Member Avatar for Moe1981

Hi! Its been a while since i've been here but this place was always good to me before. Well my computer was really slow and 100% usage, i also noticed mysearchdial popup through firefox and i thought it was like an addon so i actually used that it silly me to log in to my email and facebook etc...

i followed all the instructions in the guide and ran all the scans. The only problem i faced was that i coldnt generate a GMER log one for some reason despite trying a lot. anyways everything else worked and i can say that the computer is already running a lot faster and also that firefox virus seems to be gone. well here is the stuff, i wonder if there's anythign left, i didnt do combofix.

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-05-13 21:46:18
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AJ1 596.17GB
Running: 37pcfs2z.exe; Driver: C:\Users\Moe\AppData\Local\Temp\pwldypow.sys


---- Registry - GMER 2.1 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac7289c3eaf5                      
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac7289c3eaf5@70aab2531933         0x37 0xA0 0x4C 0xB7 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac7289c3eaf5 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac7289c3eaf5@70aab2531933             0x37 0xA0 0x4C 0xB7 ...

---- EOF - GMER 2.1 ----

















.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 11/2/2011 1:16:33 AM
System Uptime: 5/13/2014 10:36:01 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 07GP33
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz | CPU | 1584/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 577 GiB total, 324.012 GiB free.
D: is CDROM ()
F: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{426C6163-6B42-6572-7279-427970617373}_LOCALMFG&0002\8&13EF4E05&0&70AAB2531933_C00000000
Manufacturer: 
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{426C6163-6B42-6572-7279-427970617373}_LOCALMFG&0002\8&13EF4E05&0&70AAB2531933_C00000000
Service: 
.
Class GUID: 
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_LOCALMFG&0002\8&13EF4E05&0&70AAB2531933_C00000000
Manufacturer: 
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_LOCALMFG&0002\8&13EF4E05&0&70AAB2531933_C00000000
Service: 
.
Class GUID: 
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{426C6163-6B42-6572-7279-44736B746F70}_LOCALMFG&0002\8&13EF4E05&0&70AAB2531933_C00000000
Manufacturer: 
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{426C6163-6B42-6572-7279-44736B746F70}_LOCALMFG&0002\8&13EF4E05&0&70AAB2531933_C00000000
Service: 
.
==== System Restore Points ===================
.
RP222: 4/25/2014 4:16:47 PM - Windows Update
RP223: 5/2/2014 9:14:24 PM - Scheduled Checkpoint
RP224: 5/3/2014 9:07:21 AM - Windows Update
RP225: 5/7/2014 1:24:59 AM - Windows Update
RP226: 5/13/2014 4:54:15 PM - McAfee Vulnerability Scanner
RP227: 5/13/2014 5:06:14 PM - Windows Update
RP228: 5/13/2014 7:34:02 PM - Restore Operation
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Accidental Damage Services Agreement
Adobe AIR
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader X (10.1.9)
Advanced Audio FX Engine
AMD APP SDK Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
Banctec Service Agreement
Bejeweled 2 Deluxe
BlackBerry Desktop Software 6.1
BlackBerry Device Software Updater
Blackhawk Striker 2
Bonjour
Bounce Symphony
BufferChm
Build-a-lot 2
Cake Mania
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
Chuzzle Deluxe
Complete Care Business Service Agreement
Consumer In-Home Service Agreement
Coupon Printer for Windows
Cozi
D110
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Edoc Viewer
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell Support Center
Dell Touchpad
Dell VideoStage 
Dell Webcam Central
Destinations
DeviceDiscovery
Diner Dash 2 Restaurant Rescue
DivX Setup
Dora's World Adventure
Dropbox
Escape Whisper Valley (TM)
Farm Frenzy
FATE
Final Drive Fury
Final Drive Nitro
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPAppStudio
HPPhotoGadget
HPProductAssistant
HPSSupply
Intel PROSet Wireless
Intel(R) Display Audio Driver
Intel(R) Management Engine Components
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Turbo Boost Technology Monitor 2.0
Intel(R) WiDi
Intel(R) Wireless Display
iTunes
Java 7 Update 51
Java Auto Updater
Java(TM) 6 Update 27 (64-bit)
Jewel Quest
Jewel Quest Solitaire 2
JonDo
JPG to PDF Converter 1.0
Junk Mail filter update
K-Lite Codec Pack 7.0.0 (Standard)
Luxor
Malwarebytes Anti-Malware version 2.0.1.1004
MarketResearch
McAfee Online Backup
McAfee Total Protection
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Starter 2010 - English
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
mIRC
Mozilla Firefox 28.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Namco All-Stars PAC-MAN
Nero 10 Movie ThemePack Basic
Nero Blu-ray Player
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
Network64
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
PowerXpressHybrid
Premium Service Agreement
PS_AIO_07_D110_SW_Min
PX Profile Update
QualxServ Service Agreement
Quickset64
QuickTransfer
Realtek High Definition Audio Driver
Recuva
Samantha Swift
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)
Shared C Run-time for x64
Shop for HP Supplies
Skype Click to Call
Skype™ 6.11
SmartWebPrinting
SolutionCenter
SopCast 3.5.0
Status
SyncUP
System Requirements Lab CYRI
System Requirements Lab for Intel
Toolbox
TrayApp
TrustedID
TrustedID IDMonitor Identity Protection
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update Installer for WildTangent Games App
US Tech Support Framework
VC80CRTRedist - 8.0.50727.6195
Virtual Villagers 4 - The Tree of Life
VLC media player 1.1.11
WebReg
Wedding Dash - Ready, Aim, Love!
WildTangent Games
WildTangent Games App (Dell Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.01 (32-bit)
Zinio Reader 4
Zip Motion Block Video codec (Remove Only)
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
5/13/2014 8:48:12 PM, Error: iaStor [9]  - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
5/13/2014 8:35:50 PM, Error: Service Control Manager [7024]  - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
5/13/2014 8:33:57 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
5/13/2014 7:51:15 PM, Error: Service Control Manager [7024]  - The Windows Firewall service terminated with service-specific error Access is denied..
5/13/2014 10:38:58 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  TfFsMon TFSysMon
5/13/2014 10:38:19 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
5/13/2014 10:38:03 PM, Error: Service Control Manager [7000]  - The USTSPCODiskOptimizer service failed to start due to the following error:  The system cannot find the file specified.
.
==== End Of File ===========================

