Jump to content

Malware Removed and computer will not reboot


Recommended Posts

Computer:  Dell Inspiron

OS:  Windows Vista 32 bit

 

Yesterday one of the computers in my fire station showed a false virus removal notification and search engine / home page options were changed automatically for browser.

 

I booted into safe mode and did a scan.  We have Malwarebytes Pro but I noticed that real time protection had been disabled.

 

After the scan I noticed 374 items infected and performed a reboot to finish their removal.  The computer went into restart but only showed a black screen on restart with power light button blinking.

 

I powered down and tried again and at the time could not even get into safe mode...... as soon as power up started got no Windows logo on screen just black with power button blinking and screen went into power save mode. 

 

I left the computer off for a bit and restarted (this time I was able to get in to safe mode with networking)

 

I cannot find any log for the scan that was done yesterday .... only thing in the log files folder is a "protection log:" and nothing on what was found and removed.

 

I do have an available restore point from 4 days ago but did not try that yet because I wanted to see if there were any other options right now.  Obviously if a do a system restore the infected items will just return

 

Any input would be appreciated. 

Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
     
    
Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 
We will have to work outside windows to try to fix your problem:
 
 
 
Please download Farbar Recovery Scan Tool and save it to a flash drive.

  • Plug the flashdrive into the infected PC.
  • Restart your computer and tap F8 to bring up the Advanced Menu, then click Repair your computer
  • Follow the prompt to enter keyboard input method, and then the prompt to enter a password. If the machine does not have a password, simply click Enter.
  • In the Choose Recovery Tool menu select Command Prompt.
  • You will see a big black window with a blinking cursor (command prompt).
     
     
     
    notepad.png Access the notepad and identify your USB drive
     
    In the Command Prompt please type in:
    notepad
    and press Enter.
  • When the notepad opens, go to File menu.
  • Select Open.
  • Go to Computer and search there for your USB drive letter.
  • Note down the letter and close the notepad.
     
     
     
    FRST.gif Scan with Farbar Recovery Scan Tool
     
    Once back in the command prompt window, please do the following:
  • Type in e:\frst.exe and press Enter.
    You need to replace e with the letter of your USB drive taken from notepad!
  • FRST will start to run. Give him a minute or so to load itself.
  • Click Yes to Disclaimer.
  • In the main console, please click Scan and wait.
  • When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.
     
    Transfer it to your clean machine and include it in your next reply.
Link to post
Share on other sites

Ok will get on that right now.   Also I was able to initiate another scan in Safe Mode and it found no viruses today....I was able to find the log from after the scan yesterday when problem started.   Here it is ..... also will popst rest of info after following your steps

 

Malwarebytes Anti-Malware (Corporate) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.09.28.02

Windows Vista Service Pack 2 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
ski :: CHIEF [administrator]

Protection: Disabled

9/28/2014 6:32:45 AM
mbam-log-2014-09-28 (06-32-45).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 508766
Time elapsed: 1 hour(s), 9 minute(s), 9 second(s)

Memory Processes Detected: 1
C:\Program Files\Mezaa\MZA.exe (PUP.Optional.Mezza) -> 1336 -> Delete on reboot.

Memory Modules Detected: 1
C:\Program Files\Settings Manager\smdmf\sysapcrt.dll (PUP.Optional.SettingsManager.A) -> Delete on reboot.

