mattyang

No worries Juliet, did run TFC prior to running Malwarebyte. Everything looks good again. Once thanks ladies for the tireless effort in assisting in this matter.

Hi Julie, did as requested and ran another scan by Malwarebytes. So far results returned looks good as nothing malicious detected.

Hi Juliet, did the scan as advised and posting the following log result: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/4/2015 Scan Time: 10:11:07 AM Logfile: Malwarebytes Scan Log.txt Administrator: Yes Version: 2.01.4.1018 Malware Database: v2015.04.10.08 Rootkit Database: v2015.03.31.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 CPU: x64 File System: NTFS User: Mattheus Scan Type: Threat Scan Result: Completed Objects Scanned: 354534 Time Elapsed: 44 min, 53 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 24 PUP.Optional.Multiplug, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, Quarantined, [f000482266244ee82752c474c73c33cd], PUP.Optional.Multiplug, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, Quarantined, [f000482266244ee82752c474c73c33cd], PUP.Optional.SearchApp.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, Quarantined, [e907fb6f4347cf67895229b5c0436b95], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, Quarantined, [ee0282e890fa350146c0ac632bd9ea16], PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, Quarantined, [31bf7af0395189ad3a5e26ae0003649c], PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, Quarantined, [ef0187e38109b97dac6a30993fc4ca36], PUP.Optional.SearchApp.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, Quarantined, [34bc5911ff8b84b29c3f6f6f15ee33cd], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, Quarantined, [e010dd8d99f11c1acc29bf065aa9857b], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, Quarantined, [18d80466f595c07615df5570b94a6b95], PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, Quarantined, [d7195e0c1674013535d329aced1653ad], PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, Quarantined, [43ad6406dbafa492569cf7ce6c97c23e], PUP.Optional.HomeTab.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\HomeTab, Quarantined, [ce220664e5a584b2871826cd7e85c937], PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\SearchProtectWS, Quarantined, [cd234a20692113239d5ac30231d21ce4], PUP.Optional.TNT.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\TNT2, Quarantined, [b8380d5de0aa79bdd9f3685f7a897789], PUP.Optional.Wajam.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\WajIntEnhance, Quarantined, [ef017feb3e4c5cda37e07851a360ca36], PUP.Optional.InstallCore.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [9c540c5e7c0e5cdaf22725e908fc01ff], PUP.Optional.InstallCore.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\INSTALLCORE, Quarantined, [727e2743b3d71b1b3fac47dc5da8cd33], PUP.Optional.Iminent.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, Quarantined, [43ad4d1dd6b4b87e6ebc15ad2dd6c040], PUP.Optional.Iminent.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, Quarantined, [e010f67490fac670250641818d7602fe], PUP.Optional.Linkey.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, Quarantined, [90601e4c3f4b37ffe3493a8839cad828], PUP.Optional.Vosteran.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, Quarantined, [648c84e64347d6609d9000c2ac5712ee], PUP.Optional.Wajam.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, Quarantined, [6888d9918604989efc3271516a99b44c], PUP.Optional.Wajam.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\SIMPLYTECH\HomeTabWajIEnhance, Quarantined, [5d9326444a4071c506ed5273f211b44c], PUP.Optional.EZDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1, Quarantined, [4ea225450288b87e06388dfaeb18dd23], Registry Values: 10 PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}, Quarantined, [32be6901bad04ee878a9e1712cd9f50b] PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}, Quarantined, [fef2e38739512c0adb46db77897cb14f] PUP.Optional.CoolSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURL, http://websearch.coolsearches.info/favicon.ico, Quarantined, [45abf6747218c1755da8ba987d888a76] PUP.Optional.CoolSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURLFallback, http://websearch.coolsearches.info/favicon.ico, Quarantined, [36baf3770288043240c58dc5cb3a22de] PUP.Optional.CoolSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|URL, http://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=20494&r=2015/03/17&hid=10414075307976941094&lg=EN&cc=SG&unqvl=85, Quarantined, [ca26abbf1f6b89adc63f143ed33218e8] PUP.Optional.InstallCore.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\INSTALLCORE|tb, 0N2X1N, Quarantined, [727e2743b3d71b1b3fac47dc5da8cd33] PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}, Quarantined, [628ec9a1206a280e72ae66ec19ec56aa] PUP.Optional.CoolSearches.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURL, http://websearch.coolsearches.info/favicon.ico, Quarantined, [fdf30d5d434739fdf3115ef475906a96] PUP.Optional.CoolSearches.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURLFallback, http://websearch.coolsearches.info/favicon.ico, Quarantined, [826efc6e8cfe61d5a163bb9772938977] PUP.Optional.CoolSearches.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|URL, http://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=20494&r=2015/03/17&hid=10414075307976941094&lg=EN&cc=SG&unqvl=85, Quarantined, [d51bc2a8cebc979fe420f260da2bdf21] Registry Data: 11 PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}),Replaced,[b7393139434780b68e6653a0699c837d] PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565, Good: (www.google.com), Bad: (http://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565),Replaced,[0ce49dcde7a33afcd024f4ff92734cb4] PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565, Good: (www.google.com), Bad: (http://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565),Replaced,[3fb14525f8925adccd274aa9ce37639d] PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}),Replaced,[13dd72f88ffbf83eaf456d86e0257c84] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[5f912545f3975fd7618bdc235aab35cb] PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}),Replaced,[9759c7a396f44ceadb1906ed5ea7c63a] PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565, Good: (www.google.com), Bad: (http://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565),Replaced,[717f5b0fdbafd264f3019360e71ea15f] PUP.Optional.CoolSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.coolsearches.info/?pid=20494&r=2015/03/17&hid=10414075307976941094&lg=EN&cc=SG&unqvl=85, Good: (www.google.com), Bad: (http://websearch.coolsearches.info/?pid=20494&r=2015/03/17&hid=10414075307976941094&lg=EN&cc=SG&unqvl=85),Replaced,[737d1a50b4d679bdf4b96f84778ee21e] PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms}),Replaced,[3ab6d694cbbf5ed8a252767dca3b768a] PUP.Optional.CoolSearches.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.coolsearches.info/?pid=20494&r=2015/03/17&hid=10414075307976941094&lg=EN&cc=SG&unqvl=85, Good: (www.google.com), Bad: (http://websearch.coolsearches.info/?pid=20494&r=2015/03/17&hid=10414075307976941094&lg=EN&cc=SG&unqvl=85),Replaced,[90607ceebad091a50f9f1ad9ac593bc5] PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-2709936447-2891915958-3838061216-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565, Good: (www.google.com), Bad: (http://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565),Replaced,[0ee2aebc6d1d8ea80ce901f23ec79967] Folders: 5 PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.EZDownloader, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader, Quarantined, [8f6179f1375349ed1c55edb6ca39d729], PUP.Optional.UniDeals.A, C:\Program Files (x86)\UniDeals, Quarantined, [05ebdd8d24660234c2b6cedbef145ca4], PUP.Optional.EzDownloader.A, C:\Users\Mattheus\AppData\Roaming\EZDownloader, Quarantined, [6c848ddd31593105aa7ed9d96f94a15f], PUP.Optional.EzDownloader.A, C:\Users\Mattheus\AppData\Roaming\EZDownloader\Errors, Quarantined, [6c848ddd31593105aa7ed9d96f94a15f], Files: 21 PUP.Optional.EZDownloader.A, C:\Users\Mattheus\AppData\Local\Temp\E380\temp\EzDownloader_setup.exe, Quarantined, [ab45b7b31773dc5a685a0d148f71b749], PUP.Optional.MultiPlug.A, C:\Users\Mattheus\AppData\Local\Temp\E380\temp\hpds_setup.exe, Quarantined, [d71978f2b8d2be78b88b50105ea4d52b], PUP.Optional.EZDownloader.A, C:\Users\Mattheus\AppData\Local\Temp\11E0\temp\EzDownloader_setup.exe, Quarantined, [ee0289e1503a8caa269c32ef9d63db25], PUP.Optional.EZDownloader.A, C:\Users\Mattheus\AppData\Local\Temp\5AB0\temp\EzDownloader_setup.exe, Quarantined, [ca260466f89260d6695930f1ff0145bb], PUP.Optional.MultiPlug.A, C:\Users\Mattheus\AppData\Local\Temp\5AB0\temp\hpds_setup.exe, Quarantined, [98586406e5a548ee93b0253bde24b54b], PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Core.dll, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.exe, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.exe.config, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Extension.dll, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Spider.dll, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\ICSharpCode.SharpZipLib.dll, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\Interop.SHDocVw.dll, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\TabStrip.dll, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\unins000.dat, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\unins000.exe, Quarantined, [4ea225450288b87e06388dfaeb18dd23], PUP.Optional.UniDeals.A, C:\Program Files (x86)\UniDeals\0MGIXeqRosp4Ko.dat, Quarantined, [05ebdd8d24660234c2b6cedbef145ca4], PUP.Optional.UniDeals.A, C:\Program Files (x86)\UniDeals\cGIfub2Jq384Kt.dat, Quarantined, [05ebdd8d24660234c2b6cedbef145ca4], PUP.Optional.UniDeals.A, C:\Program Files (x86)\UniDeals\JLSdekSd7ttPwm.dat, Quarantined, [05ebdd8d24660234c2b6cedbef145ca4], PUP.Optional.UniDeals.A, C:\Program Files (x86)\UniDeals\JLSdekSd7ttPwm.tlb, Quarantined, [05ebdd8d24660234c2b6cedbef145ca4], PUP.Optional.MyStartSearch.A, C:\Users\Mattheus\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: (), Bad: ( "homepage": "http://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565",), Replaced,[915f4e1c4c3e7fb733bbd5668a7c2ad6] PUP.Optional.ASK.A, C:\Users\Mattheus\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: (), Bad: ( "homepage": "http://www.search.ask.com/?gct=hp",), Replaced,[50a0501a7218d066b8ccb08ffd097e82] # AdwCleaner v4.201 - Logfile created 11/04/2015 at 11:05:32 # Updated 08/04/2015 by Xplode # Database : 2015-04-08.1 [server] # Operating system : Windows 7 Home Premium (x64) # Username : Mattheus - MATTHEUS-HP # Running from : C:\Users\Mattheus\Downloads\adwcleaner_4.201.exe # Option : Cleaning ***** [ Services ] ***** [#] Service Deleted : vToolbarUpdater18.1.10 ***** [ Files / Folders ] ***** [!] Folder Deleted : C:\ProgramData\AVG Secure Search [!] Folder Deleted : C:\ProgramData\AVG Security Toolbar [!] Folder Deleted : C:\Program Files (x86)\Check Point Software Technologies LTD [!] Folder Deleted : C:\Program Files (x86)\UaniDeAlse [!] Folder Deleted : C:\Program Files (x86)\UniDeailse [!] Folder Deleted : C:\Program Files (x86)\UniDealSa [!] Folder Deleted : C:\Program Files (x86)\UnIDeeAALLSSi [!] Folder Deleted : C:\Program Files (x86)\UniDeeals [!] Folder Deleted : C:\Program Files (x86)\youtubeadblocker [!] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search [!] Folder Deleted : C:\Users\Mattheus\AppData\LocalLow\Check Point Software Technologies LTD [!] Folder Deleted : C:\Users\Mattheus\AppData\Roaming\Check Point Software Technologies LTD ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0B55F99-F893-4F84-AE82-CAE0E70DFDFA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\simplytech Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\SearchProtect Key Deleted : HKLM\SOFTWARE\SpeedBit Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local ***** [ Web browsers ] ***** -\\ Internet Explorer v8.0.7600.16385 -\\ Google Chrome v41.0.2272.118 [C:\Users\Mattheus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565&q={searchTerms} [C:\Users\Mattheus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=20494&r=2015/03/17&hid=10414075307976941094&lg=EN&cc=SG&unqvl=85 [C:\Users\Mattheus\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : aaaaaiabcopkplhgaedhbloeejhhankf [C:\Users\Mattheus\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [startup_URLs] : hxxp://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565 [C:\Users\Mattheus\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] : {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}", "usage_count": 0 } }, "extensions": { "settings": { "aaaaaiabcopkplhgaedhbloeejhhankf": { "ack_external": true, "active_permissions": { "api": [ "homepage", "management", "nativeMessaging", "searchProvider", "startupPages", "storage", "tabs", "webRequest", "webRequestBlocking" ], "explicit_host": [ "hxxp://*/*", "hxxps://*/*" ], "manifest_permissions": [ ], "scriptable_host": [ "*://*.ask.com/ -\\ Chromium v -\\ Opera v28.0.1750.51 [C:\Users\Mattheus\AppData\Roaming\Opera Software\Opera Stable\Preferences] - Deleted [startup_URLs] : hxxp://www.mystartsearch.com/?type=hp&ts=1426580144&from=wpc&uid=WDCXWD6400BEVT-60A0RT0_WD-WXC1A709056590565 ************************* AdwCleaner[R0].txt - [10302 bytes] - [11/04/2015 11:01:52] AdwCleaner[s0].txt - [10369 bytes] - [11/04/2015 11:05:32] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10429 bytes] ########## Physical Sectors: 0 (No malicious items detected) (end)

Think my kid notebook pick up something nasty as he keeps getting redirected to ads website. And lots of UNIDEAL Popups appearing. Some information on his notebook: HP ENVY 14 NOTEBOOK WINDOWS 7 HOME PREMIUM Intel ® Core i7 CPU Q720 @1.60Ghz 4 GB Ram 64 Bit operating System. AVG Free EDITION 2015 Appreciate some guidance to clear this mess up. Thanks.

