Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU E6600 @ 3.06GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 4061 Mb
Graphics Card: Intel(R) G45/G43 Express Chipset, 1806 Mb
Hard Drives: C: Total - 596378 MB, Free - 40577 MB;
Motherboard: Acer, WG43M
Antivirus: AVG AntiVirus 2015, Updated and Enabled
The computer is running very slow, i believe its been infected or hijacked by spyware and malware.
at this time i have run avg 2015 and removed all found infections, i also ran malwarebytes and removed all infections, i ran superantispyware and also removed all threats. i ran ccleaner and removed all old registry entries temp files etci just ran i in the standard default configurtration. this morning i woke up and found that malwarebytes found some of the same infections it found yesterday again, prob still runing in memory and not able to be removed with the current list of programs i have used.
below i attached the log from malwarebytes that it produced this morning.
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 10/29/2014
Scan Time: 2:55:07 AM
Logfile:
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.10.28.06
Rootkit Database: v2014.10.22.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: CommanderKaiser
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 474781
Time Elapsed: 57 min, 32 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 28
PUP.Optional.MySearch.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.instlRef", "140305_b");), ,[49cdb763413b2f07693d3a2cab5a718f]
PUP.Optional.MySearch.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (wordURLPromptDeclined", 1);
user_pref("browser.sta), ,[8a8c8793403c95a15c4a69fd07fe827e]
PUP.Optional.MySearch.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (archywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("extensions.shownSelectionUI", true);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_prelugin.state.npconduitfirefoxplugin", 0);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("network.protocol), ,[62b43ddd047854e2cdd9372fc73ea25e]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dfltSrch", true);), ,[45d1c555f48866d01d9293d3a65f50b0]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (earchywordURLPromptDeclined", 1);
user_pref("browser.startup.p), ,[e82e59c181fbd95dded1d690d92c3fc1]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (RLPromptDeclined", 1);
user_pref("browser.startup), ,[1ff7bb5fc0bcf93d5d52cd99a0656d93]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (.searchywordURLPromptDeclined", 1);
user_pref("brows), ,[8a8c44d617656ec87f3070f647be0bf5]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (archywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("extensions.shownSelectionUI", true);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_prelugin.state.npconduitfirefoxplugin", 0);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("network.protocol-handler.warn-external.dnupdate", false);user_pref("browser.newtab.url", "");
), ,[d44268b27606b680337c590dec19bf41]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (update", false);user_pref("browser.newtab.url", "");
user_pref("extensions.irmysearch.instlRef", "140305_b");
user_pref("extensions.irmysearch.cr", "367344870");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0E0CtC0AyDzyyD0EtCtC0C0E0Bzy0A0EtN0D0Tzu0SzzyEyBtN1L2XzutB tFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CtC0DyDzyyB0 BtGtCyDtB0DtGzz0DzytBtGyE0F0EyDtGtCyB0CyCyCyEtDzyyCyDzzzy2QtN1M1F1B2Z1V1N2Y 1), ,[878f5dbd1765ff378e215a0c44c1659b]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (e", false);user_pref("browser.newtab.url", "");
user_pref), ,[14020317fc8082b47d32283e41c41be5]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (rdURLPromptDeclined", 1);
user_pref("browser.startup.p), ,[50c6dc3e7606999d743b9acc52b3d52b]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (chywordURLPromptDeclined", 1);
user_pref("browser.sta), ,[1df925f5e6961d1997184b1b8f7641bf]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (rchywordURLPromptDeclined", 1);
user_pref("browser.sta), ,[ea2c9c7e4339af877b34273fe223e41c]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (chywordURLPromptDeclined", 1);
user_pref("browser.startup.page",), ,[4dc951c944384ee8238c2541867fbf41]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (PromptDeclined", 1);
user_pref("browser.startup.page", 1);
), ,[23f3f228b3c92a0ce2cde97d0104c937]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (dURLPromptDeclined", 1);
user_pref("browser.startup.page",), ,[81958694daa2b0869718f670ec19b947]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (ordURLPromptDeclined", 1);
user_pref("browser.startup.pa), ,[0610051523594aecded13a2c65a00ef2]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (ywordURLPromptDeclined", 1);
user_pref("browser.startu), ,[70a6f6244b31dd5904ab76f01de851af]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (chywordURLPromptDeclined", 1);