Registry Keys Detected: 97
HKCR\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKCR\Linkey.Linkey (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47} (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKCR\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3} (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\MezvcV1 (PUP.Optional.Mezaa) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\SmdmFService (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\VideoDownloadConverter_4zService (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{c547c6c2-561b-4169-a2a5-20ba771ca93b} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{312f84fb-8970-4fd3-bddb-7012eac4afc9} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Firefox (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921} (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{3719959c-1ccd-4fa7-8ebb-7d9ded86fccb} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\TypeLib\{37923200-6887-4b44-95d4-cae8f83ecfee} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\Interface\{35144E32-8E4C-4152-9B8C-3E2D4B46228E} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.ToolbarProtector.1 (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.ToolbarProtector (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{dd385519-22e7-4be2-8a8d-35c66df4858e} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ca723163-6fad-43d4-8b93-0d8c52bd9974} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{69407823-3494-4400-8d49-612549e8f4ee} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\TypeLib\{886f93ad-3cbb-4424-8442-a7340243540f} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{8fca5302-6d6d-4645-bf99-d43cf76ce474} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\TypeLib\{aa289dbc-59b6-40a5-ac7d-c90df850289c} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.FeedManager.1 (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.FeedManager (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.HTMLMenu.1 (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.HTMLMenu (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{2a1260c1-2964-453f-b0ba-fa429472eb5f} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\TypeLib\{2d3826a1-f3e8-45d6-94b5-c26d8ec0073b} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{4128c64d-f0dd-4811-9405-d22294e8151f} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.MultipleButton.1 (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.MultipleButton (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{363d5c92-10dc-4287-93e5-1832eecc48ec} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.ScriptButton.1 (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.ScriptButton (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{1f6f39c1-00a8-4752-a94c-d0ea92d978b6} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\TypeLib\{fe8dbb09-c3d3-4477-80cb-d38914b94bb8} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.PseudoTransparentPlugin.1 (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.PseudoTransparentPlugin (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\CLSID\{5354d921-3f52-47c5-938d-77a2fb6defe7} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\TypeLib\{3ee17dd1-e28b-4aed-a3b2-9c29cb2c19d6} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.HTMLPanel.1 (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.HTMLPanel (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\MezvcV2 (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774} (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
HKCR\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2} (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\MZA (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mezaa (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SmdmF (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\VideoDownloadConverter_4z (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\kheelobnibmchifldedamogdmhemfjio (PUP.Optional.TrustWorthy.A) -> Quarantined and deleted successfully.
HKCU\Software\Mezaa (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\LINKEY (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Mezaa (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SmdmF (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\VideoDownloadConverter_4z (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\kheelobnibmchifldedamogdmhemfjio (PUP.Optional.TrustWorthy.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\LINKEY (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MZA (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
HKCR\CLSID\{ed345812-2722-4dca-9976-d01832db44ee} (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{f1f328eb-f5a5-432b-a54c-05f3ef5b0bd8} (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKCR\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4} (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.ThirdPartyInstaller.1 (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKCR\VideoDownloadConverter_4z.ThirdPartyInstaller (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE} (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1} (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1} (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B} (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
HKCR\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264} (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A9119622 (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.

Registry Values Detected: 12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|VideoDownloadConverter EPM Support (PUP.Optional.MindSpark) -> Data: "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zmedint.exe" T8EPMSUP.DLL,S -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|VideoDownloadConverter AppIntegrator 32-bit (PUP.Optional.MindSpark) -> Data: C:\PROGRA~1\VIDEOD~2\bar\1.bin\AppIntegrator.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|VideoDownloadConverter Search Scope Monitor (PUP.Optional.MindSpark) -> Data: "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{93A3111F-4F74-4ED8-895E-D9708497629E} (PUP.Optional.MindSpark) -> Data:  -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{48586425-6BB7-4F51-8DC6-38C88E3EBB58} (PUP.Optional.MindSpark.A) -> Data:  -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{93a3111f-4f74-4ed8-895e-d9708497629e} (PUP.Optional.Mindspark.A) -> Data:  -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} (PUP.Optional.MindSpark.A) -> Data:  -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Mezaa Tray (PUP.Optional.Mezza) -> Data: "C:\Program Files\Mezaa\MezaaTray.exe" -> Quarantined and deleted successfully.
HKCU\Software\Linkey|browsers (PUP.Optional.Linkey.A) -> Data: chrome,ff,ie -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Linkey|ie_jsurl (PUP.Optional.Linkey.A) -> Data: http://app.linkeyproject.com/popup/IE/background.js -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls|x86 (PUP.Optional.SettingsManager) -> Data: C:\Program Files\Settings Manager\smdmf\sysapcrt.dll -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls|x64 (PUP.Optional.SettingsManager) -> Data: c:\program files\settings manager\smdmf\x64\sysapcrt.dll -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Linkey.A) -> Bad: (C:\Users\ski\AppData\Local\Linkey\IEEXTE~1\iedll.dll) Good: () -> Quarantined and repaired successfully.