Thank you very much Juliet for your patience in guarding me through the process of cleaning up my notebook. Indeed you are a beacon of light to guide lost souls like me in this rapid changing tech world....

Hi Juliet, please find the result of both scans: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-09-2014 Ran by Matt at 2014-09-30 18:56:53 Run:2 Running from C:\Users\Matt\Desktop Loaded Profile: Matt (Available profiles: Matt) Boot Mode: Normal ============================================== Content of fixlist: ***************** start CloseProcesses: C:\$Recycle.Bin\S-1-5-21-2988392325-1286642985-2377832700-1005\$RZCNRZM\4s4eywhw.default\extensions\[email protected]\uninstall.exe C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmEng.dll C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmsrv.exe C:\Program Files\CheckPoint\Install\CUninstallerZA.exe C:\Users\Matt\AppData\Roaming\DJZBF C:\Users\Matt\AppData\Roaming\FWVJSTT C:\Users\Matt\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall.exe C:\Users\Matt\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall_d.exe C:\Users\Matt\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm4ffx.exe C:\Users\Matt\Downloads\ccsetup413.exe C:\Users\Matt\Downloads\ccsetup414.exe C:\Users\Matt\Downloads\ccsetup415.exe C:\Users\Matt\Downloads\ccsetup416.exe C:\Users\Matt\Downloads\ccsetup417.exe C:\Users\Matt\Downloads\CuteWriter.exe C:\Users\Matt\Downloads\zafwSetupWeb_133_052_000.exe C:\Windows\Installer\MSI2076.tmp C:\Windows\Installer\MSI2434.tmp EmptyTemp: End ***************** Processes closed successfully. C:\$Recycle.Bin\S-1-5-21-2988392325-1286642985-2377832700-1005\$RZCNRZM\4s4eywhw.default\extensions\[email protected]\uninstall.exe => Moved successfully. C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmEng.dll => Moved successfully. C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmsrv.exe => Moved successfully. C:\Program Files\CheckPoint\Install\CUninstallerZA.exe => Moved successfully. C:\Users\Matt\AppData\Roaming\DJZBF => Moved successfully. C:\Users\Matt\AppData\Roaming\FWVJSTT => Moved successfully. C:\Users\Matt\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall.exe => Moved successfully. C:\Users\Matt\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall_d.exe => Moved successfully. C:\Users\Matt\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm4ffx.exe => Moved successfully. C:\Users\Matt\Downloads\ccsetup413.exe => Moved successfully. C:\Users\Matt\Downloads\ccsetup414.exe => Moved successfully. C:\Users\Matt\Downloads\ccsetup415.exe => Moved successfully. C:\Users\Matt\Downloads\ccsetup416.exe => Moved successfully. C:\Users\Matt\Downloads\ccsetup417.exe => Moved successfully. C:\Users\Matt\Downloads\CuteWriter.exe => Moved successfully. C:\Users\Matt\Downloads\zafwSetupWeb_133_052_000.exe => Moved successfully. C:\Windows\Installer\MSI2076.tmp => Moved successfully. C:\Windows\Installer\MSI2434.tmp => Moved successfully. EmptyTemp: => Removed 449.5 MB temporary data. The system needed a reboot. Results of screen317's Security Check version 0.99.87 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! AVG AntiVirus Free Edition 2014 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy AVG Web TuneUp CCleaner Java 7 Update 67 Adobe Flash Player 15.0.0.152 Adobe Reader XI Mozilla Firefox (32.0.3) Google Chrome 37.0.2062.120 Google Chrome 37.0.2062.124 ````````Process Check: objlist.exe by Laurent```````` Spybot Teatimer.exe is disabled! AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe CheckPoint ZoneAlarm vsmon.exe CheckPoint ZoneAlarm zatray.exe CheckPoint ZoneAlarm ZaPrivacyService.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log`````````````````````` So far everything looks ok but my main concern now is that since I am actually using free ware from AVG, would it mean my level of protection will be less "pro-active" in that sense?

Hi Juliet, result of ESET Online scan as follows: C:\$Recycle.Bin\S-1-5-21-2988392325-1286642985-2377832700-1005\$RZCNRZM\4s4eywhw.default\extensions\[email protected]\uninstall.exe Win32/Toolbar.Montiera.B potentially unwanted application C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmEng.dll a variant of Win32/Toolbar.Montiera.A potentially unwanted application C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmsrv.exe a variant of Win32/Toolbar.Montiera.A potentially unwanted application C:\Program Files\CheckPoint\Install\CUninstallerZA.exe Win32/Toolbar.Conduit potentially unwanted application C:\Users\Matt\AppData\Roaming\DJZBF JS/Toolbar.Crossrider.C potentially unwanted application C:\Users\Matt\AppData\Roaming\FWVJSTT JS/Toolbar.Crossrider.C potentially unwanted application C:\Users\Matt\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall.exe Win32/Toolbar.Montiera.B potentially unwanted application C:\Users\Matt\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall_d.exe Win32/Toolbar.Montiera.B potentially unwanted application C:\Users\Matt\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm4ffx.exe Win32/Toolbar.Montiera.E potentially unwanted application C:\Users\Matt\Downloads\ccsetup413.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt\Downloads\ccsetup414.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt\Downloads\ccsetup415.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt\Downloads\ccsetup416.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt\Downloads\ccsetup417.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt\Downloads\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application C:\Users\Matt\Downloads\zafwSetupWeb_133_052_000.exe Win32/Toolbar.Conduit potentially unwanted application C:\Windows\Installer\MSI2076.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application C:\Windows\Installer\MSI2434.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

Ok I can see how this is going to be a long drawn out process of cleaning up my notebook. So far I did uninstalled Trend from my notebook from the list of programs installed. Have gone through the list again but its not found there, am I missing a step somewhere? Also did a search for the mentioned programs to be uninstalled but did not find any. Browsers issued solved after running Adwcleaner. Result as follows: # AdwCleaner v3.310 - Report created 28/09/2014 at 12:26:14 # Updated 12/09/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (32 bits) # Username : Matt - MATT-PC # Running from : C:\Users\Matt\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\AVG Security Toolbar Folder Deleted : C:\Program Files\globalUpdate Folder Deleted : C:\Program Files\Common Files\AVG Secure Search Folder Deleted : C:\Users\Matt\AppData\Local\globalUpdate ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk Shortcut Disinfected : C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Shortcut Disinfected : C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Shortcut Disinfected : C:\Users\Matt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Shortcut Disinfected : C:\Users\Matt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk Shortcut Disinfected : C:\Users\Matt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command Key Deleted : HKCU\Software\GlobalUpdate Key Deleted : HKCU\Software\InstalledBrowserExtensions Key Deleted : HKCU\Software\vShare.tv Key Deleted : HKLM\SOFTWARE\GlobalUpdate Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17280 -\\ Mozilla Firefox v32.0.3 (x86 en-GB) [ File : C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\p3dkmt60.default-1411826126322\prefs.js ] -\\ Google Chrome v37.0.2062.124 [ File : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [search Provider] : hxxp://startsear.ch/?aff=1&q={searchTerms} Deleted [search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411813995&from=ild&uid=HitachiXHTS545050B9A300_100309PBN40617CMHYMEX&q={searchTerms} Deleted [startup_urls] : hxxp://www.istartsurf.com/?type=hp&ts=1411813995&from=ild&uid=HitachiXHTS545050B9A300_100309PBN40617CMHYMEX ************************* AdwCleaner[R0].txt - [11034 octets] - [28/09/2014 12:13:17] AdwCleaner[s0].txt - [10050 octets] - [28/09/2014 12:26:14] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10111 octets] ########## Malwarebyte scan results: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 28/9/2014 Scan Time: 3:46:19 PM Logfile: malware scan.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.09.28.02 Rootkit Database: v2014.09.19.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x86 File System: NTFS User: Matt Scan Type: Threat Scan Result: Completed Objects Scanned: 300461 Time Elapsed: 13 min, 42 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) SC Cleaner scan result: Shortcut Cleaner 1.3.3 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2014 BleepingComputer.com More Information about Shortcut Cleaner can be found at this link: http://www.bleepingcomputer.com/download/shortcut-cleaner/ Windows Version: Windows 7 Home Premium Service Pack 1 Program started at: 09/28/2014 04:02:33 PM. Scanning for registry hijacks: * No issues found in the Registry. Searching for Hijacked Shortcuts: Searching C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\ Searching C:\ProgramData\Microsoft\Windows\Start Menu\ Searching C:\Users\Matt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Searching C:\Users\Public\Desktop\ Searching C:\Users\Matt\Desktop 0 bad shortcuts found. Program finished at: 09/28/2014 04:02:37 PM Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

Btw Juliet, I tried opening all three browsers, Firefox, IE and Chrome, noticed all three start homepage opens to the istartsurf page...