user_pref("browser.s), ,[14022ceee4981224c7e8f86eb94c857b]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (earchywordURLPromptDeclined", 1);
user_pref("browser.star), ,[a373f4265e1e69cd1e91ee7832d3d42c]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (wordURLPromptDeclined", 1);
user_pref("browser.s), ,[6da9c3572f4d3ff75f50273f9372c43c]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (r.searchywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pre), ,[0f079c7e413b5dd9d9d66bfb28ddf20e]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (
user_pref("browser.startup.page", 1);
user_pref("), ,[86904bcfa1dbde58ab0476f0867f6d93]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (earchywordURLPromptDeclined", 1);
user_pref("browser), ,[37df57c3502c83b3bef15b0bfc097987]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (archywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("extensions.shownSelectionUI", true);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_prelugin.state.npconduitfirefoxplugin", 0);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("network.protocol-h), ,[25f147d3dca0ae885d527de9c04509f7]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (ser.startup.page", 1);
user_pref("network.), ,[d83ebe5cafcd79bdbff03c2a778e8977]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0E0CtC0AyDzyyD0EtCtC0C0E0Bzy0A0EtN0D0 Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1PtN1L1G1B1V1N2Y1L 1Qzu2StDzyzy0D0ByByDtCtGzy0AyDyDtG0Azz0DtAtGyByDyEtDtGtAyEtA0FyD0ByB0FtCzz0 DyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtDtDtB0EzytBzztG0B0BtCyCtGtC0FyC0BtGyE0EyCtC tGyDtD0AtB0DtDtB0D0FyB0FtA2Q&cr=798050985&ir=");), ,[3dd9e634a2da7eb84f613a2c986d4eb2]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (("network.protocol-handler.warn-external.dnupdate", false);user_pref("browser.newtab.url", "");
user_pref("extensions.irmysearch.instlRef", "140305_b");
user_pref("extensions.irmysearch.cr", "367344870");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0E0CtC0AyDzyyD0EtCtC0C0E0Bzy0A0EtN0D0Tzu0SzzyEyBtN1L2XzutB tFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CtC0DyDzyyB0 BtGtCyDtB0DtGzz0DzytBtGyE0F0EyDtG), ,[33e31604f785171ffab60f57e520d52b]
Physical Sectors: 0
(No malicious items detected)
(end)
I thank you in advance for your assistance.
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU E6600 @ 3.06GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 4061 Mb
Graphics Card: Intel(R) G45/G43 Express Chipset, 1806 Mb
Hard Drives: C: Total - 596378 MB, Free - 40577 MB;
Motherboard: Acer, WG43M
Antivirus: AVG AntiVirus 2015, Updated and Enabled
The computer is running very slow, i believe its been infected or hijacked by spyware and malware.
at this time i have run avg 2015 and removed all found infections, i also ran malwarebytes and removed all infections, i ran superantispyware and also removed all threats. i ran ccleaner and removed all old registry entries temp files etci just ran i in the standard default configurtration. this morning i woke up and found that malwarebytes found some of the same infections it found yesterday again, prob still runing in memory and not able to be removed with the current list of programs i have used.
below i attached the log from malwarebytes that it produced this morning.
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 10/29/2014
Scan Time: 2:55:07 AM
Logfile:
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.10.28.06
Rootkit Database: v2014.10.22.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: CommanderKaiser
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 474781
Time Elapsed: 57 min, 32 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 28
PUP.Optional.MySearch.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.instlRef", "140305_b");), ,[49cdb763413b2f07693d3a2cab5a718f]
PUP.Optional.MySearch.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (wordURLPromptDeclined", 1);
user_pref("browser.sta), ,[8a8c8793403c95a15c4a69fd07fe827e]
PUP.Optional.MySearch.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (archywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("extensions.shownSelectionUI", true);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_prelugin.state.npconduitfirefoxplugin", 0);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("network.protocol), ,[62b43ddd047854e2cdd9372fc73ea25e]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dfltSrch", true);), ,[45d1c555f48866d01d9293d3a65f50b0]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (earchywordURLPromptDeclined", 1);
user_pref("browser.startup.p), ,[e82e59c181fbd95dded1d690d92c3fc1]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (RLPromptDeclined", 1);
user_pref("browser.startup), ,[1ff7bb5fc0bcf93d5d52cd99a0656d93]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (.searchywordURLPromptDeclined", 1);