Folders Detected: 34
C:\Users\ski\AppData\Local\Linkey (PUP.Optional.Linkey) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\Linkey\ChromeExtension (PUP.Optional.Linkey) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\Linkey\IEExtension (PUP.Optional.Linkey) -> Quarantined and deleted successfully.
C:\ProgramData\Mezaa (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa (PUP.Optional.Mezza) -> Delete on reboot.
C:\Users\ski\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\OpenCandy\69E982465E454336AB8A0E607C37B5D8 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\OpenCandy\EE84DE5EEF9D42DD882162B08EA746EB (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\DataMngr (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\assists (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\assists\ie_default_search_provider (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\assists\ie_enable (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\chrome (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\ThirdPartyInstallers (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\assists (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\gen1 (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\Message (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\Settings (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf (PUP.Optional.SettingsManager.A) -> Delete on reboot.
C:\Users\ski\AppData\Roaming\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\ProgramData\smdmf (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.

Files Detected: 229
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zmedint.exe (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\APPINTEGRATOR.EXE (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\Linkey\IEExtension\iedll.dll (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\MezaaSvc.exe (PUP.Optional.Mezaa) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\SmdmFService.exe (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-28443999-1303275792-418962662-1003\$RJ2WSZM.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\MezaaUp.exe (PUP.Optional.Mezaa) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\smdmf.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\smdmfu.exe (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\tbicon.exe (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\Uninstall.exe (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbprtct.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zdatact.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zdlghk.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zdlghk64.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zfeedmg.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zhighin.exe (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zhkstub.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zhtmlmu.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zhttpct.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zidle.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zmlbtn.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zPlugin.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zregfft.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zreghk.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zregiet.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zscript.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zskin.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zskplay.exe (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zsrchmr.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\AppIntegrator64.exe (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\APPINTEGRATORSTUB.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\AppIntegratorStub64.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\ASSISTMONITOR.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\ASSISTMONITOR64.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\CREXT.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\CrExtP4z.exe (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\DPNMNGR.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\FF-NativeMessagingDispatcher.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\HKFXMGR.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\HKFXMGR64.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\HPG.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\Hpg64.dll (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\T8EPMSUP.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\T8EXTEX.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\T8EXTPEX.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\T8HTML.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\T8RES.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\T8TICKER.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\TOOLBARGUARD.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\TOOLBARGUARD64.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\VERIFY.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\assists\ie_enable\ARBITER.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\assists\ie_enable\ARBITER64.DLL (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\iLivid\msvcr100.dll (PUP.Optional.SearchSuite) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\Linkey\LinkeyDeals.exe (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\Linkey\Uninstall.exe (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\Linkey\IEExtension\iedll64.dll (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF10.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF11.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF12.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF13.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF14.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF15.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF16.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF17.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF18.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF19.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF2.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF20.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF21.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF22.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF23.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF24.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF25.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF26.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF27.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF28.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF29.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF30.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF31.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF32.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF4.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF5.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF6.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF7.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF8.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF9.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\OpenCandy\69E982465E454336AB8A0E607C37B5D8\SettingsManagerSetup.exe (PUP.Optional.Linkey.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\OpenCandy\EE84DE5EEF9D42DD882162B08EA746EB\MZAAppSetupx30001.exe (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Users\ski\Downloads\VideoDownloadConvert.exe (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\CRE\kheelobnibmchifldedamogdmhemfjio.crx (PUP.Optional.TrustWorthy.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\Linkey\Helper.dll (PUP.Optional.Linkey) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\Linkey\log.log (PUP.Optional.Linkey) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx (PUP.Optional.Linkey) -> Quarantined and deleted successfully.