Hi Juliet, in replying to the AV software, used to had Trend but have since stopped using as license expired. Currently having AVG Free Edition installed. Following is FARBAR Fixlog result: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-09-2014 Ran by Matt at 2014-09-28 09:33:47 Run:1 Running from C:\Users\Matt\Desktop Loaded Profile: Matt (Available profiles: Matt) Boot Mode: Normal ============================================== Content of fixlist: ***************** start CloseProcesses: Folder:C:\ProgramData\WindowsMangerProtect HKLM\...\Run: [] => [X] HKU\S-1-5-21-2988392325-1286642985-2377832700-1005\...\MountPoints2: {bb44bce0-7344-11e1-ae64-001fc6f8d958} - E:\AUTORun.exe autorun HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsur...q={searchTerms} Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1411813995&from=ild&uid=HitachiXHTS545050B9A300_100309PBN40617CMHYMEX" CHR DefaultSearchKeyword: Default -> istartsurf CHR DefaultSearchProvider: Default -> istartsurf Task: {F013C274-C2D0-4405-9FAB-32E91EDD8E98} - System32\Tasks\FWVJSTT => C:\Users\Matt\AppData\Roaming\FWVJSTT.exe Task: {F8B704BD-EF59-4046-BCB7-A78A135C8B69} - System32\Tasks\DJZBF => C:\Users\Matt\AppData\Roaming\DJZBF.exe C:\Users\Matt\AppData\Roaming\DJZBF.exe C:\Users\Matt\AppData\Roaming\FWVJSTT.exe AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 Hosts: End ***************** Processes closed successfully. ========================= Folder:C:\ProgramData\WindowsMangerProtect ======================== Directory Not Found HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. "HKU\S-1-5-21-2988392325-1286642985-2377832700-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb44bce0-7344-11e1-ae64-001fc6f8d958}" => Key deleted successfully. "HKCR\CLSID\{bb44bce0-7344-11e1-ae64-001fc6f8d958}" => Key not found. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully. "HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found. Chrome StartupUrls deleted successfully. Chrome DefaultSearchKeyword deleted successfully. CHR DefaultSearchProvider: Default -> istartsurf ==> The Chrome "Settings" can be used to fix the entry. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F013C274-C2D0-4405-9FAB-32E91EDD8E98}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F013C274-C2D0-4405-9FAB-32E91EDD8E98}" => Key deleted successfully. C:\Windows\System32\Tasks\FWVJSTT => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FWVJSTT" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F8B704BD-EF59-4046-BCB7-A78A135C8B69}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8B704BD-EF59-4046-BCB7-A78A135C8B69}" => Key deleted successfully. C:\Windows\System32\Tasks\DJZBF => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DJZBF" => Key deleted successfully. "C:\Users\Matt\AppData\Roaming\DJZBF.exe" => File/Directory not found. "C:\Users\Matt\AppData\Roaming\FWVJSTT.exe" => File/Directory not found. C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully. C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. The system needed a reboot. ==== End of Fixlog ==== Following is JRT Log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.2.3 (09.27.2014:1) OS: Windows 7 Home Premium x86 Ran by Matt on Sun 28/09/2014 at 9:41:37.15 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\apn" Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0103610F-18D0-4181-878E-376319A95ACC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{012A1B1F-363B-47AF-A2EF-346FE3FFF5EC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{01C57775-9A8C-4433-9A9D-1DA36F81639E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0211F482-C958-490F-9521-BB1F999296C6} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{02600436-FD8C-4B74-8E2F-ADAC857404FF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0286B544-B8EF-4213-BDB5-E1CD30303CF1} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{02D3B025-BA4B-4FB4-9C0D-4D26AF19E571} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{034988B9-19E5-46C9-813B-F5D83A62F942} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0353CD39-4880-417A-B3BD-C05861464DA4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0386384A-B8DF-457F-94F9-854434C08D11} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{03F8AEA8-62F2-46C6-BE52-E277EF17A207} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{041C0E69-1F5D-4D95-AAF0-A47ADF4F81E8} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{04B68668-3C54-49CF-B2D2-7C6919B392CD} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{05DEAC63-331C-44A3-BAE1-A0CA00B0EFC3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{063CD621-2312-4EA4-9BC8-4CBA6219F658} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{06573032-603C-44D5-B2EC-2C64C70EE3FB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0749E6AF-A27F-47CB-B522-EA85DCFBCCA2} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0807CECA-B188-4AD2-9799-67FC1C4C6EA4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{09FC6167-9686-44A4-AEC7-4F5AB757E013} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0A1151FD-6831-4852-A7AB-83FE02ACB74D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0A11D492-30F4-4CE2-B2EC-4CB6CDCF32BE} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0B4D9049-E4A2-4113-9C2D-65AE1C606DA9} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0C2E94F0-6F50-4580-89ED-AB52F101B06C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0C630F41-8BFB-46F7-A24D-F1E774C1E09D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0CCEC521-2A98-4F37-BD1F-A124BD4E4E91} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0DE0FA98-5D21-44B1-8D56-39746997B4F3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0E34B8C1-6FAE-4E86-821E-357E0E57B28E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0E4E9E43-8E66-44B2-AEEB-5D3F6BE0A921} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0F49AE7E-9564-4F2E-A84E-730629A65F21} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{0F836A48-1647-474F-BE6E-347DF41A77AC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{10617C82-9D8A-4670-BD6E-C40FBEE1E08A} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{10B76DB5-9014-4CB7-B518-47995327F336} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{10BC4FB9-16D7-4F03-B754-2468335EAEF7} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{10F5C3E6-5721-424A-BD94-D8460DF9CD07} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{125B0BE8-6AC2-4EAD-90AF-88E2FA2A1D70} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{138902BC-114F-49D5-8B83-9A7E4ED0E6DC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{14CA637D-817B-4426-ACCC-CCB32E16973D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{14EB1875-F077-4CAF-BCC2-261913557DA8} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{14EF3069-DD6D-4235-A33B-60AAB54CBAEE} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{187FF5C9-69A5-4D54-B859-40BC79270686} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{19E019FE-D209-4ACB-8BC0-4A10F5096FA2} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{1A2424BC-3C26-4885-B6B5-FCD4EAD7489E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{1A3B7000-58A7-4317-9562-1C8FE294289C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{1A806100-E642-4653-8C6F-611F64F9744A} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{1BC3F5CB-EE31-488B-8130-0F2D13DE5390} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{1CDF5015-D7AB-45D1-9DC2-4474AC583844} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{1E3025B0-64B6-4938-8547-35FE1913B8BD} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{1EAC0F0D-4081-480F-80CA-B688E1F6CE02} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{20372DCC-472B-452D-95B6-37FC74AF31A9} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{21BD2FE9-AC07-4ED5-B27A-918578AFB2D8} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{22222D66-3AC2-477A-B7B0-C3334CB4509C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{22CEBDC4-1928-4035-B2BA-5AFC46244590} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{23081BF4-ECDA-4E05-A772-5CD618843BAB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2318079A-2D5C-4D1D-8BD1-990F38B572A8} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{236681BB-94C9-4B0D-B101-5BA270C4B4F3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{23A314F4-400E-4FEB-9B25-F52BD21325E9} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{244F250D-83C6-4C62-92F5-4A17BF58851F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{247EA3D8-087E-423B-8999-BBE598C079F0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{24973656-36C6-43AC-AAAA-1A92EBA1428E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{25E9A4F4-B511-4222-9452-0D75DADCEEBD} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2622A8E2-CB67-4FAB-8BE0-59374C05CE3D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{271A8479-FF0E-43FE-ADB2-119CD52743FE} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{29802EBF-1462-4B2C-ABFF-86B2D43F3429} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2AB640B0-3BC9-4CBD-8E30-3890E6CB7CB0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2AEC3947-76F5-4944-A8F2-E21B5F014972} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2B01A73B-2681-4BEE-B7E8-BD9B387EEF0F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2B19FFCE-88AB-4015-84D9-0FA7D6235DFF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2C269C91-73F6-46AA-864B-659BCDC6A149} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2C9AE38A-29EA-4525-BB44-6AD0B3F61E30} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2CB207EC-BB90-4380-8569-EAA69DFA9F5B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2CBB2F23-0807-450A-ADEA-D3DC1E56F9A4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2D27E991-6E4A-45AF-9B1F-77BC9F9932F5} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2D2D8573-6196-48D6-983E-AE836FF84D2E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2D5B3D3A-877A-44D1-8F2F-654CF883B3DD} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2E0CE17E-2D7C-4E2E-8BAA-4F0DD4EB00C3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{2E477545-8508-474D-89E5-750A4206A351} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{307312E7-4547-4C70-A9F1-335D094F4852} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{31111668-8A3D-495B-B8D8-095976C833C0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{31F3F775-165C-4F01-A785-DA5446C79619} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{356C255D-0F01-4C77-8E85-3CC95A68DD11} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{360147AF-2A13-4590-B146-4B01556BCF46} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{36791A2E-CE6F-42EF-BA68-0AB2A64B8979} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{36D0BEA8-731D-40B9-AB26-0CFF2DCEA39A} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{379BC36D-BC9D-4958-8682-E71EA121B622} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{38136471-21C3-4E3D-9485-9A6F7FF0AEDA} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{38C0F7D0-CCCD-4D98-8588-4734E67A2BAF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{390C1E9F-1F8F-491D-8A96-48F4BD03DEF4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{392FDDD6-B35B-44ED-B521-EEE037DECF8B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{399F56F7-F64B-46A7-B8DC-4327090AE1F7} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{39FE66BD-699E-444C-9D4A-69527FD3A1AC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3A3B38B9-B5F3-44FE-9D83-39352591B76D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3A69DB40-FAE5-46FA-ACAD-A14E17D510E0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3AADF8FA-3641-4CB5-82F6-25C06B28B7C4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3AD331C2-21D0-4E52-9F70-231840B9E160} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3AE365F0-5F20-4D82-A2CE-BB8D273D80DA} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3C7F86D6-D0BF-4465-98E5-A74314CAE2D5} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3CC9D6CD-F0C1-4EDE-BEBA-8516A914203E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3CD5E5BD-8F71-4222-86BC-3753071D8CDF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3D5CF262-7DB6-4B14-8FC9-8A208D6C3CE1} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3EB85CFF-1C7E-40F1-ACEC-10CBCCA24D4F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{3EEA9E1F-C035-4D71-AE70-9CECB056F27D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{40259F41-482B-48A7-A582-1FCCBBC142FA} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{40AE4146-4DD5-4EB2-9A8B-FAEDF6FF36F6} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{41D100D3-7CA7-4D55-9185-76A14ADF02B1} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4242F997-4892-4E17-A038-BCC1973E0C19} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{424ED7F0-0FA7-4B0F-B1AB-E83C5998BC1D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{425A53BE-3A42-493A-9781-9520DC2C56CA} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{43927AF1-005D-4045-AE56-2F9F7F53FCBB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{440C0208-4902-4273-8C35-0B111910A12D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4475C490-2F3C-4DAF-A7B8-A37B41EA5F43} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{464E967C-A8B6-4C88-9B89-B45D711C6A3C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{471651FE-D4C6-4268-A4BA-F7D934568180} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{47F10EB1-B68E-4D11-AD56-6BB8A8ACD263} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{483F1513-7945-4001-8BD6-8AA17EED83B2} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{486614CE-AB56-448D-87CD-13B2757CC3AC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{488BFD99-6C40-4EDB-8245-A105FF3A9D0A} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{48B119D9-0D37-49F9-833C-69107DA72330} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{490FA37D-C9B8-4ABA-8123-E065CDCFCA03} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4A94AD6E-DAFD-4460-B429-289969663782} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4D363D01-B805-43F1-BA85-A5A97600C0A3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4D48A3F6-6A42-4FDC-B6B6-B8C85B1F9D88} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4E249ED8-BA16-4E29-A282-789B882505A9} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4EFA3B26-100F-4416-80BC-940F434DA426} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4EFC01C1-E43E-4101-A2DC-512ED380329F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4F1B2E44-FEDF-408D-902C-9D85FBF67E5A} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4FBB3A7D-F1CC-4B5F-9C1C-7A56698A22AB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{4FEB6C52-283A-487C-8853-EC126C286ACC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{500AFC85-1230-4030-9756-03AE7D034308} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{50B2E073-EC03-4DB1-B7C7-4AB38D3F3B86} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{50D64316-669B-4DD4-AF75-632917C2A2E7} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{515831D2-B1A7-46ED-8AC6-106E112FDA19} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{51B66E84-6BE5-43FC-8133-A2D28958F31B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{52AA4CF7-3678-4501-9D5B-8329CF44BEC4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{52B5B406-092D-4B85-9358-7EDBCEBDB9E1} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{52CAF52C-F1C9-473C-90D8-4B0B21CFF083} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