`

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16521  BrowserJavaVersion: 10.51.2
Run by Moe at 22:53:08 on 2014-05-13
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6038.2620 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\USTechSupport\SchedulerService\SchedulerService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Moe\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\vssvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Google Update] "C:\Users\Moe\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
StartupFolder: C:\Users\Moe\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Moe\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Moe\STARTM~1\Programs\Startup\GAMEST~1.LNK - C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
StartupFolder: C:\Users\Moe\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
StartupFolder: C:\Users\Moe\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{3AF9D5FD-8545-4981-98EC-64EC74B238D2} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{3F079B3A-9A4C-43D5-B6A8-23BAC56E8C30} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{3F079B3A-9A4C-43D5-B6A8-23BAC56E8C30}\24C696E6B68303734366 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3F079B3A-9A4C-43D5-B6A8-23BAC56E8C30}\4657E6B696E6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3F079B3A-9A4C-43D5-B6A8-23BAC56E8C30}\66F666F666F6 : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{3F079B3A-9A4C-43D5-B6A8-23BAC56E8C30}\7365648363 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3F079B3A-9A4C-43D5-B6A8-23BAC56E8C30}\8494C444F4E40383 : DHCPNameServer = 10.10.10.1 8.8.8.8
TCP: Interfaces\{3F079B3A-9A4C-43D5-B6A8-23BAC56E8C30}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{3F079B3A-9A4C-43D5-B6A8-23BAC56E8C30}\E4544574541425 : DHCPNameServer = 192.168.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [XeroxEndeavorBackgroundTask] rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\a9siqqfv.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&type=A111US0&p=
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Moe\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Users\Moe\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Moe\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
FF - ExtSQL: !HIDDEN! 2013-01-16 21:00; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-9-24 783864]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2013-12-5 345456]
R1 MOBKFilter;MOBKFilter;C:\Windows\System32\drivers\MOBK.sys [2014-2-2 66040]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-10-28 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-10-28 203264]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-19 921664]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-19 995392]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-2 328928]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-13 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-13 857912]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-2 328928]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2014-2-2 178528]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-2 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-2 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-2 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-2-2 328928]
R2 McPvDrv;McPvDrv Driver;C:\Windows\System32\drivers\McPvDrv.sys [2014-2-2 74560]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-2-2 1025712]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2014-2-2 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-2-2 185792]
R2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-10-28 1692480]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-10-28 2656280]
R2 USTSScheduler;US Tech Support Scheduling Service;C:\Program Files (x86)\USTechSupport\SchedulerService\SchedulerService.exe [2012-7-12 736648]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-19 1335360]