C:\ProgramData\Mezaa\mezaa.log (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\ProgramData\Mezaa\config.mezaa (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\ProgramData\Mezaa\Logo.ico (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\install.log (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\DynLib.dll (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\Interop.PCProxyLib.dll (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\mezaa-win-upgrader.exe (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\Mezaa.Library.dll (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\Mezaa.Service.exe (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\MezaaControl.exe (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\MezaaTray.exe (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\MLSP.exe (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\MLSP.ini (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\MLSP64.exe (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\MZA.dll (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\MZA.exe (PUP.Optional.Mezza) -> Delete on reboot.
C:\Program Files\Mezaa\MZA64.dll (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\PAD_FILE.xml (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mezaa\Uninstall.exe (PUP.Optional.Mezza) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml (PUP.Optional.DefaultSearch.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\13164.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\1707.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\17781.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\19373.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\2229.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\413.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\4436.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\4438.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\4489.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\450.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\5221.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\5405.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\6574.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\8954.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\9432.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\9788.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\9868.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\wlu.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4ztpinst.dll (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\BOOTSTRAP.JS (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\CHROME.MANIFEST (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\INSTALL.RDF (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\installKeys.js (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\LOGO.BMP (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\TPIMANAGERCONSOLE.EXE (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\assists\ie_default_search_provider\CONFIG.XML (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\assists\ie_enable\CONFIG.XML (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\chrome\4zffxtbr.jar (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\assists\COMMON.T8S (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\gen1\COMMON.T8S (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\Message\COMMON.T8S (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\Settings\s_pid.dat (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\8_step1.gif (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\anemone.js (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\bd_grad.gif (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\hpguard.js (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\hpguard1.htm (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\hpguard2.htm (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\hpp_ok.png (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\hpp_x.png (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\hpp_x2.png (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\index.htm (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\localizedStrings.js (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\mid_dots.gif (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\mws_logo.gif (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\protect.htm (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\rebut4b.htm (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\shield.png (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\stop.gif (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\systrayp.htm (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\tbguard1.htm (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\tbguard2.htm (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\LocalLow\VideoDownloadConverter_4z\bar\Message\COMMON\tp_grad.gif (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\favicon.ico (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\Helper.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\Internet Explorer Settings.exe (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\smdmfbho.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\smdmfldr.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\smdmfldr_u.dll (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\smdmfmgrc2.cfg (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Program Files\Settings Manager\smdmf\sysapcrt.dll (PUP.Optional.SettingsManager.A) -> Delete on reboot.
C:\ProgramData\smdmf\coordinator.cfg (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\ProgramData\smdmf\general.cfg (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\ProgramData\smdmf\S-1-5-21-28443999-1303275792-418962662-1003.cfg (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\ProgramData\smdmf\stats.cfg (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\chrome.manifest (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\install.rdf (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF.xpt (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\DnsBHO.js (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\Error404BHO.js (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\MainBHO.js (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\NativeHelper.js (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\NewTabBHO.js (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\overlay.js (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\overlay.xul (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\RelatedSearch.js (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\RequestPreserver.js (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\SearchBHO.js (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.
C:\Users\ski\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\SettingManager.js (PUP.Optional.SettingsManager.A) -> Quarantined and deleted successfully.

(end)
 

Link to post
Share on other sites

Let's scan your PC with FRST tool from Safe Mode. You can enter Safe Mode with Networking in order to download it.
 
 
 
 
Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

I already ran the FRST tool from the "Repair Computer" section at the command prompt

Here are the results...