user_pref("brows), ,[8a8c44d617656ec87f3070f647be0bf5]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (archywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("extensions.shownSelectionUI", true);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_prelugin.state.npconduitfirefoxplugin", 0);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("network.protocol-handler.warn-external.dnupdate", false);user_pref("browser.newtab.url", "");
), ,[d44268b27606b680337c590dec19bf41]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (update", false);user_pref("browser.newtab.url", "");
user_pref("extensions.irmysearch.instlRef", "140305_b");
user_pref("extensions.irmysearch.cr", "367344870");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0E0CtC0AyDzyyD0EtCtC0C0E0Bzy0A0EtN0D0Tzu0SzzyEyBtN1L2XzutB tFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CtC0DyDzyyB0 BtGtCyDtB0DtGzz0DzytBtGyE0F0EyDtGtCyB0CyCyCyEtDzyyCyDzzzy2QtN1M1F1B2Z1V1N2Y 1), ,[878f5dbd1765ff378e215a0c44c1659b]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (e", false);user_pref("browser.newtab.url", "");
user_pref), ,[14020317fc8082b47d32283e41c41be5]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (rdURLPromptDeclined", 1);
user_pref("browser.startup.p), ,[50c6dc3e7606999d743b9acc52b3d52b]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (chywordURLPromptDeclined", 1);
user_pref("browser.sta), ,[1df925f5e6961d1997184b1b8f7641bf]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (rchywordURLPromptDeclined", 1);
user_pref("browser.sta), ,[ea2c9c7e4339af877b34273fe223e41c]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (chywordURLPromptDeclined", 1);
user_pref("browser.startup.page",), ,[4dc951c944384ee8238c2541867fbf41]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (PromptDeclined", 1);
user_pref("browser.startup.page", 1);
), ,[23f3f228b3c92a0ce2cde97d0104c937]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (dURLPromptDeclined", 1);
user_pref("browser.startup.page",), ,[81958694daa2b0869718f670ec19b947]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (ordURLPromptDeclined", 1);
user_pref("browser.startup.pa), ,[0610051523594aecded13a2c65a00ef2]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (ywordURLPromptDeclined", 1);
user_pref("browser.startu), ,[70a6f6244b31dd5904ab76f01de851af]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (chywordURLPromptDeclined", 1);
user_pref("browser.s), ,[14022ceee4981224c7e8f86eb94c857b]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (earchywordURLPromptDeclined", 1);
user_pref("browser.star), ,[a373f4265e1e69cd1e91ee7832d3d42c]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (wordURLPromptDeclined", 1);
user_pref("browser.s), ,[6da9c3572f4d3ff75f50273f9372c43c]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (r.searchywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pre), ,[0f079c7e413b5dd9d9d66bfb28ddf20e]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (
user_pref("browser.startup.page", 1);
user_pref("), ,[86904bcfa1dbde58ab0476f0867f6d93]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (earchywordURLPromptDeclined", 1);
user_pref("browser), ,[37df57c3502c83b3bef15b0bfc097987]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (archywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("extensions.shownSelectionUI", true);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_prelugin.state.npconduitfirefoxplugin", 0);
user_pref("browser.searchywordURLPromptDeclined", 1);
user_pref("browser.startup.page", 1);
user_pref("network.protocol-h), ,[25f147d3dca0ae885d527de9c04509f7]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (ser.startup.page", 1);
user_pref("network.), ,[d83ebe5cafcd79bdbff03c2a778e8977]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1Qzu0E0CtC0AyDzyyD0EtCtC0C0E0Bzy0A0EtN0D0 Tzu0SzzyEyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1PtN1L1G1B1V1N2Y1L 1Qzu2StDzyzy0D0ByByDtCtGzy0AyDyDtG0Azz0DtAtGyByDyEtDtGtAyEtA0FyD0ByB0FtCzz0 DyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtDtDtB0EzytBzztG0B0BtCyCtGtC0FyC0BtGyE0EyCtC tGyDtD0AtB0DtDtB0D0FyB0FtA2Q&cr=798050985&ir=");), ,[3dd9e634a2da7eb84f613a2c986d4eb2]
PUP.Optional.MySearchDial.A, C:\Users\CommanderKaiser\AppData\Roaming\Mozilla\Firefox\Profiles\lml85eie. default\user.js, Good: (), Bad: (("network.protocol-handler.warn-external.dnupdate", false);user_pref("browser.newtab.url", "");
user_pref("extensions.irmysearch.instlRef", "140305_b");
user_pref("extensions.irmysearch.cr", "367344870");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0E0CtC0AyDzyyD0EtCtC0C0E0Bzy0A0EtN0D0Tzu0SzzyEyBtN1L2XzutB tFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CtC0DyDzyyB0 BtGtCyDtB0DtGzz0DzytBtGyE0F0EyDtG), ,[33e31604f785171ffab60f57e520d52b]
Physical Sectors: 0
(No malicious items detected)
(end)
I thank you in advance for your assistance.