eddy123

The scan found no more malicious files. Thankyou so much for your help. mbar-log-2013-09-15 (21-15-02).txt system-log.txt

RogueKiller V8.6.11 _x64_ [sep 11 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Eddy [Admin rights] Mode : Scan -- Date : 09/15/2013 00:26:11 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [sHELL][sUSP PATH] HKCU\[...]\Windows : load (C:\Users\Eddy\LOCALS~1\Temp\mswrkv.exe [x]) -> FOUND [sHELL][sUSP PATH] HKUS\[...]\Windows : load (C:\Users\Eddy\LOCALS~1\Temp\mswrkv.exe [x]) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [bROK VAL] HKCR\[...]\command : () -> MISSING ¤¤¤ Scheduled tasks : 4 ¤¤¤ [V1][sUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\windows\TEMP\{99A48462-5121-4253-8138-CDDA9C28F5A0}.exe - --uninstall=1 [x] -> FOUND [V1][sUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\windows\TEMP\{40314581-E1AA-47B0-867E-B0131C700290}.exe - --uninstall=1 [x] -> FOUND [V2][sUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\windows\TEMP\{40314581-E1AA-47B0-867E-B0131C700290}.exe - --uninstall=1 [x] -> FOUND [V2][sUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\windows\TEMP\{99A48462-5121-4253-8138-CDDA9C28F5A0}.exe - --uninstall=1 [x] -> FOUND ¤¤¤ Startup Entries : 3 ¤¤¤ [Default][sUSP PATH] Best Buy pc app.lnk : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk @C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe "C:\ProgramData\Best Buy pc app\Best Buy pc app.application" [-][-][-] -> FOUND [Default User][sUSP PATH] Best Buy pc app.lnk : C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk @C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe "C:\ProgramData\Best Buy pc app\Best Buy pc app.application" [-][-][-] -> FOUND [DefaultAppPool][sUSP PATH] Best Buy pc app.lnk : C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk @C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe "C:\ProgramData\Best Buy pc app\Best Buy pc app.application" [-][-][-] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++ --- User --- [MBR] fd84593535230c8cc752dbb735a98a3f [bSP] cedacd4b54b1de3b38a4718d7781dd7b : KIWI Image system MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 278528 Mo 2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 570632192 | Size: 416423 Mo 3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1423466496 | Size: 20351 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_09152013_002611.txt >>

Attach.txt contents: .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 6/27/2012 7:45:01 AMSystem Uptime: 9/14/2013 11:17:17 PM (1 hours ago).Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | QX311/QX411/QX412/QX511Processor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU | 2301/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 272 GiB total, 172.494 GiB free.D: is FIXED (NTFS) - 407 GiB total, 126.201 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Realtek PCIe GBE Family ControllerDevice ID: PCI\VEN_10EC&DEV_8168&SUBSYS_C0A0144D&REV_06\4&3A33A527&0&00E3Manufacturer: RealtekName: Realtek PCIe GBE Family ControllerPNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_C0A0144D&REV_06\4&3A33A527&0&00E3Service: RTL8167.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Intel® Centrino® WiMAX 6150Device ID: {12110A2A-BBCC-418B-B9F4-76099D720767}\BPMP_8087_07D6\1&1869C5E3&0&1Manufacturer: Intel CorporationName: Intel® Centrino® WiMAX 6150PNP Device ID: {12110A2A-BBCC-418B-B9F4-76099D720767}\BPMP_8087_07D6\1&1869C5E3&0&1Service: bpmp.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Microsoft Virtual WiFi Miniport AdapterDevice ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&1FD03075&0&01Manufacturer: MicrosoftName: Microsoft Virtual WiFi Miniport AdapterPNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&1FD03075&0&01Service: vwifimp.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Microsoft Virtual WiFi Miniport AdapterDevice ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&1FD03075&0&02Manufacturer: MicrosoftName: Microsoft Virtual WiFi Miniport Adapter #2PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&1FD03075&0&02Service: vwifimp.