Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
CreateRestorePoint: HKLM-x32\...\Run: [fst_us_143] => [X] HKU\S-1-5-21-28108215-2538129268-678420320-1002\...\MountPoints2: {2d6c1ba1-f1ba-11e4-82d3-a01d4808520a} - "F:\VZW_Software_upgrade_assistant.exe" HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings) ProxyServer: [.DEFAULT] => 1 AutoConfigURL: [.DEFAULT] => file://C:/Users/CrisYouSasyMedic/AppData/Local/LPT/NewConfig.txt ProxyServer: [S-1-5-21-28108215-2538129268-678420320-1002] => 1 AutoConfigURL: [S-1-5-21-28108215-2538129268-678420320-1002] => file://C:/Users/CrisYouSasyMedic/AppData/Local/LPT/NewConfig.txt HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxyioASX7XiWPTst6sI9KCYqB5_pjxa3Wij2s2bTLp6N7jJBcdJwZ311GW516UswWsJFdEbWi_6uNVdmU-Zx1j8-VygoeXeZyfVf0WBe3H91G_hz5PzT8Kg1f5wodu9sgZYShH5Ism5nYHk,&q={searchTerms} HKU\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.facebook.com/topic/Philip-Seymour-Hoffman/108351132526165?source=whfrt&position=1&trqid=6039082446727169189 SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxyioASX7XiWPTst6sI9KCYqB5_pjxa3Wij2s2bTLp6N7jJBcdJwZ311GW516UswWsJFdEbWi_6uNVdmU-Zx1j8-VygoeXeZyfVf0WBe3H91G_hz5PzT8Kg1f5wodu9sgZYShH5Ism5nYHk,&q={searchTerms} SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKU\S-1-5-21-28108215-2538129268-678420320-1002 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File C:\Users\CrisYouSasyMedic\AppData\Local\Temp\Quarantine.exe C:\Users\CrisYouSasyMedic\AppData\Local\Temp\sqlite3.dll C:\Users\CrisYouSasyMedic\AppData\Local\Temp\TAInstaller.exe C:\Users\CrisYouSasyMedic\AppData\Local\Temp\vlc-2.2.6-win32.exe C:\Users\CrisYouSasyMedic\AppData\Local\Temp\vlc-3.0.3-win32.exe AlternateDataStreams: C:\ProgramData\Temp:11590865 [177] AlternateDataStreams: C:\ProgramData\Temp:1416AAA6 [330] AlternateDataStreams: C:\ProgramData\Temp:2AD33723 [162] AlternateDataStreams: C:\ProgramData\Temp:2AF322BF [312] AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134] AlternateDataStreams: C:\ProgramData\Temp:363E775E [182] AlternateDataStreams: C:\ProgramData\Temp:3EC5BC08 [344] AlternateDataStreams: C:\ProgramData\Temp:491270B8 [314] AlternateDataStreams: C:\ProgramData\Temp:5E73E1C2 [182] AlternateDataStreams: C:\ProgramData\Temp:6B709AD7 [346] AlternateDataStreams: C:\ProgramData\Temp:7687A3E3 [382] AlternateDataStreams: C:\ProgramData\Temp:98CF1A39 [189] AlternateDataStreams: C:\ProgramData\Temp:9DBE6481 [130] AlternateDataStreams: C:\ProgramData\Temp:A4AF8D0D [165] AlternateDataStreams: C:\ProgramData\Temp:A6D6E537 [177] AlternateDataStreams: C:\ProgramData\Temp:A7DA2BCD [334] AlternateDataStreams: C:\ProgramData\Temp:A88BE334 [316] AlternateDataStreams: C:\ProgramData\Temp:B54E4B5A [342] AlternateDataStreams: C:\ProgramData\Temp:B6E6C4EA [179] AlternateDataStreams: C:\ProgramData\Temp:BEE39E9B [364] AlternateDataStreams: C:\ProgramData\Temp:C22674B6 [294] AlternateDataStreams: C:\ProgramData\Temp:C3899C0B [171] AlternateDataStreams: C:\ProgramData\Temp:C78DADEA [178] AlternateDataStreams: C:\ProgramData\Temp:CAC06C34 [177] AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30 [183] AlternateDataStreams: C:\ProgramData\Temp:F5D01D7C [384] AlternateDataStreams: C:\ProgramData\Temp:F84B8DB5 [155] AlternateDataStreams: C:\ProgramData\Temp:F9F58B80 [180] AlternateDataStreams: C:\ProgramData\Temp:FAB64002 [146] AlternateDataStreams: C:\ProgramData\Temp:FBD274CF [171] AlternateDataStreams: C:\ProgramData\Temp:FC70A22A [370] HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" Hosts: RemoveProxy: EmptyTemp: CMD: ipconfig /flushdns
CreateRestorePoint: HKLM-x32\...\Run: [fst_us_143] => [X] HKU\S-1-5-21-28108215-2538129268-678420320-1002\...\MountPoints2: {2d6c1ba1-f1ba-11e4-82d3-a01d4808520a} - "F:\VZW_Software_upgrade_assistant.exe" HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings) ProxyServer: [.DEFAULT] => 1 AutoConfigURL: [.DEFAULT] => file://C:/Users/CrisYouSasyMedic/AppData/Local/LPT/NewConfig.txt ProxyServer: [S-1-5-21-28108215-2538129268-678420320-1002] => 1 AutoConfigURL: [S-1-5-21-28108215-2538129268-678420320-1002] => file://C:/Users/CrisYouSasyMedic/AppData/Local/LPT/NewConfig.txt HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxyioASX7XiWPTst6sI9KCYqB5_pjxa3Wij2s2bTLp6N7jJBcdJwZ311GW516UswWsJFdEbWi_6uNVdmU-Zx1j8-VygoeXeZyfVf0WBe3H91G_hz5PzT8Kg1f5wodu9sgZYShH5Ism5nYHk,&q={searchTerms} HKU\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.facebook.com/topic/Philip-Seymour-Hoffman/108351132526165?source=whfrt&position=1&trqid=6039082446727169189 SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxyioASX7XiWPTst6sI9KCYqB5_pjxa3Wij2s2bTLp6N7jJBcdJwZ311GW516UswWsJFdEbWi_6uNVdmU-Zx1j8-VygoeXeZyfVf0WBe3H91G_hz5PzT8Kg1f5wodu9sgZYShH5Ism5nYHk,&q={searchTerms} SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKU\S-1-5-21-28108215-2538129268-678420320-1002 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File C:\Users\CrisYouSasyMedic\AppData\Local\Temp\Quarantine.exe C:\Users\CrisYouSasyMedic\AppData\Local\Temp\sqlite3.dll C:\Users\CrisYouSasyMedic\AppData\Local\Temp\TAInstaller.exe C:\Users\CrisYouSasyMedic\AppData\Local\Temp\vlc-2.2.6-win32.exe C:\Users\CrisYouSasyMedic\AppData\Local\Temp\vlc-3.0.3-win32.exe AlternateDataStreams: C:\ProgramData\Temp:11590865 [177] AlternateDataStreams: C:\ProgramData\Temp:1416AAA6 [330] AlternateDataStreams: C:\ProgramData\Temp:2AD33723 [162] AlternateDataStreams: C:\ProgramData\Temp:2AF322BF [312] AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134] AlternateDataStreams: C:\ProgramData\Temp:363E775E [182] AlternateDataStreams: C:\ProgramData\Temp:3EC5BC08 [344] AlternateDataStreams: C:\ProgramData\Temp:491270B8 [314] AlternateDataStreams: C:\ProgramData\Temp:5E73E1C2 [182] AlternateDataStreams: C:\ProgramData\Temp:6B709AD7 [346] AlternateDataStreams: C:\ProgramData\Temp:7687A3E3 [382] AlternateDataStreams: C:\ProgramData\Temp:98CF1A39 [189] AlternateDataStreams: C:\ProgramData\Temp:9DBE6481 [130] AlternateDataStreams: C:\ProgramData\Temp:A4AF8D0D [165] AlternateDataStreams: C:\ProgramData\Temp:A6D6E537 [177] AlternateDataStreams: C:\ProgramData\Temp:A7DA2BCD [334] AlternateDataStreams: C:\ProgramData\Temp:A88BE334 [316] AlternateDataStreams: C:\ProgramData\Temp:B54E4B5A [342] AlternateDataStreams: C:\ProgramData\Temp:B6E6C4EA [179] AlternateDataStreams: C:\ProgramData\Temp:BEE39E9B [364] AlternateDataStreams: C:\ProgramData\Temp:C22674B6 [294] AlternateDataStreams: C:\ProgramData\Temp:C3899C0B [171] AlternateDataStreams: C:\ProgramData\Temp:C78DADEA [178] AlternateDataStreams: C:\ProgramData\Temp:CAC06C34 [177] AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30 [183] AlternateDataStreams: C:\ProgramData\Temp:F5D01D7C [384] AlternateDataStreams: C:\ProgramData\Temp:F84B8DB5 [155] AlternateDataStreams: C:\ProgramData\Temp:F9F58B80 [180] AlternateDataStreams: C:\ProgramData\Temp:FAB64002 [146] AlternateDataStreams: C:\ProgramData\Temp:FBD274CF [171] AlternateDataStreams: C:\ProgramData\Temp:FC70A22A [370] HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar C:\Users\CRISYO~1\AppData\Local\Temp\smartbar [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Startup.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\016A7206F164D5243BE66200904CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\016A7206F164D5243BE662E09C4CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\0B394BFA95E9CAE4FBB27DB664DCBD0E] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\0B51A54BED003754EB928BEF1B2E8A42] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\0B51AA2BED003754EB928BEF1B2E8A42] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\0B61AA2BED003754EB929BEF1B2E8A42] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\0B6A7206F164D5243BE662E09C4CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\116A7206F164D5243BE662E09C4CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\216A7206F164D5243BE66288984CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\216A7206F164D5243BE662E09C4CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\2E35213FD461DD045869F4E01B62B2BE] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\32123894481B5D040B0F8C26B6D7A878] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\33592FD0CF5A7AA4A8F106EB69B9A0D7] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\40623894481B5D040B0F8C26B6D7A878] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\433F92F177200FF478C2D32BB923656E] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\43F238B8E12237E46A4AFF0CB31E2ECC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\4CD231EF64D076744824027B43D7B1AD] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\55D0E21DCD38B8E40BA0517C0D9CCCE0] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\59F397F664A6B044BA5150D20FA0AD67] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\649A52D257CA5DB4EAAE8BA9EB23E467] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\8B257988D95DB864CAF8EF451C5B3ECE] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\93D6CC2FC9612424E87EB7375E