Hi, looks like something new. Let me know what problems remain after this
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
CreateRestorePoint:
FF NewTab: C:\\ProgramData\\Medlights\\ff.NT
FF DefaultSearchEngine: findit
FF Session Restore: -> is enabled.
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrOyX9OVDZ8PVFmvvzWsTpdw6pLv3tc8uZEWWibLgunty57lIpa7u2E5VGVqRBjL_nf5Q_uMpQiHnhc095S5V2283IrWwNH7qCltpyqRppFEPmIsPk9aBe3QbbQ8r22GThBw-kt6P473-qD3u0e2UqT-wSA,,
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrOyX9OVDZ8PVFmvvzWsTpdw6pLv3tc8uZEWWibLgunty57lIpa7u2E5VGVqRBjL_nf5Q_uMpQiHnhc0xkXqCo4blV257esngREQ8gpN5EXweHT7i1oEYBVDkaYDG63ON1CjhaBgJoHJqAQSb5le7Iq4Yig,,&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR Session Restore: Default -> is enabled.
AppInit_DLLs: C:\ProgramData\Medlight\Refax.dll => C:\ProgramData\Medlight\Refax.dll [518656 2015-10-25] ()
AppInit_DLLs-x32: C:\ProgramData\Medlight\GoldSanlux.dll => C:\ProgramData\Medlight\GoldSanlux.dll [320512 2015-10-25] ()
S2 Medlight; C:\ProgramData\\Medlight\\Medlight.exe -f "C:\ProgramData\\Medlight\\Medlight.dat" -l -a
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
2015-10-25 23:40 - 2015-10-25 23:40 - 00003570 _____ C:\Windows\System32\Tasks\{4EB32829-063B-4A76-901A-3E1C876F824E}
2015-10-25 22:55 - 2015-10-25 23:01 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-25 22:40 - 2015-10-25 22:40 - 00004002 _____ C:\Windows\System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B}
2015-04-19 14:20 - 2015-10-26 05:07 - 0000626 _____ () C:\Users\Scinzon\AppData\Roaming\fYxqsnXJredkAHYaPJ
2015-04-14 18:28 - 2015-10-26 05:07 - 0001171 _____ () C:\Users\Scinzon\AppData\Roaming\MPiiDIKbW7w
2015-10-25 23:01 - 2015-10-25 23:01 - 0000187 _____ () C:\Users\Scinzon\AppData\Local\Planetjob.exe.config
2015-10-25 23:05 - 2015-10-25 23:05 - 0000187 _____ () C:\Users\Scinzon\AppData\Local\Silcan.exe.config
2015-08-17 03:45 - 2015-08-17 03:45 - 0000026 ____H () C:\ProgramData\.811261211181235583101118113995
2015-10-29 23:32 - 2015-10-29 23:32 - 0259202 _____ () C:\ProgramData\1446154124.bdinstall.bin
Task: {69411ADC-CDE3-4300-BCCC-3E850873A902} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe
Task: {9126B515-9B05-4202-8B2A-15A6D917731F} - System32\Tasks\{4EB32829-063B-4A76-901A-3E1C876F824E} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Ozerdex\uninstall.exe" -c -f "C:\Program Files (x86)\Common Files\Ozerdex\uninstall.dat" -a uninstallme 32C824C5-E712-46E4-9ABD-33BE37C982DD DeviceId=be30f615-3ea5-f5dd-26e0-8adf9e0b628c BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev
AlternateDataStreams: C:\Windows\SysWOW64\sh4native.exe:BDU
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Scinzon\Downloads\adwcleaner_5.014.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\Apache_OpenOffice_4.1.1_Win_x86_langpack_en-US.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\avast_free_antivirus_setup_online.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\FFSetup3.7.5.0.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\Firefox Setup Stub 41.0.2.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\flashplayer17_ha_install.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\free_mts_m2ts_converter.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\GeForce_Experience_v2.4.1.21.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\googleupdatesetup.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\jdk-8u60-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\K-Lite_Codec_Pack_1105_Mega.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\mbam-setup-sem-2.1.6.1022.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\mts-converter.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\OriginThinSetup.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\setup-network-utilities.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\setup.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\SketchUpMake-en-x64.exe:BDU
AlternateDataStreams: C:\Users\Scinzon\Downloads\SkypeSetupFull.exe:BDU
C:\ProgramData\Medlight
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