==== System Restore Points ===================.RP88: 9/5/2013 1:22:29 AM - Installed Jar2Exe WizardRP89: 9/5/2013 1:23:52 AM - Installed Jar2Exe WizardRP90: 9/10/2013 11:46:15 PM - Windows UpdateRP91: 9/13/2013 12:48:55 PM - Removed Google Talk PluginRP92: 9/14/2013 10:28:51 AM - Windows Update.==== Installed Programs ======================.???? ??? Windows Live???? Windows Live????? Windows Live?????? ??????? ?? Windows Live???????? ?????????? Windows Live?????????? Windows Live??????????? ?? Windows LiveAdobe AIRAdobe Download AssistantAdobe Dreamweaver CS6Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Help ManagerAdobe Photoshop CS5.1Adobe Reader 9.1Adobe Widget BrowserApple Application SupportApple Mobile Device SupportApple Software UpdateAvira Free Antivirus„Windows Live Essentials“„Windows Live Mail“„Windows Live Messenger“„Windows Live“ fotogalerijaBatteryLifeExtenderBest Buy pc appBonjourCanon E610 series MP DriversCanon E610 series On-screen ManualCanon IJ Scan UtilityCanon Inkjet Printer/Scanner/Fax Extended Survey ProgramCanon My Image GardenCanon My Image Garden Design FilesCanon My PrinterCanon Speed Dial UtilityCCleanerChargeableUSBCyberLink Media SuiteCyberLink Media+ Player10CyberLink MediaShowCyberLink Power2GoCyberLink YouCam 5D3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionEasy Content ShareEasy Display ManagerEasy MigrationEasy Network ManagerEasy SpeedUp ManagerEasyBatteryManagerEasyFileShareFacebook Messenger 2.1.4814.0Fast StartFotogalerija Windows LiveFree Audio Converter version 5.0.23.320Galeria de Fotografias do Windows LiveGaleria fotografii uslugi Windows LiveGalerie de photos Windows LiveGalerie foto Windows LiveGalería fotográfica de Windows LiveGlassFish Server Open Source Edition 3.1.2.2GlassFish Server Open Source Edition 4.0Google ChromeGoogle Update HelperHeroku version 2.39.5Install CreatorIntel PROSet WirelessIntel® Control CenterIntel® Management Engine ComponentsIntel® Processor GraphicsIntel® PROSet/Wireless WiFi SoftwareIntel® Rapid Storage TechnologyIntel® Turbo Boost Technology Monitor 2.0Intel® Wireless DisplayIntel® PROSet/Wireless WiMAX SoftwareInternet Information Services (IIS) 7 ManageriTunesJar2Exe WizardJava 7 Update 25Java 7 Update 9 (64-bit)Java Auto UpdaterJava SE Development Kit 7 Update 21Java SE Development Kit 7 Update 9 (64-bit)JSmooth 0.9.9-7Junk Mail filter updateMakeInstallMalwarebytes Anti-Malware version 1.75.0.1300Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft_VC80_ATL_x86Microsoft_VC80_ATL_x86_x64Microsoft_VC80_CRT_x86Microsoft_VC80_CRT_x86_x64Microsoft_VC80_MFC_x86Microsoft_VC80_MFC_x86_x64Microsoft_VC80_MFCLOC_x86Microsoft_VC80_MFCLOC_x86_x64Microsoft_VC90_ATL_x86Microsoft_VC90_ATL_x86_x64Microsoft_VC90_CRT_x86Microsoft_VC90_CRT_x86_x64Microsoft_VC90_MFC_x86Microsoft_VC90_MFC_x86_x64Microsoft_VC90_MFCLOC_x86Microsoft_VC90_MFCLOC_x86_x64Movie Color EnhancerMSVCRTMSVCRT_amd64NetBeans IDE 7.3.1Notepad++NVIDIA Control Panel 266.72NVIDIA Graphics Driver 266.72NVIDIA Install ApplicationNVIDIA Optimus 1.0.15NVIDIA Update ComponentsPDF Settings CS5PhotoScapePoczta uslugi Windows LivePodstawowe programy Windows LivePošta Windows LiveRaccolta foto di Windows LiveRailsInstaller 2.2.2RAPTORRealtek Ethernet Controller DriverRealtek High Definition Audio DriverRenesas Electronics USB 3.0 Host Controller DriverRuby 1.9.3-p448S?????? f?t???af??? t?? Windows LiveSamsung AnyWeb PrintSamsung Printer Live UpdateSamsung Recovery Solution 5Samsung Support CenterSamsung Universal Print DriverSamsung Universal Scan DriverSamsung Update PlusSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Skype Click to CallSkype™ 6.3SRS Premium Sound Control PanelStardock Fences 2SteamSynaptics Pointing Device DriverUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 32-Bit EditionUser GuideVirtualDJ Home FREEVisual Studio 2008 x64 RedistributablesVLC media player 2.0.8Windows LiveWindows Live ??Windows Live ?? ???Windows Live ???Windows Live ????Windows Live Communications PlatformWindows Live EssentialsWindows Live FotótárWindows Live Foto-galerijaWindows Live fotoattelu galerijaWindows Live FotogalerieWindows Live FotogalleriWindows Live FotogalériaWindows Live Fotograf GalerisiWindows Live Galeria de FotosWindows Live Galerija fotografijaWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live PoštaWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live Temel ParçalarWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Liven asennustyökaluWindows Liven sähköpostiWindows Liven valokuvavalikoimaWinRAR 4.20 (64-bit)WordWebYTD Video Downloader 4.5.