{549A8E66-0F91-4C21-AFF4-AD8F051F676E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{557301D4-7918-456D-BE1E-45C684ECF16F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{567C91A3-9DFA-42B5-BF68-3FCCE78A2AA7} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{56C17D08-E6B8-4C78-A428-DD95FAE15606} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{579B36BA-1479-4570-977B-0CD083E421B2} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{58B12B4B-64BB-412A-BB8E-9B831F0A8651} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{5940E984-BC8E-413B-BFEC-C07D45C1CA09} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{5A3B8547-49B8-4EC2-A1FE-86452A7AA06F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{5B75DF06-4DBE-44F5-B035-71A2F14CA3D1} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{5C9AC161-2C68-4109-BC27-FD9B7BC56FDD} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{5DCB1DF8-C4AC-4F98-9DF2-C7C16D8EA9FD} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{5E1D5C6A-B481-40E2-8BE4-685C263FB64E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{5F7E9DB0-A430-4964-B2BB-4A3F164DF05F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{61C7B10C-5B84-4BD0-80FD-6384564BF798} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{629969C3-7E42-4DFC-9A40-2DCB8789E72B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{62D5F046-273D-4E54-B786-653BABB33E43} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{6518C7E8-168E-4F96-8982-A568DD39457D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{653009BB-7D83-4F57-A914-C2B3AF7AEFC1} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{653EC3CA-ECFC-4721-8E60-9F834B8643A3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{657C7415-56FB-449F-AF72-981145462EEB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{6586F64E-22CD-406C-8B75-A2FE1DE9DDE3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{6588DD89-5B62-48B3-BFA6-4AC9B0BDD27E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{65DEFBCE-A64A-41E6-9463-E3F3C7421DEB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{66447088-208E-4F5B-A56E-97BEEC7B841C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{670CFE02-5C24-48D0-80E4-4BE9B60680C9} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{6723435B-B588-4C53-9DFD-D410C281423B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{67FA7761-E0F6-4A63-8F30-88AC5FE9340A} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{683CE762-10E1-4EB9-9C38-0E49F102E090} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{68893195-579A-4346-B22D-CF52C2F66FE5} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{68C03189-2230-4DEC-96EA-5498263552C1} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{6B3ACCD9-35BE-4A15-A602-6D030E77CB3E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{6E7BFE0B-33BC-45BE-9BD7-F7DE287A54B3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{6EFED313-4C9A-4C68-A6F1-C32B7BA23AFE} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7033B61C-DB58-4336-B39C-6D3AA3C79355} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{707C3217-F59D-41C0-8E90-8DF440EACACB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{70DB0360-A485-450D-AD80-8F4C69FDA65E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{71B6E7F2-48DA-463C-B06A-98A1BCE1C97A} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{73E7FEE3-EBB5-4735-B4B1-21280B97CFA9} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{740C2E62-B967-48F7-BAB4-88C3EFF1E2F2} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7451A416-F559-414E-B3E8-415179C1F2C7} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7657E90D-7804-46F4-AC0F-A5CA61A0926F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{76FEBCF8-9D22-4350-96AC-2453DC687FD8} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7777A4F2-3F42-444A-8CF4-F6A43A578E3F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{778F69F4-B820-4193-B8E4-DA1FCE468C7B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{77F2C13F-EE23-4189-9536-1D732C767F6E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{78128D1A-8947-4856-A6DB-ED8FA12A88BC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{78B7AE8E-C873-43EA-ABDA-89246F232832} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7918D525-0E05-4686-ABA6-308BD857DF85} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7DC2C866-24DC-444C-A0B7-5C1543A868F4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7E4F091A-7E89-40C7-A289-6B708951B2E2} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7E6402C8-3850-4BAD-A0CC-37D9AE578A5E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7F4D41F2-C282-489A-9A4F-44B46C6A6233} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7F78D8E8-159F-4C0F-8249-9F99647F0393} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7FCC2419-514F-40F1-8CB7-5BD40CBEF1AA} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{801B7610-5A12-4D33-858D-25AF95821586} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{8086E527-458F-44A1-86A3-6BB86D1047BD} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{80C37765-7563-48C2-9808-50255A780ADA} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{810DDA05-07C4-4EBE-BDA2-ED4724B595EB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{817102AB-D4F2-485D-8D99-EE554F6283FC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{819AF3A7-B35C-415B-B856-667D2590E797} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{81ED2EE3-5FFB-4F2D-BAE7-A2C8A0869035} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{83CB8C17-6842-4BCD-95E0-7B4FF0526CB3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{844D2849-A75F-48AF-94DB-FBECFE2DEC1A} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{85B2CE70-0BDC-4A49-9E70-B56D5B8AE329} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{86206B67-0636-4339-9276-416E7D8B29EC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{86FD3316-A550-4B75-B94B-0F2B51CF685D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{87D8EAD7-8C8E-412E-ABB4-84FF8925C61F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{88932B39-1F4C-4B0B-8B98-2D6FED02FCEF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{890FDD55-A69E-4F1A-889C-6215B0C4CEC7} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{8A723D23-23CD-4BF9-A223-3A8840DE9760} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{8A92D44B-ADE6-4D16-AB17-F4758E841FC6} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{8AD838C0-251D-4A08-9EEA-926F2A0F5916} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{8C027D7C-5933-41EE-9DED-7E459C6C957F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{8CDEC0EA-1F89-4724-B45D-E93AEFFEAA15} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{8D474A2F-7121-49D2-AD9D-F18FD789326C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{8F71DFD8-F7DC-4A16-BAD2-20C9D822FC2B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{8F8FA09D-5684-415D-ABC6-974FE7EDBAE3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{90975B23-5E8D-48F4-9FB9-3EA288607F62} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{90D63E54-E4CC-47E4-9AB3-C35C7C048B4C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{90E33C16-3626-4E8C-9A80-EFB89A7AC19F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{91203673-4313-4958-BE27-F71931BA080E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{921E554F-A32B-4F41-8920-FB29680F197D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{92A4D77F-3C2A-4AAB-912B-4EACD6DD37CE} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{92D4AA0C-D57C-4E21-A1B2-FFED6572A099} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{92EA99F0-A20B-4D81-A290-17E313774B30} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{94300C87-203A-4551-A184-97321A46A474} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{958BD507-E764-4B44-82C0-21480A2168E3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{96193E11-6B80-4BC2-A8F6-8DC0FAF0B925} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{97B1C750-A2D4-4627-A21E-F8D0905D7832} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9813AA3E-8941-48EB-B4D8-E4CFA631AFF9} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{985777BB-52BC-47BD-997A-633B62FBABF0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{98F824C2-BE54-4CB9-8CAB-61F381668055} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{99F671E0-A50C-4EC1-A122-B65016580F80} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9A11B7F9-9A0C-497F-952A-B04C144DA784} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9A21370C-3C18-4DE8-9D30-F41C44E56F06} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9A5D95DA-F455-42C6-B8BA-5F51E4FB5B9E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9B36CEEE-FA84-443C-9B63-BE44BFFA7EA8} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9BC89241-94C6-4676-8F2F-DE773D97CDC5} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9BFCF946-E2A0-46D1-821F-6F2E4BC663CF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9CDAC1D0-AF99-4370-B2E7-DF3EE5830F31} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9DC8A1A9-1000-4F25-AD57-877247A388CF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9E4A1DAB-DA60-4B36-8200-695DC4976FAF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9E6EB1EB-92C1-4951-9E2A-EDFD61C6A8CC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{9FF654AA-CA42-458A-82CA-7FF11C4939DC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A03CDDEF-53C9-4B96-A3C5-F32E7D7751DB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A24F3A76-3613-4600-A1B2-845C2D2CABA0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A3E1DAE5-08E4-4B53-8C3A-7890326C8BF5} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A48B31BD-994E-4BDD-808C-1C8E0888E84B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A4AFFD63-BC88-4CE3-937C-687F38A41815} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A5172AA5-B8A7-4768-8996-AC7857AE381C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A5C6E5FF-5041-49A8-A311-CCB46CDC939E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A5EF2315-FF0E-47BA-90DE-C27C9F3165F8} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A6FE5EAD-F504-4B86-A99D-0519511B02E0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A7A3A624-98F9-418F-909D-FD71AB36B6E7} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A9998377-06CC-4464-B51D-E53EC4AC75EF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{A9E8A448-73F2-4F15-99D8-923EE676B132} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{AA3E59B6-577B-4A08-A2A4-873FA8E8A806} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{AB917FF5-A568-4240-A13B-AAF9ADE83659} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{AC41E1EF-EC21-4CC3-9E24-6758BEA46E25} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{AD1CBC96-66B3-4383-94F0-7A60C63A373E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{ADBC6635-6560-4E07-AB52-3FC0AF61CBD5} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{B00A8355-1C7F-407E-AF5E-A1AF6DEBF162} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{B0146E1E-57CC-4736-911E-CC90053507F6} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{B187FA47-E66C-454A-BFE6-615E829A287F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{B1FF0A44-87B3-4A75-85C6-7687191F0069} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{B3AC75FF-EDC4-43CA-B8CF-5F413851D8DE} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{B411893E-C22C-4B05-9B8A-12A8E4BAEFBF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{B95FDEEC-E6B3-4FD7-9586-853AF810AAFE} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{B9FCDE01-4544-4E25-9D06-AA6E3A3DD9A4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BA395823-B4C4-4C78-A341-71FA1738B475} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BA476625-BA35-46E3-80B1-BEE361BFD7DF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BB0E3A32-EDCF-4DBB-A528-0DEBDEB8D42F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BB59D759-2BC4-476C-90D8-4A8464289C4D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BBE84428-9864-4F85-A732-6BA6CE72C504} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BC1114FC-64AF-4B6B-BC25-0127EB959D64} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BC18AD11-4C17-4793-AE91-CB4278C8DA86} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BD0AB58E-EDF2-460F-8F21-2DE83EB33B53} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BD3FB0C6-C7D7-4856-958D-9E06CB75848B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BD9EAF22-CCB7-46E3-8E3F-CD6239154BAF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BF1CF53F-25AB-4F16-BF5B-978AE3FE8682} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{BFEEF296-57F2-4F63-94E0-9DF6DF0627CD} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{C38A160C-D62F-4385-9088-8E88F416AEB5} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{C56D49B1-7F1F-419D-A5FD-841EE4AE9479} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{C5B62D6A-BD8A-4226-86FF-A69D1A67E0F5} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{C63B0F83-6797-49F1-9EA2-A82ADBAF2DD4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{C9CE3C22-6CD0-4C80-945C-DA290CCB2F8C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{C9E04760-9A30-4372-B4DE-882AA7B4EBFC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{C9F3CDA2-7515-4878-BE51-0C5059F1055C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{CA3D682E-949C-430E-B5A8-C82767F4213F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{CB5002D9-C66E-458F-9DDB-65AD0EEE7239} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{CB88BFEA-C5E3-4EE4-8BC6-3A0A587C2687} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{CBC01C32-196B-4B66-BA0D-9188916A2D76} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{CC6A382F-7450-49EC-BFC8-B61A01D6D5B0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{CC81C7DE-8C2E-4FD8-9A90-6757FB756E5C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{CC94F686-FCF6-485E-9A94-3D2FCC7B7E25} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{CEDC1C22-81E9-4AC5-92CE-A2F88665449C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{CF51A888-81B7-4A99-A147-161DEC2C5E97} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D053AE15-F727-45AE-B2F9-26F0CC6738E5} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D0F7085D-CA45-4552-966F-E72BE2BBD684} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D11D182B-1402-4C10-916F-3D09D3143F1F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D21D91E8-5B98-48F4-B8C8-14BA0DA47BC1} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D2320452-AB2E-4D81-BD94-ED2CE3517B63} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D32F5634-F1CF-4FAF-90C7-CB320FA12962} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D44542D3-E863-4139-8138-24F1BD5743D1} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D48349FA-7851-4BAD-9593-E104969D361B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D50F76B9-210B-411B-8D68-A86F2FFE3CB6} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D616A1E1-5E5B-407A-889A-0CAC58ED2BE4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D61F5DAD-45EF-428A-9A72-53B5337881F0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D7350731-7EB1-4A4B-8E6A-E440E6C7A85B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D7CE3624-B9F4-4340-B54D-E549D190F461} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{D92E2721-9BD1-461B-BEA6-698FEE17BCC6} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{DA69AB5C-3731-4DF3-A61C-653D1F7DBFA4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