2FC46C] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB73868888] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB73D61A81] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB73D68A18] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB73D68A82] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB73D6BA21] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB88D68A82] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A81EB88D68A81] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\A143CF598A8430D4BB0E71700E8C09C5] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\A805D820868346044B5BDD92EB6CA6C3] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\A9AB3AEAE939E984293B9178134BD540] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\BBB8D37874E1A0946834CDB33A9FC4C5] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\BBB8D37874E1A0946834CDB33A9FC4CD] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\BBB8D37874E1A0946834CDB34A9FC4CD] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\C4FE6082BC8553B4B91EC0FE408D71DA] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\CA86D8ADF7525524299E35592473F71A] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\CA86D8ADF7525524299E35592473F72A] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\CA86D8ADF7525524299E35592473F73A] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\D0386F2D6FEAFBC45BFCAFE158BF5064] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\D40B7F324393F624DACA80C397004DA1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\DF0B7F324F93FE24DBCA80C397004DF2] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E13864C95DCE91247A4435FFDA762754] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E2647758E1ED7134F8C4259CC51A2AA8] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E5ADE64D843807D4997A4AFC96B78EF1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E5ADE64D843807D4997A4AFC96B78EF2] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E5ADE64D843807D4997A4AFC96B78EF3] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E5ADE64D843807D4997A4AFC96B78EF4] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E5ADE64D843807D4997A4AFC96B78EF5] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Products\A0108BE1134FF8F478A405B6B2153F2D] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\Startup.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1EB8010A-F431-4F8F-874A-506B2B51F3D2}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Smartbar] [-HKEY_USERS\.DEFAULT\Software\Trolltech] [-HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Installer\Products\A0108BE1134FF8F478A405B6B2153F2D] [-HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\{08998c2c-b970-4110-8c1f-7a405e284254}] [-HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Trolltech] DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\helperbar@helperbar.com\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\NativeMessagingHosts\sb.host|"" DeleteValue: HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Muvic.exe DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Startup.exe|Params DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Products\A0108BE1134FF8F478A405B6B2153F2D\InstallProperties|DisplayName DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1EB8010A-F431-4F8F-874A-506B2B51F3D2}|DisplayName DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\Startup.exe|Params DeleteValue: HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Installer\Products\A0108BE1134FF8F478A405B6B2153F2D|ProductName DeleteValue: HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Muvic.exe DeleteValue: HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\{08998c2c-b970-4110-8c1f-7a405e284254}|DisplayName Hosts: RemoveProxy: EmptyTemp: CMD: ipconfig /flushdns
CreateRestorePoint: HKLM-x32\...\Run: [fst_us_143] => [X] HKU\S-1-5-21-28108215-2538129268-678420320-1002\...