==== Event Viewer Messages From Past Week ========.9/9/2013 2:15:26 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.9/14/2013 9:22:05 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.9/12/2013 1:46:27 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.9/12/2013 1:46:24 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.9/10/2013 5:59:09 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.9/10/2013 5:59:01 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Ad-Aware service to connect.9/10/2013 5:59:01 PM, Error: Service Control Manager [7000] - The Ad-Aware service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.9/10/2013 5:59:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service SBAMSvc with arguments "" in order to run the server: {FE7E09CE-BBF4-4698-8BC1-37C9002DAA43}.==== End Of File =========================== DDS.txt contents: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.25.2Run by Eddy at 0:11:49 on 2013-09-15Microsoft Windows 7 Home Premium 6.1.7601.1.1252.63.1033.18.6058.4035 [GMT 8:00].AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\windows\system32\lsm.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k LocalServiceC:\windows\system32\svchost.exe -k NetworkServiceC:\windows\system32\WLANExt.exeC:\windows\System32\spoolsv.exeC:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeC:\windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\windows\system32\Dwm.exeC:\windows\system32\taskhost.exeC:\windows\Explorer.EXEC:\windows\system32\taskeng.exeC:\windows\system32\taskeng.exeC:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exeC:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exeC:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exeC:\windows\system32\igfxext.exeC:\windows\system32\igfxsrvc.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exeC:\windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\windows\System32\rundll32.exeC:\windows\system32\SearchIndexer.exeC:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\igfxpers.exeC:\Windows\System32\hkcmd.exeC:\Users\Eddy\AppData\Local\Facebook\Update\FacebookUpdate.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Users\Eddy\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exeC:\windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exeC:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exeC:\windows\system32\svchost.exe -k imgsvcC:\windows\System32\svchost.exe -k secsvcsC:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exeC:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exeC:\windows\system32\wuauclt.exeC:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exeC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>uWindows: Load = C:\Users\Eddy\LOCALS~1\Temp\mswrkv.exemWinlogon: Userinit = userinit.exe,BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dlluRun: [AdobeBridge] <no file>mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbyloginmRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbyloginmRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /minStartupFolder: C:\Users\Eddy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FACEBO~1.LNK - C:\Users\Eddy\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: SafeKey Fill Forms - C:\Users\Eddy\AppData\LocalLow\SafeKey\context.html?cmd=fillformsIE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllLSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dllTCP: NameServer = 124.106.7.2 124.106.5.2TCP: Interfaces\{4E655F89-F186-489A-BE54-1D42F6EC1C02} : DHCPNameServer = 124.106.7.2 124.106.5.2TCP: Interfaces\{4E655F89-F186-489A-BE54-1D42F6EC1C02}\A42584023427F677E6 : DHCPNameServer = 192.168.2.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllAppInit_DLLs= C:\windows\SysWOW64\nvinit.