{DA7D2B3E-019F-48FB-B888-8DC8ED16A939} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{DACFBFD6-B892-496F-A459-D8CBB00E2FE6} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{DAF591E1-EBE7-4E22-9A67-68E43BA60162} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{DB731382-629E-46C2-8EF1-ABE274E9D887} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{DC97135C-E41C-4D34-B426-F900E4C8C259} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{DCF651DA-7F3F-497A-85F5-6DF8D3D954AC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{DEE8CD07-D320-4428-AD43-39C8968B7592} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{DEE976F8-CE82-44B3-B4CE-406BCEEB9484} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{DF5F05EB-F8C9-4281-AF7D-EFF3838DFC64} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E0323266-88FD-49F1-AB0D-6D467FFF41EC} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E204F484-337D-4CFA-83C0-9CA2D65D7000} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E2D4617A-F44B-4C3B-905C-7DC412EABA4A} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E37E6910-FAD4-4AA5-9D0B-CC719AC42AEB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E395AC9F-3233-4F90-8787-3E2158B35017} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E409BE76-211D-44EF-8BED-DD0D5250B04D} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E4E835C5-7979-4BDB-8ADD-98B03036269E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E6461715-4C00-4FEC-A882-E3F2F2D2127B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E64C2A66-63A9-4423-A5F2-152BE10D57A2} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E7238A81-0535-48E0-8A1C-F34A9DB19FA8} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E7C97F68-CA03-42C8-9BA3-D27CF2379BEF} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E8B644D8-3E2D-48A8-86D7-585772712F72} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{E9346E80-19D0-498D-80A0-C5C1460F9F37} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EA52F72B-8C46-4732-BCBA-BC0F998CA0F0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EB223433-5D22-494B-B2FA-F8141C2F694F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EB96398B-B85B-40D2-A3CF-592D0E85E164} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EBAE2A5F-2D20-4625-8AC9-BBF061519873} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EC347A49-F397-4185-B1A7-4A24564BEA5B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EC34A816-756E-4909-8478-242E430CFFD3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EC38D02E-8D20-4788-A9C2-7B50A929BFF9} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{ECAE18A7-D48E-4CEB-967E-B8EB41A7DE2F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{ECDE1EE7-F125-40C4-BEC1-CEC4F85A2536} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EE808315-979D-48A0-9ACC-1583D93D445C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EE8C29E5-06A5-40B0-9B62-3405B3F535F4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EF7A7812-56D6-4899-87C5-CE4E20C0CC74} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F05B0233-B810-435D-9039-3017CBBF0392} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F096B8E9-EBE1-4AD0-9FAB-FDF88457117C} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F196FB9C-A9B3-4801-B192-9AD9EC1C1F97} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F22EF3F8-915D-4E48-A47B-FEB003536CBB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F2A9CD24-1FD0-4A29-B51D-C25531938AA3} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F2CDA0E2-9D4D-490B-B286-4FC9FF7BBF00} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F36368CD-A694-4C29-8E3F-FFC440E2A4D4} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F3822306-D32B-4086-A0C9-55365F81E793} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F41B8519-23CC-48E1-8C29-EF76EB9DC101} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F559E46B-CA49-4CBB-AE41-7DB05F43E1D5} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F5765B39-4978-4E09-B323-4AD8213197D7} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F5C97EC2-CE17-442F-A9E0-7D9EF3B9B7B6} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F62EFC90-CFFA-4994-8271-8A036F6C5E90} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F6493166-F398-4C0A-97B9-19B50C0150DB} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F85061CF-D321-4583-98B5-C09AF01D9231} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F8CF38BF-C61E-4F20-99A9-48C962B95702} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F9015FDB-C017-44BA-936E-A345D5F8D86F} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F94FE6E6-FD76-48B2-94AD-B89ECE3554E0} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F951EEB7-82B6-480D-B26E-DD296606D5AD} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{F987822F-9731-47A0-ABB0-4189C70B43C1} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{FA0A9782-2EDC-48C1-9C5F-A7A67B181003} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{FA52D3B4-F3F3-41A9-B270-4901D1824B1B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{FA5E45A8-68BE-4E59-8673-134FD3277D3E} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{FAE70310-3E31-4040-ADEB-008E60957E06} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{FD08C757-4563-446D-B52C-66B1D742D50B} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{FE89D105-3980-4E5D-A741-D045306E8200} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{FFB3B458-9B7E-4D93-BBD5-5CFB81A29B6A} Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{FFE3ACCD-7608-4DD6-BB05-768E01E70E21} ~~~ Chrome Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 28/09/2014 at 9:45:34.62 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Firstly resetted Firefox to default setting didn't work. On opening the browser, home page shown is www.istartsurf.com, different from what I had set. However, when I press on homepage it does bring me back to my original homepage. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2014 Ran by Matt (administrator) on MATT-PC on 27-09-2014 22:01:06 Running from C:\Users\Matt\Downloads Loaded Profile: Matt (Available profiles: Matt) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe () C:\Windows\System32\GFNEXSrv.exe (Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Teruten) C:\Windows\System32\FsUsbExService.Exe (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgscanx.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (HDPlus-01TotalV27.09) C:\Program Files\TotalPlus01-3.1V27.09\f7ed0e0a-16d8-4542-9ba7-870140e413fe.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe (RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe (Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe () C:\Program Files\AVG Web TuneUp\vprot.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [TkBellExe] => C:\Program Files\real\realplayer\update\realsched.exe [296056 2011-12-16] (RealNetworks, Inc.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [134624 2014-07-23] (Check Point Software Technologies Ltd.) HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2680344 2014-09-04] () HKLM\...\Run: [sDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated) HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\S-1-5-21-2988392325-1286642985-2377832700-1005\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-10-06] (Google Inc.) HKU\S-1-5-21-2988392325-1286642985-2377832700-1005\...\MountPoints2: {bb44bce0-7344-11e1-ae64-001fc6f8d958} - E:\AUTORun.exe autorun ShellIconOverlayIdentifiers: ATFPUOverlayIcon -> {3239DBC1-B76D-4dc7-8B29-D99CBA3C7336} => C:\Program Files\TOSHIBA\TFPU\TFPUOverlayIcon.dll (TOSHIBA) BootExecute: autocheck autochk * sdnclean.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1411813995&from=ild&uid=HitachiXHTS545050B9A300_100309PBN40617CMHYMEX&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - {75703935-5E50-4089-AB69-54BE1131A1BF} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSAS SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&r=304 SearchScopes: HKCU - {75703935-5E50-4089-AB69-54BE1131A1BF} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSAS_enSG384SG384 SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://sg.search.yahoo.com/search?p={searchTerms} BHO: TFPUPWDBankBHO Class -> {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} -> C:\Program Files\TOSHIBA\TFPU\TFPUPWDBankBHO.dll (TODO: <Company name>) BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\p3dkmt60.default-1411826126322 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll No File FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks) FF Plugin: @real.com/nppl3260;version=15.0.1.13 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=15.0.1.13 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.1.13 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.1.13 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=15.0.1.13 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll No File FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, http://www.openssl.org/) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, http://www.openssl.org/) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25] FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] - C:\Program Files\TOSHIBA\TFPU\FirefoxAddin FF Extension: Automatic password input in Fx - C:\Program Files\TOSHIBA\TFPU\FirefoxAddin [2010-04-13] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-12-16] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\AVG Web TuneUp\FireFoxExt\3.1.0.8 FF Extension: AVG Web TuneUp - C:\ProgramData\AVG Web TuneUp\FireFoxExt\3.1.0.8 [2014-08-28] FF StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1411813995&from=ild&uid=HitachiXHTS545050B9A300_100309PBN40617CMHYMEX" CHR DefaultSearchKeyword: Default -> istartsurf CHR DefaultSearchProvider: Default -> istartsurf CHR CustomProfile: C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-15] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-23] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2010-06-23] CHR Extension: (Skype Click to Call) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-12-30] CHR Extension: (Go away MDA - Bypass MDA blocked sites) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lledpflfnanamkogoclkgaggfdgoalok [2013-12-30] CHR Extension: (Google Wallet) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-12-16] CHR HKLM\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files\vShare.tv plugin\vshareplg.crx [2011-12-16] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-08-13] CHR StartMenuInternet: Google Chrome - Chrome.exe ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1811704 2009-10-24] (AuthenTec, Inc.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.) R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.) R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-10-28] (TOSHIBA CORPORATION) R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-11] (TOSHIBA CORPORATION) R2 FsUsbExService; C:\windows\system32\FsUsbExService.Exe [233472 2009-07-15] (Teruten) [File not signed] S3 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [238328 2009-08-28] (WildTangent, Inc.) R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [132408 2009-10-23] () R2 LMS; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed] S3 MSSQL$MSSMLBIZ; c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-08-13] (Skype Technologies S.A.) S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-10-07] (TOSHIBA Corporation) R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [185712 2009-09-29] (TOSHIBA Corporation) S3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-09-18] (TOSHIBA Corporation) S3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [677232 2009-10-31] (TOSHIBA Corporation) R2 UNS; C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed] R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [3596240 2014-07-23] (Check Point Software Technologies Ltd.) R2 vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-09-04] (AVG Secure Search) R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [93712 2014-07-03] (Check Point Software Technologies, Ltd.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U0 ataa; C:\windows\System32\drivers\upsiuoj.sys [52440 2014-09-27] (Malwarebytes Corporation) R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [42784 2014-09-04] (AVG Technologies) R3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [36608 2009-07-15] () [File not signed] R2 NPF; C:\windows\System32\DRIVERS\aztech_npf32.sys [42000 2009-08-19] (CACE Technologies) R3 PGEffect; C:\windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-23] (TOSHIBA Corporation) R2 risdpcie; C:\windows\System32\DRIVERS\risdpe86.sys [49152 2009-07-29] (REDC) R2 rixdpcie; C:\windows\System32\DRIVERS\rixdpe86.sys [38400 2009-07-05] (REDC) R2 TVALZFL; C:\windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-20] (TOSHIBA Corporation) R1 Vsdatant; C:\windows\System32\DRIVERS\vsdatant.sys [456088 2014-07-23] (Check Point Software Technologies Ltd.) U2 TMAgent; No ImagePath U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-05] () [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-27 22:01 - 2014-09-27 22:01 - 00024888 _____ () C:\Users\Matt\Downloads\FRST.txt 2014-09-27 22:00 - 2014-09-27 22:01 - 00000000 ____D () C:\FRST 2014-09-27 22:00 - 2014-09-27 22:00 - 01100288 _____ (Farbar) C:\Users\Matt\Downloads\FRST.exe 2014-09-27 21:55 - 2014-09-27 21:55 - 00000000 ____D () C:\Users\Matt\Desktop\Old Firefox Data 2014-09-27 19:36 - 2014-09-27 19:36 - 00052440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\upsiuoj.sys 2014-09-27 19:35 - 2014-09-27 19:35 - 00131621 _____ () C:\Users\Matt\Desktop\malware scan 27 sep 14.txt 2014-09-27 19:04 - 2014-09-27 19:04 - 00005042 _____ () C:\windows\PFRO.log 2014-09-27 18:37 - 2014-09-27 19:15 - 00001336 _____ () C:\windows\Tasks\FWVJSTT.job 2014-09-27 18:36 - 2014-09-27 19:15 - 00001332 _____ () C:\windows\Tasks\DJZBF.job 2014-09-27 18:35 - 2014-09-27 19:36 - 00000000 ____D () C:\Program Files\TotalPlus01-3.1V27.09 2014-09-27 18:35 - 2014-09-27 19:36 - 00000000 ____D () C:\Program Files\globalUpdate 2014-09-27 18:35 - 2014-09-27 18:35 - 00000000 ____D () C:\Users\Matt\AppData\Local\globalUpdate 2014-09-27 18:34 - 2014-09-27 19:36 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-09-27 18:34 - 2014-09-27 18:34 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\BandExtend 2014-09-25 20:56 - 2014-09-27 19:15 - 00000560 _____ () C:\windows\setupact.log 2014-09-25 20:56 - 2014-09-25 20:56 - 00000000 _____ () C:\windows\setuperr.log 2014-09-25 19:15 - 2014-09-25 19:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-09-24 18:42 - 2014-09-10 05:47 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll 2014-09-18 06:43 - 2014-09-18 18:39 - 00000366 _____ () C:\windows\Tasks\ReclaimerUpdateFiles_Matt.job 2014-09-18 06:43 - 2014-09-18 18:39 - 00000362 _____ () C:\windows\Tasks\ReclaimerUpdateXML_Matt.job 2014-09-13 08:45 - 2014-09-13 08:45 - 00001764 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-09-13 08:45 - 2014-09-13 08:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-13 08:44 - 2014-09-13 08:45 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-09-13 08:44 - 2014-09-13 08:45 - 00000000 ____D () C:\Program Files\iTunes 2014-09-13 08:44 - 2014-09-13 08:44 - 00000000 ____D () C:\Program Files\iPod 2014-09-12 18:32 - 2014-09-05 09:52 - 00445952 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-09-12 