.Optional.DefaultSearch.A, C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (    "homepage" : "http://www.default-search.net?sid=476&aid=107&itype=a&ver=12692&tm=270&src=hmp",), Removal Failed,[d354c9b0215a171f14886541db293dc3]
PUP.Optional.DefaultSearch.A, C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (        "search_url" : "http://www.default-search.net/search?sid=476&aid=107&itype=a&ver=12692&tm=270&src=ds&p={searchTerms}"), Removal Failed,[8c9b03762d4e78beb9e4d7cffb096e92]
PUP.Optional.DefaultSearch.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.default-search.net?sid=476&aid=107&itype=a&ver=12692&tm=270&src=hmp");), Replaced,[8f981e5b0675142223d1ccdac440fb05]
PUP.Optional.DefaultSearch.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "http://www.default-search.net/search?sid=476&aid=107&itype=a&ver=12692&tm=270&src=ds&p=");), Replaced,[43e44732d6a59c9a4ea71096956ff808]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.admin", false);), Replaced,[10178bee1f5c2a0c3fccf9ae09fb59a7]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.aflt", "SD");), Replaced,[6eb9ee8bcfac70c6dc2f2a7d0cf8639d]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");), Replaced,[82a5a9d0a6d5003687840a9d1ce824dc]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.autoRvrt", "false");), Replaced,[7daa7702dd9ec96d5eaddacd0bf9e818]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.cntry", "UG");), Replaced,[c16669102f4c47ef37d43473b74d7b85]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.dfltLng", "");), Replaced,[c562cbae7a0168ce41ca565124e06e92]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.dfltSrch", true);), Replaced,[30f71a5f215ada5c828973343cc82ed2]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.dnsErr", true);), Replaced,[15123049116a48eedd2e04a319ebae52]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,1828564131,3396905322,2787570089,1850357963,3855095921,1516386922,3836221436,2015489896,270173904,3729539987,424611005,965674394,609003582,2041931190,3874294282,2774755777,931959409,398575749,3999997753,1104451911,1233863968,4280856088,1554076246,1949401179,1770772786,3253391265,3778438159,1649478750,2848156272,2476712966,3103989719,475488147,1715867073,3594694113,3774606882,4036647035,1593922001,4110151693,2941033654,3206511613");), Replaced,[220576033e3db28412f900a729dbdf21]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.dpk_dsblck", "true");), Replaced,[91963a3fef8cb185b7546b3c11f32fd1]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.excTlbr", false);), Replaced,[95925821cfac3bfbe4277433a95be21e]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.ffxUnstlRst", false);), Replaced,[94937603aad145f140cb901728dc38c8]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.hdrMd5", "0919DB8FB43871E70A75753CCC59E279");), Replaced,[3bec90e96d0e023413f8545347bd06fa]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.hmpg", true);), Replaced,[58cf2059d7a4d85e93787f2808fcf30d]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.hmpgUrl", "http://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=&mi=64039f43000000000000582c80139263&toi=16052");), Replaced,[1710c1b8f784191ddc2ffbac1be928d8]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.hpOld0", "");), Replaced,[270048312c4f1e18e22940679074cf31]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.id", "64039f43000000000000582c80139263");), Replaced,[26014435fe7dfa3cee1d5b4c15eff30d]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.instlDay", "16052");), Replaced,[35f2e099b0cbd95df21905a2fd079b65]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.instlRef", "INF00176");), Replaced,[60c790e9700bbc7ace3d485f29dbb34d]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.kw_url", "http://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc=&mi=64039f43000000000000582c80139263&toi=16052&q=");), Replaced,[002762173348df5783881a8d2fd5f808]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.lastB", "http://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=&mi=64039f43000000000000582c80139263&toi=16052");), Replaced,[f23578017cff68ceea212483c04427d9]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.lastVrsnTs", "1.8.28.1421:53:01");), Replaced,[4adda9d0215a4aecf01bf9ae1be9738d]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.newTab", true);), Replaced,[27007306215abb7b40cb82259d67ef11]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.newTabUrl", "http://search.softonic.com/INF00176/tb_v1/?SearchSource=15&cc=&mi=64039f43000000000000582c80139263&toi=16052");), Replaced,[54d31b5e38431b1bee1dd8cf8d771fe1]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.pnu_2013desingbrand", "{\"newVrsn\":\"58\",\"lastVrsn\":\"58\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");), Replaced,[b96e3b3eef8ca591818a6740739103fd]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.prdct", "Softonic");), Replaced,[4fd8caafb4c7ea4ca2695750d92b857b]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.prtnrId", "softonic");), Replaced,[81a6d6a3d1aa34028e7dbaed867eb947]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.rvrt", "false");), Replaced,[05223742b8c390a6d13aa10620e45aa6]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.sg", "none");), Replaced,[a0870178730835016d9ee3c44fb5ae52]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.smplGrp", "none");), Replaced,[34f38aef3645e2543ccf2e79669e2cd4]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");), Replaced,[60c70a6f0f6c63d3b15af5b217ed2fd1]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.storage\\storage\\mpvfloatingwindmutex", "345591475396081@@@Sun Jun 15 2014 20:17:19 GMT+0300");), Replaced,[c760f4853f3ced499576d7d0ba4aa35d]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.storage\\storage\\mpvinpagemutex", "5574164f009d6b48d281c6c770fc9b68@@@Sun Jun 15 2014 20:17:19 GMT+0300");), Replaced,[81a6b9c0077463d3c447287f53b19c64]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.tlbrId", "2013desingbrand");), Replaced,[5dca1a5fec8fab8b59b2a6015fa58b75]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.tlbrSrchUrl", "http://search.softonic.com/INF00176/tb_v1?SearchSource=1&cc=&mi=64039f43000000000000582c80139263&toi=16052&q=");), Replaced,[3beccdacf08b280e59b22d7aa0645da3]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.vrsn", "1.8.28.14");), Replaced,[13144732abd0f1457d8ee5c2a75d50b0]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.vrsnTs", "1.8.28.1421:53:01");), Replaced,[2700b5c498e30f2761aa693e50b41fe1]
PUP.Optional.Softonic.A, C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\x8vs479j.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.vrsni", "1.8.28.14");), Replaced,[3cebc7b25c1fca6cd2393c6b966ee51b]

Physical Sectors: 0
(No malicious items detected)

(end)



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:59 PM

Posted 26 June 2014 - 03:11 PM

dc3 requested that and a few other scans before I replied.

Malwarebytes detected some stuff related to the file infector but the bulk of what it found were PUPs.

To learn about PUPs and how you get them, please read: About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)

This way after you "flatten and rebuild" you can avoid them going forward.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users