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"x64-Run: [Fences] "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startupx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [igfxTray] C:\windows\System32\igfxtray.exex64-Run: [Persistence] C:\windows\System32\igfxpers.exex64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exex64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [sBRegRebootCleaner] "C:\Program Files (x86)\Ad-Aware Antivirus\SBRC.exe"x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dllx64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.============= SERVICES / DRIVERS ===============.R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2011-5-11 25960]R1 avkmgr;avkmgr;C:\windows\System32\drivers\avkmgr.sys [2013-9-14 28600]R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-5-11 13824]R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-9-14 84024]R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-9-14 108088]R2 avgntflt;avgntflt;C:\windows\System32\drivers\avgntflt.sys [2013-9-14 105344]R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-10-8 19192]R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\windows\System32\drivers\bpenum.sys [2011-1-18 75264]R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\windows\System32\drivers\bpusb.sys [2011-1-18 81920]R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2012-11-12 31216]R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-5-12 317440]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-3 80384]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-3 181248]R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-12-1 42392]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]S3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\windows\System32\drivers\bpmp.sys [2011-1-18 173568]S3 gfiark;gfiark;C:\windows\System32\drivers\gfiark.sys [2013-7-31 39504]S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-5-11 425064]S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-14 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-12-31 1255736]S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2013-9-14 815160]S4 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-1-30 499200]S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]S4 Samsung UPD Service;Samsung UPD Service;C:\windows\System32\SUPDSvc.exe [2011-5-12 166704]S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-3-1 161384]S4 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016]S4 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-11 2655768]S4 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-1-30 885248]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== File Associations ===============.FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [userChoice]FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1".=============== Created Last 30 ================.2013-09-14 06:49:50 -------- d-----w- C:\Users\Eddy\AppData\Roaming\Avira2013-09-14 06:45:32 81112 ----a-w- C:\windows\System32\drivers\avnetflt.sys2013-09-14 06:43:22 28600 ----a-w- C:\windows\System32\drivers\avkmgr.sys2013-09-14 06:43:22 105344 ----a-w- C:\windows\System32\drivers\avgntflt.sys2013-09-14 06:43:20 -------- d-----w- C:\ProgramData\Avira2013-09-14 06:43:20 -------- d-----w- C:\Program Files (x86)\Avira2013-09-14 02:29:55 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{50735700-B98A-42C9-BC4E-B21C40BBF1DB}\mpengine.dll2013-09-13 03:47:39 25928 ----a-w- C:\windows\System32\drivers\mbam.sys2013-09-13 03:47:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-09-10 15:48:56 -------- d-----w- C:\windows\System32\MRT2013-09-10 15:40:47 1910208 ----a-w- C:\windows\System32\drivers\tcpip.sys2013-09-04 17:27:04 -------- d-----w- C:\Program Files\Jar2Exe Wizard2013-09-04 16:42:48 -------- d-----w- C:\Users\Eddy\AppData\Roaming\Clickteam2013-09-04 16:42:22 -------- d-----w- C:\Program Files (x86)\Install Creator2013-09-04 16:25:59 -------- d-----w- C:\Program Files (x86)\MakeInstall2013-09-04 16:25:56 -------- d-----w- C:\Users\Eddy\applogs2013-09-04 13:37:31 -------- d-----w- C:\Program Files (x86)\JSmooth 0.9.9-72013-09-04 08:02:23 -------- d-----w- C:\Users\Eddy\New folder (2)2013-08-29 13:26:10 -------- d-----w- C:\Users\Eddy\New folder2013-08-23 15:02:19 -------- d-----w- C:\Users\Eddy\AppData\Local\{BD6FB99A-B3ED-48E7-8232-CC6772990A21}2013-08-20 03:46:53 -------- d-----w- C:\Users\Eddy\AppData\Roaming\PDAppFlex.