18:32 - 2014-09-05 09:47 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-09-11 21:45 - 2014-08-20 01:39 - 00327872 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2014-09-11 21:45 - 2014-08-19 06:26 - 17455104 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-09-11 21:45 - 2014-08-19 06:08 - 04232704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-09-11 21:45 - 2014-08-19 05:57 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-09-11 21:45 - 2014-08-19 05:57 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-09-11 21:45 - 2014-08-19 05:46 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-09-11 21:45 - 2014-08-19 05:45 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-09-11 21:45 - 2014-08-19 05:44 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2014-09-11 21:45 - 2014-08-19 05:44 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-09-11 21:45 - 2014-08-19 05:42 - 02185728 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-09-11 21:45 - 2014-08-19 05:39 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-09-11 21:45 - 2014-08-19 05:39 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-09-11 21:45 - 2014-08-19 05:37 - 00440320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-09-11 21:45 - 2014-08-19 05:36 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-09-11 21:45 - 2014-08-19 05:36 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-09-11 21:45 - 2014-08-19 05:35 - 00597504 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-09-11 21:45 - 2014-08-19 05:30 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-09-11 21:45 - 2014-08-19 05:27 - 00365056 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-09-11 21:45 - 2014-08-19 05:22 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 21:45 - 2014-08-19 05:19 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-09-11 21:45 - 2014-08-19 05:17 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-09-11 21:45 - 2014-08-19 05:17 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-09-11 21:45 - 2014-08-19 05:15 - 11769856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-09-11 21:45 - 2014-08-19 05:09 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-09-11 21:45 - 2014-08-19 05:08 - 02014208 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-09-11 21:45 - 2014-08-19 05:08 - 00673792 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-09-11 21:45 - 2014-08-19 05:07 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2014-09-11 21:45 - 2014-08-19 04:46 - 01812992 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-09-11 21:45 - 2014-08-19 04:38 - 01190400 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-09-11 21:45 - 2014-08-19 04:36 - 00678400 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-09-11 21:44 - 2014-06-27 09:45 - 02285056 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll 2014-09-11 18:45 - 2014-08-01 19:35 - 00793600 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll 2014-09-11 18:45 - 2014-07-07 09:40 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2014-09-11 18:45 - 2014-07-07 09:40 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2014-09-11 18:45 - 2014-06-24 10:59 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll 2014-09-01 16:18 - 2014-09-01 16:18 - 00002086 _____ () C:\Users\Matt\AppData\Roaming\FWVJSTT 2014-09-01 16:18 - 2014-09-01 16:18 - 00001248 _____ () C:\Users\Matt\AppData\Roaming\DJZBF 2014-08-31 19:43 - 2014-08-31 19:43 - 00004477 _____ () C:\windows\system32\jupdate-1.7.0_67-b01.log 2014-08-31 19:43 - 2014-08-31 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-31 19:43 - 2014-08-31 19:43 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-08-31 19:43 - 2014-07-25 12:55 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll 2014-08-31 19:43 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\windows\system32\javaws.exe 2014-08-31 19:43 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\windows\system32\javaw.exe 2014-08-31 19:43 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\windows\system32\java.exe 2014-08-31 19:41 - 2014-08-31 19:41 - 00918952 _____ (Oracle Corporation) C:\Users\Matt\Downloads\jxpiinstall.exe 2014-08-28 18:58 - 2014-08-23 09:46 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2014-08-28 18:58 - 2014-08-23 08:42 - 02352640 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-27 21:14 - 2012-04-29 09:59 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-09-27 21:13 - 2010-06-19 19:14 - 00000886 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-27 19:47 - 2014-04-18 20:47 - 00000000 ____D () C:\Users\Matt\Desktop\mbar 2014-09-27 19:47 - 2014-04-18 20:47 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-09-27 19:36 - 2014-08-19 20:00 - 00075480 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-09-27 19:23 - 2009-07-14 12:34 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-27 19:23 - 2009-07-14 12:34 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-27 19:19 - 2013-06-01 13:51 - 01873193 _____ () C:\windows\WindowsUpdate.log 2014-09-27 19:17 - 2014-08-19 20:00 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-27 19:17 - 2010-07-03 10:39 - 00000000 ____D () C:\Users\Matt\AppData\Local\CrashDumps 2014-09-27 19:15 - 2010-06-19 19:14 - 00000882 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-27 19:15 - 2009-07-14 12:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-09-27 18:38 - 2014-08-19 20:39 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2014-09-27 18:33 - 2011-08-27 15:08 - 00001335 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-27 18:33 - 2011-08-27 15:08 - 00001323 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-09-27 18:33 - 2010-06-23 21:31 - 00002517 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-09-27 18:33 - 2010-06-19 19:08 - 00001644 _____ () C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-27 18:11 - 2014-08-06 19:25 - 00000000 ____D () C:\ProgramData\MFAData 2014-09-27 11:22 - 2009-07-14 10:37 - 00000000 ____D () C:\windows\rescache 2014-09-27 10:29 - 2012-05-05 17:32 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-09-25 20:18 - 2009-12-24 15:02 - 00933686 _____ () C:\windows\system32\PerfStringBackup.INI 2014-09-25 19:12 - 2013-11-02 12:39 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-25 19:12 - 2009-12-24 15:04 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-09-24 20:14 - 2012-04-29 09:59 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2014-09-24 20:14 - 2011-05-16 09:15 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2014-09-24 18:59 - 2013-08-01 18:52 - 00000000 ____D () C:\Users\Matt\AppData\Local\CutePDF Writer 2014-09-17 19:14 - 2010-12-01 16:39 - 00000000 ____D () C:\Users\Matt\Documents\PERSONAL 2014-09-13 08:44 - 2010-09-19 09:58 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-09-12 23:11 - 2014-05-06 22:30 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-09-12 18:36 - 2009-07-14 10:37 - 00000000 ____D () C:\windows\Microsoft.NET 2014-09-11 21:45 - 2010-04-13 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-09-11 21:44 - 2013-08-14 09:17 - 00000000 ____D () C:\windows\system32\MRT 2014-09-11 21:36 - 2010-06-20 11:10 - 98758480 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-09-07 20:09 - 2012-01-24 21:17 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\vlc 2014-09-04 19:44 - 2014-08-06 19:28 - 00000000 ____D () C:\ProgramData\AVG2014 2014-09-04 19:43 - 2014-08-08 19:03 - 00042784 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys 2014-09-04 19:43 - 2014-08-08 19:03 - 00000000 ____D () C:\Program Files\AVG Web TuneUp 2014-09-03 19:20 - 2014-08-06 19:28 - 00000865 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-09-03 19:20 - 2014-08-06 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-08-31 19:44 - 2013-09-24 21:07 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-31 19:43 - 2009-12-24 14:58 - 00000000 ____D () C:\Program Files\Java 2014-08-29 18:42 - 2009-07-14 12:33 - 00416896 _____ () C:\windows\system32\FNTCACHE.DAT 2014-08-28 19:50 - 2014-08-08 19:03 - 00000000 _____ () C:\Program Files\Mozilla Firefoxwtu-secure-search.xml ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\windows\explorer.exe => File is digitally signed C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-27 11:14 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-09-2014 Ran by Matt at 2014-09-27 22:01:52 Running from C:\Users\Matt\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.) Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AuthenTec Fingerprint Software (HKLM\...\{83F136F0-2AE5-420C-A0B6-A440AD42591C}) (Version: 8.5.4.46 - AuthenTec, Inc.) AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies) AVG 2014 (Version: 14.0.4025 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 3.1.0.8 - AVG Technologies) Bejeweled 2 Deluxe (Version: 2.2.0.82 - WildTangent) Hidden Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) Bing Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation) BlackVue (HKLM\...\BlackVue) (Version: - ) Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.00(T) - TOSHIBA CORPORATION) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation) Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform) Chinese Simplified Fonts Support For Adobe Reader X (HKLM\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated) Chuzzle Deluxe (Version: 2.2.0.82 - WildTangent) Hidden CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft) DivX Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.5.0.11 - DivX, LLC) DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.) Dolby Control Center (HKLM\...\{87725CEF-1BC6-47C5-B2CD-96DD6D392EE3}) (Version: 2.2.1 - Dolby) DVD Flick 1.3.0.7 (HKLM\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen) FATE (Version: 2.2.0.82 - WildTangent) Hidden FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes) Gmask 1.70 English (HKLM\...\Gmask 1.70 English) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.) Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden HDMI Control Manager (HKLM\...\{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}) (Version: 2.0 - TOSHIBA CORPORATION) HomePlug AV Ethernet Adapter (HKLM\...\{2DFC446B-8A6E-4EF3-99DF-C89E37DB156D}) (Version: - ) HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photosmart 5520 series Basic Device Software (HKLM\...\{E8ED5ADB-3EB5-4890-85F6-0FEA13A47EEE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 5520 series Help (HKLM\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard) HP Photosmart 5520 series Product Improvement Study (HKLM\...\{B58FBD4F-C69A-41C1-94AC-1A47AD946C91}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard) iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.) Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation) Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation) Intel® Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation) iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.) Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Magic Match - The Genie's Journey (Version: 2.2.0.82 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft redistributable runtime DLLs VS2005(x86) (HKLM\...\{C0DB380B-97B5-4BB8-AC8D-1835E61439B6}) (Version: 1.0.0.0 - SAP) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00 - Microsoft Corporation) Hidden Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.) Monopoly (Version: 2.2.0.82 - WildTangent) Hidden Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 32.0.3 (x86 en-GB) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-GB)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation) NVIDIA PhysX (HKLM\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation) Peggle (Version: 2.2.0.82 - WildTangent) Hidden Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Polar Bowler (Version: 2.2.0.82 - WildTangent) Hidden Polar Golfer (Version: 2.2.0.82 - WildTangent) Hidden QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 15.0) (Version: - RealNetworks) Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5923 - Realtek Semiconductor Corp.) Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden RICOH R5U230 Media Driver ver.2.07.03.02 (HKLM\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.07.03.02 - RICOH) Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) SDFormatter (HKLM\...\{A5355F15-F98B-4704-9BAE-E53B9FE48F48}) (Version: 3.1.0 - SD Association) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.2.10687 - Skype Technologies S.A.) Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SopCast 3.8.3 (HKLM\...\SopCast) (Version: 3.8.3 - www.sopcast.com) Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) TFPU (Version: 1.0.0 - TOSHIBA) Hidden TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.11 - TOSHIBA) TOSHIBA Bulletin Board (HKLM\...\InstallShield_{6B81F4D9-A640-4081-A01D-7CB37F5DF4A4}) (Version: 1.5.05.32 - TOSHIBA Corporation) TOSHIBA Bulletin Board (Version: 1.5.05.32 - TOSHIBA Corporation) Hidden TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.25 - TOSHIBA Corporation) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 - TOSHIBA Corporation) TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.1.04-A - TOSHIBA Corporation) TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.1.12.0 - TOSHIBA Corporation) TOSHIBA eco Utility (Version: 1.1.12.0 - TOSHIBA Corporation) Hidden TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation) TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - TOSHIBA Corporation) Hidden TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.1.3.32 - TOSHIBA Corporation) TOSHIBA Face Recognition (Version: 3.1.3.32 - TOSHIBA Corporation) Hidden TOSHIBA Fingerprint Utility (HKLM\...\TFPU{A7760E07-4C23-4766-A99E-F715F298E99C}) (Version: 1.0.2.18 - TOSHIBA Corporation) TOSHIBA Hardware Setup (HKLM\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0005 - TOSHIBA) TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.3 - TOSHIBA Corporation) TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.3 - TOSHIBA Corporation) TOSHIBA HDD/SSD Alert (Version: 3.1.0.3 - TOSHIBA Corporation) Hidden TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.0.0 - TOSHIBA Corporation) TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 - TOSHIBA Corporation) TOSHIBA ReelTime (HKLM\...\InstallShield_{921F22A4-290B-4B6C-9E8E-B50B58F18ED0}) (Version: 1.5.07.32 - TOSHIBA Corporation) TOSHIBA ReelTime (Version: 1.5.07.32 - TOSHIBA Corporation) Hidden TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA) TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - ) TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - ) TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - ) TOSHIBA Supervisor Password (HKLM\...\{119826A8-4EF6-4BE5-A88B-D2D81FA7CEE2}) (Version: 2.00.0002 - TOSHIBA) TOSHIBA USB Sleep and Charge Utility (HKLM\...\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}) (Version: 1.3.2.0 - TOSHIBA Corporation) TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.32 - TOSHIBA Corporation) TOSHIBA Value Added Package (Version: 1.2.32 - TOSHIBA Corporation) Hidden TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation) TVUPlayer 2.5.3.1 (HKLM\...\TVUPlayer) (Version: 2.5.3.1 - TVU networks) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6

Hi Tomk_ seems like everything looks good after ESET scan. No threats were found. Do appreciate your assistance and guidance on this.