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-09-2014 02
Ran by SYSTEM on MINWINPC on 29-09-2014 10:22:51
Running from e:\
Platform: Windows Vista Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [ECenter] => C:\Dell\E-Center\EULALauncher.exe
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4706304 2008-03-06] (Realtek Semiconductor)
HKLM\...\Run: [startCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-26] (Google)
HKLM\...\Run: [dscactivate] => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( )
HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [132392 2008-01-14] (CyberLink Corp.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2008-07-24] (LogMeIn, Inc.)
HKLM\...\Run: [HostManager] => C:\Program Files\Common Files\AOL\1227109769\ee\AOLSoftware.exe [41800 2010-03-07] (AOL Inc.)
HKLM\...\Run: [intuit SyncManager] => C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe [3761464 2013-09-30] (Intuit Inc. All rights reserved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\ski\...\Run: [iSUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [206112 2008-10-24] (Macrovision Corporation)
HKU\ski\...\Run: [PC Ultra Speed] => C:\Program Files\PC Ultra Speed\PCUSLauncher.exe [94352 2011-07-21] ()
HKU\ski\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-11-14] (Google Inc.)
HKU\ski\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKU\ski\...\Run: [AOL Fast Start] => C:\Program Files\AOL Desktop 9.6\AOL.EXE [42320 2011-01-13] (AOL Inc.)
HKU\ski\...\Run: [iLivid] => C:\Users\ski\AppData\Local\iLivid\iLivid.exe [7913472 2014-05-25] (Bandoo Media Inc.)
HKU\ski\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe -update activex
HKU\ski\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\ski\...\Policies\Explorer: [HideSCAHealth] 1
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
BootExecute: autocheck autochk * lsdelete

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
S2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-05-02] (Stardock Corporation)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-03-14] (Freemake)
S2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-26] (Google)
S2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2008-01-20] (Microsoft Corporation)
S3 Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1355968 2011-06-16] (Lavasoft)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
S2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2011-06-30] (Intuit Inc.)
S2 SFUSVC; C:\Program Files\Kyocera Mita\FileUtility\SFUSVC.exe [61440 2003-09-16] (KYOCERA MITA CORPORATION)
S2 TorchCrashHandler; C:\Users\ski\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-08-27] (TorchMedia Inc.) <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2010-09-20] (Lavasoft AB)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 PTDUBus; C:\Windows\System32\DRIVERS\PTDUBus.sys [33024 2008-08-10] (DEVGURU Co,LTD.)
S3 PTDUMdm; C:\Windows\System32\DRIVERS\PTDUMdm.sys [41344 2008-08-10] (DEVGURU Co,LTD.)
S3 PTDUVsp; C:\Windows\System32\DRIVERS\PTDUVsp.sys [39936 2008-08-10] (DEVGURU Co,LTD.)
S3 PTDUWWAN; C:\Windows\System32\DRIVERS\PTDUWWAN.sys [59904 2008-08-10] (DEVGURU Co,LTD.)
S2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-03-06] (Windows ® Codename Longhorn DDK provider)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-29] (America Online, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 LMIRfsClientNP; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 10:22 - 2014-09-29 10:22 - 00000000 ____D () C:\FRST
2014-09-28 06:40 - 2014-09-28 07:03 - 2954572342 _____ () C:\Users\ski\Desktop\chief_09-28-14.zip
2014-09-27 04:57 - 2014-09-27 04:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-09 15:09 - 2014-09-24 07:09 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2014-09-02 09:53 - 2014-09-02 09:53 - 00000000 ____D () C:\Users\ski\AppData\Roaming\vlc