\MountPoints2: {2d6c1ba1-f1ba-11e4-82d3-a01d4808520a} - "F:\VZW_Software_upgrade_assistant.exe" HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings) ProxyServer: [.DEFAULT] => 1 AutoConfigURL: [.DEFAULT] => file://C:/Users/CrisYouSasyMedic/AppData/Local/LPT/NewConfig.txt ProxyServer: [S-1-5-21-28108215-2538129268-678420320-1002] => 1 AutoConfigURL: [S-1-5-21-28108215-2538129268-678420320-1002] => file://C:/Users/CrisYouSasyMedic/AppData/Local/LPT/NewConfig.txt HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxyioASX7XiWPTst6sI9KCYqB5_pjxa3Wij2s2bTLp6N7jJBcdJwZ311GW516UswWsJFdEbWi_6uNVdmU-Zx1j8-VygoeXeZyfVf0WBe3H91G_hz5PzT8Kg1f5wodu9sgZYShH5Ism5nYHk,&q={searchTerms} HKU\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.facebook.com/topic/Philip-Seymour-Hoffman/108351132526165?source=whfrt&position=1&trqid=6039082446727169189 SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxyioASX7XiWPTst6sI9KCYqB5_pjxa3Wij2s2bTLp6N7jJBcdJwZ311GW516UswWsJFdEbWi_6uNVdmU-Zx1j8-VygoeXeZyfVf0WBe3H91G_hz5PzT8Kg1f5wodu9sgZYShH5Ism5nYHk,&q={searchTerms} SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKU\S-1-5-21-28108215-2538129268-678420320-1002 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File C:\Users\CrisYouSasyMedic\AppData\Local\Temp\Quarantine.exe C:\Users\CrisYouSasyMedic\AppData\Local\Temp\sqlite3.dll C:\Users\CrisYouSasyMedic\AppData\Local\Temp\TAInstaller.exe C:\Users\CrisYouSasyMedic\AppData\Local\Temp\vlc-2.2.6-win32.exe C:\Users\CrisYouSasyMedic\AppData\Local\Temp\vlc-3.0.3-win32.exe AlternateDataStreams: C:\ProgramData\Temp:11590865 [177] AlternateDataStreams: C:\ProgramData\Temp:1416AAA6 [330] AlternateDataStreams: C:\ProgramData\Temp:2AD33723 [162] AlternateDataStreams: C:\ProgramData\Temp:2AF322BF [312] AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134] AlternateDataStreams: C:\ProgramData\Temp:363E775E [182] AlternateDataStreams: C:\ProgramData\Temp:3EC5BC08 [344] AlternateDataStreams: C:\ProgramData\Temp:491270B8 [314] AlternateDataStreams: C:\ProgramData\Temp:5E73E1C2 [182] AlternateDataStreams: C:\ProgramData\Temp:6B709AD7 [346] AlternateDataStreams: C:\ProgramData\Temp:7687A3E3 [382] AlternateDataStreams: C:\ProgramData\Temp:98CF1A39 [189] AlternateDataStreams: C:\ProgramData\Temp:9DBE6481 [130] AlternateDataStreams: C:\ProgramData\Temp:A4AF8D0D [165] AlternateDataStreams: C:\ProgramData\Temp:A6D6E537 [177] AlternateDataStreams: C:\ProgramData\Temp:A7DA2BCD [334] AlternateDataStreams: C:\ProgramData\Temp:A88BE334 [316] AlternateDataStreams: C:\ProgramData\Temp:B54E4B5A [342] AlternateDataStreams: C:\ProgramData\Temp:B6E6C4EA [179] AlternateDataStreams: C:\ProgramData\Temp:BEE39E9B [364] AlternateDataStreams: C:\ProgramData\Temp:C22674B6 [294] AlternateDataStreams: C:\ProgramData\Temp:C3899C0B [171] AlternateDataStreams: C:\ProgramData\Temp:C78DADEA [178] AlternateDataStreams: C:\ProgramData\Temp:CAC06C34 [177] AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30 [183] AlternateDataStreams: C:\ProgramData\Temp:F5D01D7C [384] AlternateDataStreams: C:\ProgramData\Temp:F84B8DB5 [155] AlternateDataStreams: C:\ProgramData\Temp:F9F58B80 [180] AlternateDataStreams: C:\ProgramData\Temp:FAB64002 [146] AlternateDataStreams: C:\ProgramData\Temp:FBD274CF [171] AlternateDataStreams: C:\ProgramData\Temp:FC70A22A [370] HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar C:\Users\CRISYO~1\AppData\Local\Temp\smartbar [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Startup.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\016A7206F164D5243BE66200904CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\016A7206F164D5243BE662E09C4CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\0B394BFA95E9CAE4FBB27DB664DCBD0E] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\0B51A54BED003754EB928BEF1B2E8A42] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\0B51AA2BED003754EB928BEF1B2E8A42] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\0B61AA2BED003754EB929BEF1B2E8A42] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\0B6A7206F164D5243BE662E09C4CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\116A7206F164D5243BE662E09C4CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\216A7206F164D5243BE66288984CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\216A7206F164D5243BE662E09C4CD4AC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\2E35213FD461DD045869F4E01B62B2BE] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\32123894481B5D040B0F8C26B6D7A878] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\33592FD0CF5A7AA4A8F106EB69B9A0D7] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\40623894481B5D040B0F8C26B6D7A878] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\433F92F177200FF478C2D32BB923656E] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\43F238B8E12237E46A4AFF0CB31E2ECC] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\4CD231EF64D076744824027B43D7B1AD] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\55D0E21DCD38B8E40BA0517C0D9CCCE0] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\59F397F664A6B044BA5150D20FA0AD67] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\649A52D257CA5DB4EAAE8BA9EB23E467] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\8B257988D95DB864CAF8EF451C5B3ECE] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\93D6CC2FC9612424E87EB7375E2FC46C] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB73868888] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB73D61A81] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB73D68A18] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB73D68A82] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB73D6BA21] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A0AEB88D68A82] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\9DDEC1131A9FA2348B0A81EB88D68A81] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\A143CF598A8430D4BB0E71700E8C09C5] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\A805D820868346044B5BDD92EB6CA6C3] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\A9AB3AEAE939E984293B9178134BD540] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\BBB8D37874E1A0946834CDB33A9FC4C5] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\BBB8D37874E1A0946834CDB33A9FC4CD] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\BBB8D37874E1A0946834CDB34A9FC4CD] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\C4FE6082BC8553B4B91EC0FE408D71DA] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\CA86D8ADF7525524299E35592473F71A] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\CA86D8ADF7525524299E35592473F72A] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\CA86D8ADF7525524299E35592473F73A] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\D0386F2D6FEAFBC45BFCAFE158BF5064] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\D40B7F324393F624DACA80C397004DA1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\DF0B7F324F93FE24DBCA80C397004DF2] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E13864C95DCE91247A4435FFDA762754] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E2647758E1ED7134F8C4259CC51A2AA8] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E5ADE64D843807D4997A4AFC96B78EF1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E5ADE64D843807D4997A4AFC96B78EF2] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E5ADE64D843807D4997A4AFC96B78EF3] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E5ADE64D843807D4997A4AFC96B78EF4] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Components\E5ADE64D843807D4997A4AFC96B78EF5] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Products\A0108BE1134FF8F478A405B6B2153F2D] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\Startup.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1EB8010A-F431-4F8F-874A-506B2B51F3D2}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Smartbar] [-HKEY_USERS\.DEFAULT\Software\Trolltech] [-HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Installer\Products\A0108BE1134FF8F478A405B6B2153F2D] [-HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\{08998c2c-b970-4110-8c1f-7a405e284254}] [-HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Trolltech] DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\helperbar@helperbar.com\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Users\CrisYouSasyMedic\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\ DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\NativeMessagingHosts\sb.host|"" DeleteValue: HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Muvic.exe DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Startup.exe|Params DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-28108215-2538129268-678420320-1002\Products\A0108BE1134FF8F478A405B6B2153F2D\InstallProperties|DisplayName DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1EB8010A-F431-4F8F-874A-506B2B51F3D2}|DisplayName DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\Startup.exe|Params DeleteValue: HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Installer\Products\A0108BE1134FF8F478A405B6B2153F2D|ProductName DeleteValue: HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Muvic.exe DeleteValue: HKEY_USERS\S-1-5-21-28108215-2538129268-678420320-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\{08998c2c-b970-4110-8c1f-7a405e284254}|DisplayName Hosts: RemoveProxy: EmptyTemp: CMD: ipconfig /flushdns
Return to Infected? Virus, malware, adware, ransomware, oh my!
Users browsing this forum: No registered users and 417 guests
Contact us:
Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.
Member site: UNITE Against Malware