Hi Tomk_ did a scan with Malware and got the following scan result. Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.22.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Matt :: MATT-PC [administrator] 22/1/2013 6:02:38 PM mbam-log-2013-01-22 (18-02-38).txt Scan type: Full scan (C:|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 346211 Time elapsed: 2 hour(s), 16 minute(s), 31 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Incidentally I also ran another test with SuperAntiSpyware and got the following results. SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 01/22/2013 at 09:10 PM Application Version : 5.6.1014 Core Rules Database Version : 9903 Trace Rules Database Version: 7715 Scan type : Complete Scan Total Scan Time : 00:48:27 Operating System Information Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 578 Memory threats detected : 0 Registry items scanned : 39950 Registry threats detected : 0 File items scanned : 48136 File threats detected : 2 Trojan.Agent/Gen-Sisproc C:WINDOWSIFINST27.EXE C:USERSMATTAPPDATAROAMINGMICROSOFTWINDOWSSTART MENUPROGRAMSPITTASOFTBLACKVUEBASICUNINSTALL BLACKVUE.LNK

Hi Tomk_ herein are the scan result from DDS for my Toshiba Notebook. I had done so as SuperAntiSpyware has detected some trojans in my system. Hence, just want to be thoroughly sure that all remnants of anything that might pose a threat to the notebook are thoroughly eradicated. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_29 Run by Matt at 20:29:42 on 2013-01-21 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.65.1033.18.3060.2237 [GMT 8:00] . AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA} SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:windowssystem32wininit.exe C:windowssystem32lsm.exe C:Program FilesFingerprint SensorAtService.exe C:windowssystem32nvvsvc.exe C:WindowsSystem32GFNEXSrv.exe C:windowsSystem32spoolsv.exe C:windowssystem32nvvsvc.exe C:Program FilesTrend MicroUniClientUiFrmWrkuiWatchDog.exe C:Program FilesSUPERAntiSpywareSASCORE.EXE C:Program FilesCommon FilesAdobeARM1.0armsvc.exe C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe C:Program FilesMicrosoft Small BusinessBusiness Contact ManagerBcmSqlStartupSvc.exe C:Program FilesMicrosoftBingDesktopBingDesktopUpdater.exe C:Program FilesBonjourmDNSResponder.exe C:windowssystem32FsUsbExService.Exe C:Program FilesIntelIntel® Management Engine ComponentsLMSLMS.exe c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnsqlservr.exe C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe c:Program FilesMicrosoft SQL Server90Sharedsqlbrowser.exe c:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe C:windowssystem32ThpSrv.exe C:windowssystem32TODDSrv.exe C:Program FilesTOSHIBAPower SaverTosCoSrv.exe C:Program FilesTOSHIBATECOTecoService.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:windowssystem32wbemwmiprvse.exe C:windowssystem32wbemunsecapp.exe C:windowssystem32taskhost.exe C:windowssystem32Dwm.exe C:windowsExplorer.EXE C:Program FilesTrend MicroTitaniumpluginTMASTMAS_WLMTMAS_WLMMon.exe C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe C:windowssystem32SearchIndexer.exe C:Program FilesWindows Media Playerwmpnetwk.exe C:windowssystem32taskeng.exe C:Program FilesTOSHIBAConfigFreeNDSTray.exe C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe C:windowssystem32DllHost.exe C:Program FilesTOSHIBAConfigFreeCFIWmxSvcs.exe C:Program FilesTOSHIBAConfigFreeCFSvcs.exe C:Program FilesIntelIntel® Management Engine ComponentsUNSUNS.exe C:windowssystem32wuauclt.exe C:windowssystem32SearchProtocolHost.exe C:windowssystem32SearchFilterHost.exe C:windowssystem32conhost.exe C:windowssystem32wbemwmiprvse.exe C:windowssystem32svchost.exe -k DcomLaunch C:windowssystem32svchost.exe -k RPCSS C:windowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:windowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:windowssystem32svchost.exe -k netsvcs C:windowssystem32svchost.exe -k LocalService C:windowssystem32svchost.exe -k NetworkService C:windowssystem32svchost.exe -k LocalServiceNoNetwork C:windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:windowssystem32svchost.exe -k imgsvc C:windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:windowsSystem32svchost.exe -k LocalServicePeerNet . ============== Pseudo HJT Report =============== . uStart Page = hxxp://sg.yahoo.com/?p=us uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSAS&bmod=TSAS mStart Page = hxxp://www.google.com mDefault_Page_URL = hxxp://sg.yahoo.com BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:program filesyahoo!companioninstallscpn0yt.dll BHO: TFPUPWDBankBHO Class: {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - c:program filestoshibatfpuTFPUPWDBankBHO.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:program filestrend microamspmodule200042.0.13616.8.1078TmIEPlg.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:programdatarealrealplayerbrowserrecordpluginierpbrowserrecordplugin.dll BHO: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - c:program filestrend microtitaniumuiframeworkToolbarIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogle toolbarGoogleToolbar_32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:program filesmicrosoft officeoffice14URLREDIR.DLL BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - c:program filestrend microamspmodule200027.1.11047.1.1104TmBpIe32.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:program filesjavajre6binjp2ssv.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:program filesyahoo!companioninstallscpn0YTSingleInstance.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:program filesgooglegoogle toolbarGoogleToolbar_32.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:program filesyahoo!companioninstallscpn0yt.dll TB: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - c:program filestrend microtitaniumuiframeworkToolbarIE.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogle toolbarGoogleToolbar_32.dll uRun: [swg] "c:program filesgooglegoogletoolbarnotifierGoogleToolbarNotifier.exe" mRun: [WLM] "c:program filestrend microtitaniumplugintmastmas_wlmTMAS_WLMMon.exe" mRun: [Trend Micro Titanium] "c:program filestrend microtitaniumuiframeworkuiWinMgr.exe" -set Silent "1" SplashURL "" mRun: [Trend Micro Client Framework] "c:program filestrend microuniclientuifrmwrkUIWatchDog.exe" mRun: [Adobe ARM] "c:program filescommon filesadobearm1.0AdobeARM.exe" mRunOnce: [b Register c:program filesdivxdivx plus playerdpxpluginsdpxdfxaudioplugin.dll] "c:windowssystem32rundll32.exe" "c:program filesdivxdivx plus playerdpxpluginsDPXDFXAudioPlugin.dll",DllRegisterServer mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - c:progra~1mif5ba~1office14EXCEL.EXE/3000 IE: Se&nd to OneNote - c:progra~1mif5ba~1office14ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:program fileswindows livewriterWriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:program filesmicrosoft officeoffice14ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:program filesmicrosoft officeoffice14ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces{28FCAA0F-22A2-4822-9D11-E00609EB5AA6} : DHCPNameServer = 203.116.1.94 203.116.254.150 TCP: Interfaces{F748CED6-E33D-4AE4-B0A6-5EE2AAA5BD5D} : DHCPNameServer = 192.168.1.254 TCP: Interfaces{F748CED6-E33D-4AE4-B0A6-5EE2AAA5BD5D}14A747563686131303F573231433 : DHCPNameServer = 192.168.1.254 TCP: Interfaces{F748CED6-E33D-4AE4-B0A6-5EE2AAA5BD5D}14E47454C4350225F4F4D4 : DHCPNameServer = 192.168.1.254 TCP: Interfaces{F748CED6-E33D-4AE4-B0A6-5EE2AAA5BD5D}14E47454C4350284F4D45402 : DHCPNameServer = 192.168.1.254 TCP: Interfaces{F748CED6-E33D-4AE4-B0A6-5EE2AAA5BD5D}84F4D454 : DHCPNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:program filescommon filesmicrosoft sharedoffice14MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:program filescommon filesskypeSkype4COM.dll Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:program filestrend microamspmodule200027.1.11047.1.1104TmBpIe32.dll Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:program filestrend microamspmodule200042.0.13616.8.1078TmIEPlg.dll Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - c:program filestrend microtitaniumuiframeworkToolbarIE.dll Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - c:program filestrend microtitaniumuiframeworkProToolbarIMRatingActiveX.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:program fileswindows livephoto galleryAlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:program filesgooglechromeapplication24.0.1312.52installersetup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:usersmattappdataroamingmozillafirefoxprofiles4s4eywhw.default FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://sg.yahoo.com/ FF - plugin: c:progra~1mif5ba~1office14NPAUTHZ.DLL FF - plugin: c:progra~1mif5ba~1office14NPSPWRAP.DLL FF - plugin: c:program filesadobereader 10.0readerairnppdf32.dll FF - plugin: c:program filesdivxdivx ovs helpernpovshelper.dll FF - plugin: c:program filesgoogleupdate1.3.21.123npGoogleUpdate3.dll FF - plugin: c:program filesjavajre6binnew_pluginnpdeployJava1.dll FF - plugin: c:program filesmicrosoft silverlight4.1.10329.0npctrlui.dll FF - plugin: c:program filesmozilla firefoxpluginsnpdeployJava1.dll FF - plugin: c:program filestrend microtitaniumuiframeworktoolbarfirefoxextensioncomponentsnpToolbarChrome.dll FF - plugin: c:program filestvuplayernpTVUAx.dll FF - plugin: c:program filesveetleplayernpvlc.dll FF - plugin: c:program filesveetlepluginsnpVeetle.dll FF - plugin: c:program filesveetlevlcbroadcastnpvbp.dll FF - plugin: c:program fileswindows livephoto galleryNPWLPG.dll FF - plugin: c:programdatarealrealplayerbrowserrecordpluginmozillapluginsnprpchromebrowserrecordext.dll FF - plugin: c:programdatarealrealplayerbrowserrecordpluginmozillapluginsnprphtml5videoshim.dll FF - plugin: c:windowssystem32macromedflashNPSWF32_11_5_502_146.dll . ============= SERVICES / DRIVERS =============== . R0 Thpdrv;TOSHIBA HDD Protection Driver;c:windowssystem32driversthpdrv.sys [2009-6-30 30272] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:windowssystem32driversThpevm.sys [2009-6-30 13120] R1 SASDIFSV;SASDIFSV;c:program filessuperantispywaresasdifsv.sys [2011-7-23 12880] R1 SASKUTIL;SASKUTIL;c:program filessuperantispywareSASKUTIL.SYS [2011-7-13 67664] R1 tmevtmgr;tmevtmgr;c:windowssystem32driverstmevtmgr.sys [2012-8-5 76648] R2 !SASCORE;SAS Core Service;c:program filessuperantispywareSASCore.exe [2012-7-12 116608] R2 ATService;AuthenTec Fingerprint Service;c:program filesfingerprint sensorAtService.exe [2009-10-24 1811704] R2 BingDesktopUpdate;Bing Desktop Update service;c:program filesmicrosoftbingdesktopBingDesktopUpdater.exe [2012-11-22 166424] R2 cfWiMAXService;ConfigFree WiMAX Service;c:program filestoshibaconfigfreeCFIWmxSvcs.exe [2009-10-28 185712] R2 ConfigFree Service;ConfigFree Service;c:program filestoshibaconfigfreeCFSvcs.exe [2009-3-11 46448] R2 FsUsbExService;FsUsbExService;c:windowssystem32FsUsbExService.Exe [2010-7-6 233472] R2 GFNEXSrv;GFNEX Service;c:windowssystem32GFNEXSrv.exe [2010-4-13 132408] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:program filesintelintel® rapid storage technologyIAStorDataMgrSvc.exe [2010-4-13 13336] R2 rimspci;rimspci;c:windowssystem32driversrimspe86.sys [2010-4-13 47104] R2 risdpcie;risdpcie;c:windowssystem32driversrisdpe86.sys [2010-4-13 49152] R2 rixdpcie;rixdpcie;c:windowssystem32driversrixdpe86.sys [2010-4-13 38400] R2 Skype C2C Service;Skype C2C Service;c:programdataskypetoolbarsskype c2c servicec2c_service.exe [2012-8-13 3064000] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:program filestoshibatecoTecoService.exe [2009-9-29 185712] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:windowssystem32driversTVALZFL.sys [2009-6-20 12920] R2 UNS;Intel® Management & Security Application User Notification Service;c:program filesintelintel® management engine componentsunsUNS.exe [2010-4-13 2314240] R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:windowssystem32driversATSwpWDF.sys [2010-4-13 659328] R3 FsUsbExDisk;FsUsbExDisk;c:windowssystem32FsUsbExDisk.Sys [2010-7-6 36608] R3 Impcd;Impcd;c:windowssystem32driversImpcd.sys [2009-10-27 125696] R3 PGEffect;Pangu effect driver;c:windowssystem32driversPGEffect.sys [2010-4-13 24064] R3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32driversRt86win7.sys [2011-6-10 394856] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:windowssystem32driversrtl8192se.sys [2010-4-26 1011232] R3 tmeevw;tmeevw;c:windowssystem32driverstmeevw.sys [2012-8-5 55056] R3 tmnciesc;tmnciesc;c:windowssystem32driverstmnciesc.sys [2012-8-5 171280] S2 Amsp;Trend Micro Solution Platform;c:program filestrend microamspcoreServiceShell.exe [2012-8-5 200632] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:program filesskypeupdaterUpdater.exe [2012-7-13 160944] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2009-7-14 229888] S3 Netaapl;Apple Mobile Device Ethernet Service;c:windowssystem32driversnetaapl.sys [2011-5-10 18432] S3 TMachInfo;TMachInfo;c:program filestoshibatoshiba service stationTMachInfo.exe [2010-4-13 51512] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:program filestoshibatoshiba hdd ssd alertTosSmartSrv.exe [2009-9-18 111960] S3 TPCHSrv;TPCH Service;c:program filestoshibatphmTPCHSrv.exe [2009-10-31 677232] S3 TsUsbFlt;TsUsbFlt;c:windowssystem32driversTsUsbFlt.sys [2011-7-3 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32watWatAdminSvc.exe [2010-6-20 1343400] . =============== Created Last 30 ================ . 2013-01-21 12:27:35 -------- d-----w- c:usersmattappdatalocal{8CDEC0EA-1F89-4724-B45D-E93AEFFEAA15} 2013-01-17 12:14:19 -------- d-----w- c:usersmattappdatalocal{9BC89241-94C6-4676-8F2F-DE773D97CDC5} 2013-01-15 12:48:55 -------- d-----w- c:usersmattappdatalocal{C9CE3C22-6CD0-4C80-945C-DA290CCB2F8C} 2013-01-09 12:41:51 626688 ----a-w- c:windowssystem32usp10.dll 2013-01-09 12:41:11 492032 ----a-w- c:windowssystem32win32spl.dll 2013-01-06 03:17:40 -------- d-----w- c:usersmattappdatalocalPrograms 2013-01-03 13:03:50 -------- d-----w- c:usersmattappdatalocal{EC34A816-756E-4909-8478-242E430CFFD3} 2013-01-01 01:45:48 -------- d-----w- c:usersmattappdatalocal{9E6EB1EB-92C1-4951-9E2A-EDFD61C6A8CC} 2012-12-31 02:44:32 -------- d-----w- c:usersmattappdatalocal{4EFC01C1-E43E-4101-A2DC-512ED380329F} 2012-12-30 13:02:30 -------- d-----w- c:usersmattappdatalocal{063CD621-2312-4EA4-9BC8-4CBA6219F658} 2012-12-30 01:02:03 -------- d-----w- c:usersmattappdatalocal{D32F5634-F1CF-4FAF-90C7-CB320FA12962} 2012-12-29 02:06:35 -------- d-----w- c:usersmattappdataroamingSUPERAntiSpyware.com 2012-12-29 02:06:16 -------- d-----w- c:program filesSUPERAntiSpyware 2012-12-29 02:06:15 -------- d-----w- c:programdataSUPERAntiSpyware.com 2012-12-29 02:00:16 -------- d-----w- c:usersmattappdatalocal{707C3217-F59D-41C0-8E90-8DF440EACACB} 2012-12-28 11:18:32 -------- d-----w- c:usersmattappdatalocal{F36368CD-A694-4C29-8E3F-FFC440E2A4D4} 2012-12-27 10:42:03 -------- d-----w- c:usersmattappdatalocal{810DDA05-07C4-4EBE-BDA2-ED4724B595EB} 2012-12-26 10:33:59 -------- d-----w- c:usersmattappdatalocal{7033B61C-DB58-4336-B39C-6D3AA3C79355} 2012-12-25 01:01:43 -------- d-----w- c:usersmattappdatalocal{CA3D682E-949C-430E-B5A8-C82767F4213F} 2012-12-24 02:30:00 -------- d-----w- c:usersmattappdatalocal{4D48A3F6-6A42-4FDC-B6B6-B8C85B1F9D88} . ==================== Find3M ==================== . 2013-01-12 05:14:24 74248 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2013-01-12 05:14:24 697864 ----a-w- c:windowssystem32FlashPlayerApp.exe 2012-12-17 10:56:42 65536 ----a-w- c:windowsIFinst27.exe 2012-12-16 14:13:28 295424 ----a-w- c:windowssystem32atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- c:windowssystem32atmlib.dll 2012-12-14 08:49:28 21104 ----a-w- c:windowssystem32driversmbam.sys 2012-12-07 12:26:17 308736 ----a-w- c:windowssystem32Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- c:windowssystem32gameux.dll 2012-11-30 04:53:34 169984 ----a-w- c:windowssystem32winsrv.dll 2012-11-30 04:47:45 293376 ----a-w- c:windowssystem32KernelBase.dll 2012-11-30 02:55:25 271360 ----a-w- c:windowssystem32conhost.exe 2012-11-30 02:38:59 6144 ---ha-w- c:windowssystem32api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- c:windowssystem32api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- c:windowssystem32api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- c:windowssystem32api-ms-win-core-util-l1-1-0.dll 2012-11-23 02:56:23 2345984 ----a-w- c:windowssystem32win32k.sys 2012-11-23 02:48:41 49152 ----a-w- c:windowssystem32taskhost.exe 2012-11-20 04:51:09 220160 ----a-w- c:windowssystem32ncrypt.dll 2012-11-14 02:09:22 1800704 ----a-w- c:windowssystem32jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- c:windowssystem32inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- c:windowssystem32wininet.dll 2012-11-14 01:49:25 142848 ----a-w- c:windowssystem32ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- c:windowssystem32vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- c:windowssystem32mshtml.tlb 2012-11-09 04:42:49 2048 ----a-w- c:windowssystem32tzres.dll 2012-11-02 05:11:31 376832 ----a-w- c:windowssystem32dpnet.dll 2012-11-01 04:47:54 1389568 ----a-w- c:windowssystem32msxml6.dll 2012-10-24 19:12:26 94208 ----a-w- c:windowssystem32QuickTimeVR.qtx 2012-10-24 19:12:26 69632 ----a-w- c:windowssystem32QuickTime.qts . ============= FINISH: 20:30:41.18 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume1 Install Date: 19/6/2010 7:07:06 PM System Uptime: 21/1/2013 7:59:40 PM (1 hours ago) . Motherboard: TOSHIBA | | JPTR Processor: Intel® Core i5 CPU M 430 @ 2.27GHz | CPU 1 | 1178/533mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 453 GiB total, 381.21 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP516: 31/12/2012 7:10:09 PM - Windows Update RP517: 1/1/2013 11:38:06 AM - Windows Update RP518: 2/1/2013 6:13:38 PM - Windows Update RP519: 2/1/2013 8:44:12 PM - Windows Update RP520: 3/1/2013 9:35:20 PM - Windows Update RP521: 5/1/2013 9:16:22 AM - Windows Update RP522: 5/1/2013 11:37:51 AM - Windows Update RP523: 6/1/2013 11:33:01 AM - Windows Update RP524: 7/1/2013 9:17:30 PM - Windows Update RP525: 10/1/2013 6:17:07 PM - Windows Update RP526: 10/1/2013 6:29:29 PM - Windows Update RP527: 13/1/2013 9:54:12 AM - Windows Update RP528: 13/1/2013 10:03:45 AM - Windows Update RP529: 13/1/2013 10:32:54 AM - Windows Update RP530: 16/1/2013 6:31:06 PM - Windows Update RP531: 16/1/2013 9:13:12 PM - Windows Update RP532: 17/1/2013 8:57:13 PM - Windows Update RP533: 18/1/2013 9:10:35 PM - Windows Update RP534: 19/1/2013 10:53:58 AM - Windows Update RP535: 20/1/2013 11:13:16 AM - Windows Update . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.5) Apple Application Support Apple Mobile Device Support Apple Software Update AuthenTec Fingerprint Software Bejeweled 2 Deluxe Bing Desktop BlackVue Bluetooth Stack for Windows by Toshiba Bonjour Business Contact Manager for Outlook 2007 SP2 Canon MP250 series MP Drivers CCleaner Chinese Simplified Fonts Support For Adobe Reader X Chuzzle Deluxe D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition DivX Setup DivX Web Player Dolby Control Center DVD Flick 1.3.0.7 ESET Online Scanner v3 FATE Google Chrome Google Toolbar for Internet Explorer Google Update Helper Graboid Video 2.4 HDMI Control Manager HomePlug AV Ethernet Adapter iCloud Intel® Control Center Intel® Management Engine Components Intel® Rapid Storage Technology Intel® Turbo Boost Technology Driver iTunes Java Auto Updater Java 6 Update 29 Junk Mail filter update Magic Match - The Genie's Journey Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Small Business Connectivity Components Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2010 Microsoft redistributable runtime DLLs VS2005(x86) Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MobileMe Control Panel Monopoly Mozilla Firefox 18.0.1 (x86 en-GB) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NVIDIA Drivers NVIDIA PhysX Peggle PlayReady PC Runtime x86 Polar Bowler Polar Golfer QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek 8136 8168 8169 Ethernet Driver Realtek High Definition Audio Driver Realtek WLAN Driver RealUpgrade 1.1 RICOH R5U230 Media Driver ver.2.07.03.02 Safari SAMSUNG Mobile Composite Device Software Samsung Mobile Modem Device Software SAMSUNG Mobile Modem V2 Software Samsung Mobile phone USB driver Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software SAMSUNG USB Mobile Device Software SDFormatter Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Skype Click to Call Skype™ 5.10 SopCast 3.4.0 SUPERAntiSpyware TFPU TOSHIBA Assist TOSHIBA Bulletin Board TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA DVD PLAYER TOSHIBA eco Utility TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Face Recognition TOSHIBA Fingerprint Utility TOSHIBA Hardware Setup TOSHIBA HDD Protection TOSHIBA HDD/SSD Alert TOSHIBA PC Health Monitor TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA USB Sleep and Charge Utility TOSHIBA Value Added Package TOSHIBA Web Camera Application Trend Micro Titanium Trend Micro Titanium Maximum Security 2012 TVUPlayer 2.5.3.1 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition VC80CRTRedist - 8.0.50727.4053 Veetle TV VLC media player 2.0.5 vShare.tv plugin 1.3 WildTangent Games WildTangent ORB Game Console Windows Driver Package - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR archiver Yahoo! Messenger Yahoo! Search Protection Yahoo! Software Update Yahoo! Toolbar Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 20/1/2013 11:13:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office PowerPoint 2007 (KB2596764). 18/1/2013 5:26:01 PM, Error: iaStor [9] - The device, DeviceIdeiaStor0, did not respond within the timeout period. . ==== End Of File ===========================

Thanks Tomk_ couldn't have done it without your guidance. Btw, how do I remove JRT as I can't locate the uninstall software in Programs?