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 06:17 - 2009-12-01 00:21 - 00029340 _____ () C:\aaw7boot.log
2014-09-29 06:17 - 2006-11-02 04:47 - 00003616 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-29 06:17 - 2006-11-02 04:47 - 00003616 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-29 04:40 - 2008-11-14 15:43 - 02703806 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 04:35 - 2009-01-06 10:35 - 00007512 _____ () C:\Users\ski\AppData\Local\d3d9caps.dat
2014-09-29 03:56 - 2006-11-02 02:33 - 00880622 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-09-29 03:29 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\System32\inetsrv
2014-09-29 03:27 - 2013-10-22 11:54 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-09-29 03:27 - 2008-11-27 18:54 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-09-28 05:53 - 2014-08-29 06:25 - 00000000 ____D () C:\Program Files\Settings Manager
2014-09-28 05:53 - 2008-01-20 18:47 - 00273346 _____ () C:\Windows\PFRO.log
2014-09-28 05:53 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\Provisioning
2014-09-28 05:25 - 2014-08-29 06:25 - 00000000 ____D () C:\Users\ski\AppData\Roaming\FirefoxToolbar
2014-09-28 04:02 - 2014-08-26 09:53 - 00000000 ____D () C:\Users\ski\AppData\Local\iLivid
2014-09-28 04:02 - 2013-03-18 10:08 - 00000000 ____D () C:\Users\ski\AppData\Local\CRE
2014-09-28 02:29 - 2013-02-07 12:34 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-26 19:01 - 2009-01-22 04:48 - 00000000 ____D () C:\Program Files\Intuit
2014-09-26 04:39 - 2014-06-10 05:28 - 00000000 ____D () C:\SCANS2
2014-09-24 16:18 - 2013-06-22 04:43 - 00000000 ____D () C:\Users\ski\AppData\Roaming\HpUpdate
2014-09-24 07:09 - 2012-11-20 05:30 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-09-24 07:09 - 2011-07-13 02:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-09-18 11:24 - 2014-08-26 09:55 - 00000864 _____ () C:\Users\ski\Desktop\iLivid.lnk
2014-09-16 06:36 - 2008-11-19 06:49 - 00000000 ____D () C:\Users\ski\Documents\Ski
2014-09-15 06:11 - 2008-11-19 06:49 - 00000000 ____D () C:\Users\ski\Documents\Secretary items
2014-09-12 06:38 - 2008-12-01 06:19 - 00000000 ____D () C:\Program Files\On Scene Xplorer
2014-09-07 06:54 - 2013-03-18 05:49 - 00000000 ____D () C:\Users\ski\AppData\Local\Torch

Files to move or delete:
====================
C:\Users\ski\install_reader10_en_chra_aih.exe
C:\Users\ski\pymins_px.exe


Some content of TEMP:
====================
C:\Users\ski\AppData\Local\Temp\AcsInstall.dll
C:\Users\ski\AppData\Local\Temp\AOLFirewallMgr.dll
C:\Users\ski\AppData\Local\Temp\AOLInstallerfw.dll
C:\Users\ski\AppData\Local\Temp\aol_toolbarF115.exe
C:\Users\ski\AppData\Local\Temp\contentDATs.exe
C:\Users\ski\AppData\Local\Temp\EntitlementClientInstall.dll
C:\Users\ski\AppData\Local\Temp\FreemakeVideoConverter_4.0.0.1.exe
C:\Users\ski\AppData\Local\Temp\GLFAEC4.tmp.exe
C:\Users\ski\AppData\Local\Temp\homepage-protection48E1.exe
C:\Users\ski\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\kmpd50mf.dlL
C:\Users\ski\AppData\Local\Temp\MFC71.dll
C:\Users\ski\AppData\Local\Temp\msvcp71.dll
C:\Users\ski\AppData\Local\Temp\msvcr71.dll
C:\Users\ski\AppData\Local\Temp\nsz5748.tmp.exe
C:\Users\ski\AppData\Local\Temp\pcc.dll
C:\Users\ski\AppData\Local\Temp\sagekey4.dll
C:\Users\ski\AppData\Local\Temp\SearchHelper.exe
C:\Users\ski\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\ski\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\ski\AppData\Local\Temp\SpOrder.dll
C:\Users\ski\AppData\Local\Temp\stlport_vc746.dll
C:\Users\ski\AppData\Local\Temp\tbpreinst94A4.exe
C:\Users\ski\AppData\Local\Temp\xerces-c_2_5_0_qb.dll
C:\Users\ski\AppData\Local\Temp\~fvdsuite-3.0.2-hotfix.exe