==================== Find3M ====================.2013-08-06 20:22:02 278800 ------w- C:\windows\System32\MpSigStub.exe2013-07-28 12:17:28 26549760 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe2013-07-25 09:25:54 1888768 ----a-w- C:\windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL2013-07-25 03:37:25 2312704 ----a-w- C:\windows\System32\jscript9.dll2013-07-25 03:30:49 1392128 ----a-w- C:\windows\System32\wininet.dll2013-07-25 03:29:41 1494528 ----a-w- C:\windows\System32\inetcpl.cpl2013-07-25 03:28:46 173056 ----a-w- C:\windows\System32\ieUnatt.exe2013-07-25 03:28:31 599040 ----a-w- C:\windows\System32\vbscript.dll2013-07-25 03:27:20 2382848 ----a-w- C:\windows\System32\mshtml.tlb2013-07-25 02:32:35 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll2013-07-25 02:26:10 1129472 ----a-w- C:\windows\SysWow64\wininet.dll2013-07-25 02:25:30 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl2013-07-25 02:23:59 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe2013-07-25 02:23:58 420864 ----a-w- C:\windows\SysWow64\vbscript.dll2013-07-25 02:22:35 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb2013-07-19 01:58:42 2048 ----a-w- C:\windows\System32\tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:\windows\SysWow64\tzres.dll2013-07-09 05:52:52 224256 ----a-w- C:\windows\System32\wintrust.dll2013-07-09 05:51:16 1217024 ----a-w- C:\windows\System32\rpcrt4.dll2013-07-09 05:46:20 184320 ----a-w- C:\windows\System32\cryptsvc.dll2013-07-09 05:46:20 1472512 ----a-w- C:\windows\System32\crypt32.dll2013-07-09 05:46:20 139776 ----a-w- C:\windows\System32\cryptnet.dll2013-07-09 04:52:33 663552 ----a-w- C:\windows\SysWow64\rpcrt4.dll2013-07-09 04:52:10 175104 ----a-w- C:\windows\SysWow64\wintrust.dll2013-07-09 04:46:31 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll2013-07-09 04:46:31 1166848 ----a-w- C:\windows\SysWow64\crypt32.dll2013-07-09 04:46:31 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll2013-06-30 06:16:51 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll2013-06-30 06:16:51 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll2013-06-30 06:16:51 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll2012-10-10 08:29:25 193643728 ----a-w- C:\Program Files\CyberLink.5.0.1523d.18978_YUC120326-06.exe.============= FINISH: 0:12:04.91 ===============

I cant seem to delete them with malwarebytes. There were some other malware detected too. here's the result of my scan: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.09.14.05 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421Eddy :: EDDY-PC [administrator] 9/14/2013 10:37:07 PMmbam-log-2013-09-14 (22-37-07).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 300898Time elapsed: 10 minute(s), 31 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 2HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Agent) -> Data: C:\Users\Eddy\LOCALS~1\Temp\mswrkv.exe -> Delete on reboot.HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Eddy\LOCALS~1\Temp\mswrkv.exe -> Delete on reboot. Registry Data Items Detected: 1HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Bad: (http://search.conduit.com?SearchSource=10&ctid=CT3220468) Good: (http://www.google.com) -> Quarantined and repaired successfully. Folders Detected: 3C:\Users\Eddy\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.C:\Users\Eddy\AppData\Roaming\OpenCandy\74EF1688C8B8431795FD73D076FEEF83 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.C:\Users\Eddy\AppData\Roaming\OpenCandy\3B6E26C93EF441DAADE42E13D54FC72D (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. Files Detected: 4C:\Users\Eddy\AppData\Roaming\OpenCandy\74EF1688C8B8431795FD73D076FEEF83\PasswordBoxCHSTORE_p1v0.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.C:\Users\Eddy\AppData\Local\Temp\nsu1AC.tmp\Offercast2802_SGT_.exe (PUP.Optional.BundledToolBar.A) -> Quarantined and deleted successfully.C:\ProgramData\YTD Video Downloader\ytd_installer.exe (PUP.Optional.BundledToolBar.A) -> Quarantined and deleted successfully.C:\Users\Eddy\AppData\Roaming\OpenCandy\3B6E26C93EF441DAADE42E13D54FC72D\RegistryReviverSetup_AFF.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. (end)