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-08-27 20:00:22
Restore point made on: 2014-08-28 20:00:32
Restore point made on: 2014-08-29 20:00:30
Restore point made on: 2014-08-30 20:00:06
Restore point made on: 2014-08-31 20:00:04
Restore point made on: 2014-09-01 20:00:07
Restore point made on: 2014-09-02 20:00:31
Restore point made on: 2014-09-03 20:00:33
Restore point made on: 2014-09-04 20:00:33
Restore point made on: 2014-09-05 20:00:34
Restore point made on: 2014-09-06 20:00:22
Restore point made on: 2014-09-07 20:00:21
Restore point made on: 2014-09-08 20:00:31
Restore point made on: 2014-09-09 20:00:20
Restore point made on: 2014-09-10 20:00:20
Restore point made on: 2014-09-11 20:00:31
Restore point made on: 2014-09-12 20:00:23
Restore point made on: 2014-09-13 20:00:22
Restore point made on: 2014-09-14 20:00:21
Restore point made on: 2014-09-15 20:00:29
Restore point made on: 2014-09-16 20:00:29
Restore point made on: 2014-09-17 20:00:19
Restore point made on: 2014-09-18 20:00:33
Restore point made on: 2014-09-19 20:00:31
Restore point made on: 2014-09-20 20:00:23
Restore point made on: 2014-09-21 20:00:22
Restore point made on: 2014-09-22 20:00:31
Restore point made on: 2014-09-23 20:00:23
Restore point made on: 2014-09-24 16:18:33
Restore point made on: 2014-09-25 20:00:24
Restore point made on: 2014-09-26 20:00:22
Restore point made on: 2014-09-27 20:00:52

==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 3069.46 MB
Available physical RAM: 2758.96 MB
Total Pagefile: 2966.85 MB
Available Pagefile: 2826.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.76 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:450.7 GB) (Free:313.42 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:1.86 GB) (Free:0.71 GB) FAT
Drive x: (RECOVERY) (Fixed) (Total:15 GB) (Free:9.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 88000000)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=450.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00819A29)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=0E)


LastRegBack: 2014-09-29 04:07

==================== End Of Log ============================

Link to post
Share on other sites

Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt
 
>>  Boot into Recovery Environment
 
 
Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....

  •    Press the Fix button once and wait.
  •    FRST will process fixlist.txt
  •    When finished, it will produce a log fixlog.txt on your USB flashdrive.

>>  Exit out of Recovery Environment and post me the log please.
 
 
 
Try to boot Windows normally...

fixlist.txt

Link to post
Share on other sites

Ok ran the fix and attempted a normal restart.....

 

same as before..... went right to a black screen.

Powered tower down .... gave it a minute then tried to boot up again and the same thing as before is happening.

 

Black Screen with "Microsoft Corporation" at bottom with loading green bar.

After about a minute the screen goes black... monitor goes into sleep / pwr save mode and I hear the windows startup music then nothing. (completely blank)

I checked to see if the screen is in sleep mode but get nothing from mouse movement or hitting any keyboard buttons

Blue power light on tower is still blinking

 

 

Here are the results of the fix log

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-09-2014 02
Ran by SYSTEM at 2014-09-29 11:14:15 Run:1
Running from e:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
HKU\ski\...\Run: [iLivid] => C:\Users\ski\AppData\Local\iLivid\iLivid.exe [7913472 2014-05-25] (Bandoo Media Inc.)
C:\Users\ski\AppData\Local\iLivid
HKU\ski\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\ski\...\Policies\Explorer: [HideSCAHealth] 1
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
S2 TorchCrashHandler; C:\Users\ski\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-08-27] (TorchMedia Inc.) <==== ATTENTION
C:\Users\ski\AppData\Local\Torch
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 LMIRfsClientNP; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
2014-09-18 11:24 - 2014-08-26 09:55 - 00000864 _____ () C:\Users\ski\Desktop\iLivid.lnk
C:\Users\ski\install_reader10_en_chra_aih.exe
C:\Users\ski\pymins_px.exe
C:\Users\ski\AppData\Local\Temp\AcsInstall.dll
C:\Users\ski\AppData\Local\Temp\AOLFirewallMgr.dll
C:\Users\ski\AppData\Local\Temp\AOLInstallerfw.dll
C:\Users\ski\AppData\Local\Temp\aol_toolbarF115.exe
C:\Users\ski\AppData\Local\Temp\contentDATs.exe
C:\Users\ski\AppData\Local\Temp\EntitlementClientInstall.dll
C:\Users\ski\AppData\Local\Temp\FreemakeVideoConverter_4.0.0.1.exe
C:\Users\ski\AppData\Local\Temp\GLFAEC4.tmp.exe
C:\Users\ski\AppData\Local\Temp\homepage-protection48E1.exe
C:\Users\ski\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\ski\AppData\Local\Temp\kmpd50mf.dlL
C:\Users\ski\AppData\Local\Temp\MFC71.dll
C:\Users\ski\AppData\Local\Temp\msvcp71.dll
C:\Users\ski\AppData\Local\Temp\msvcr71.dll
C:\Users\ski\AppData\Local\Temp\nsz5748.tmp.exe
C:\Users\ski\AppData\Local\Temp\pcc.dll
C:\Users\ski\AppData\Local\Temp\sagekey4.dll
C:\Users\ski\AppData\Local\Temp\SearchHelper.exe
C:\Users\ski\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\ski\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\ski\AppData\Local\Temp\SpOrder.dll
C:\Users\ski\AppData\Local\Temp\stlport_vc746.dll
C:\Users\ski\AppData\Local\Temp\tbpreinst94A4.exe
C:\Users\ski\AppData\Local\Temp\xerces-c_2_5_0_qb.dll
C:\Users\ski\AppData\Local\Temp\~fvdsuite-3.0.2-hotfix.exe
*****************

HKU\ski\Software\Microsoft\Windows\CurrentVersion\Run\\iLivid => value deleted successfully.
C:\Users\ski\AppData\Local\iLivid => Moved successfully.
HKU\ski\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value deleted successfully.
HKU\ski\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe" => Key deleted successfully.
TorchCrashHandler => Service deleted successfully.
C:\Users\ski\AppData\Local\Torch => Moved successfully.
IpInIp => Service deleted successfully.
LMIRfsClientNP => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
C:\Users\ski\Desktop\iLivid.lnk => Moved successfully.
C:\Users\ski\install_reader10_en_chra_aih.exe => Moved successfully.
C:\Users\ski\pymins_px.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\AcsInstall.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\AOLFirewallMgr.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\AOLInstallerfw.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\aol_toolbarF115.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\contentDATs.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\EntitlementClientInstall.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\FreemakeVideoConverter_4.0.0.1.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\GLFAEC4.tmp.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\homepage-protection48E1.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\kmpd50mf.dlL => Moved successfully.
C:\Users\ski\AppData\Local\Temp\MFC71.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\msvcp71.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\msvcr71.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\nsz5748.tmp.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\pcc.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\sagekey4.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\SearchHelper.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\SecurityScan_Release.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\SHFOLDER.DLL => Moved successfully.
C:\Users\ski\AppData\Local\Temp\SpOrder.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\stlport_vc746.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\tbpreinst94A4.exe => Moved successfully.
C:\Users\ski\AppData\Local\Temp\xerces-c_2_5_0_qb.dll => Moved successfully.
C:\Users\ski\AppData\Local\Temp\~fvdsuite-3.0.2-hotfix.exe => Moved successfully.

==== End of Fixlog ====

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.