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-5-19 53248]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-7-19 282624]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-12-5 70592]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-10-28 176096]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-7-19 59904]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-10-28 317440]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2011-10-28 12223936]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-5-17 25496]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-5-13 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-13 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-5-13 63192]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-12-5 311600]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-12-5 522360]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-1-21 422712]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-10-28 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-10-28 181760]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-10-28 412264]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S2 0052131400025700mcinstcleanup;McAfee Application Installer Cleanup (0052131400025700);C:\Windows\TEMP\005213~1.EXE -cleanup -nolog --> C:\Windows\TEMP\005213~1.EXE -cleanup -nolog [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S2 USTSPCODiskOptimizer;USTSPCODiskOptimizer;C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCODefragSrv64.exe --> C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCODefragSrv64.exe [?]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-5-13 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-11 111616]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-5-17 34200]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-1-21 96592]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-3-18 25072]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-10-28 250984]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-9 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-05-14 02:12:49 119512  ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-14 02:12:23 88280   ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-14 02:12:23 63192   ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-05-14 02:12:23 25816   ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-05-14 02:12:23 --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-14 00:39:13 --------    d-----w-    C:\Users\Moe\AppData\Local\{DCC4DD14-DF7C-4F71-8BB9-3AF6045DD04C}
2014-05-14 00:01:48 197704  ----a-w-    C:\Windows\System32\drivers\HipShieldK.sys
2014-05-13 20:08:34 --------    d-----w-    C:\Users\Moe\AppData\Local\{E24520F5-4841-432F-8139-C4D2AD3D0DC5}
2014-05-08 00:23:45 --------    d-----w-    C:\Users\Moe\AppData\Local\{5AC313FE-17C4-4F28-911C-09BC1165B297}
2014-05-06 14:13:44 --------    d-----w-    C:\Users\Moe\AppData\Local\{72004E3A-6EB9-41CA-A244-C5B8AEB30D56}
2014-05-06 02:13:18 --------    d-----w-    C:\Users\Moe\AppData\Local\{EDA1039D-B3BB-4391-831C-549315091626}
2014-05-04 19:08:12 --------    d-----w-    C:\Users\Moe\AppData\Local\{D2DAFDA5-8DEF-4BC3-A17C-CE6CFEE6A708}
2014-05-03 14:37:18 --------    d-sh--w-    C:\Users\Moe\AppData\Local\EmieUserList
2014-05-03 14:37:18 --------    d-sh--w-    C:\Users\Moe\AppData\Local\EmieSiteList
2014-04-29 01:00:22 --------    d-----w-    C:\Users\Moe\AppData\Local\{8FA18F3F-5401-4398-8DC6-82A1CAD04E4B}
2014-04-27 19:23:56 --------    d-----w-    C:\Users\Moe\AppData\Local\{315B791A-082F-4CF4-8036-4C40DB9E80A5}
2014-04-27 07:18:24 --------    d-----w-    C:\Users\Moe\AppData\Local\{B152F4E8-810B-49DD-B9B1-92E047593596}
2014-04-24 20:56:06 --------    d-----w-    C:\Users\Moe\AppData\Local\{5637A198-6F41-4DE9-A19A-E7ED2D280303}
2014-04-21 21:35:19 --------    d-----w-    C:\Users\Moe\AppData\Local\{F7FCECCB-0099-403B-B1B8-322E47B3D497}
2014-04-20 16:41:51 --------    d-----w-    C:\Users\Moe\AppData\Local\{5D637783-58B4-434E-8D9F-F703B0E4EF16}
2014-04-20 03:01:12 --------    d-----w-    C:\Users\Moe\AppData\Local\{06CD7260-B763-48F8-9BA1-5C4FDA7004B4}
.
==================== Find3M  ====================
.
2014-05-14 01:08:15 70832   ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 01:08:15 692400  ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-31 01:13:47 2724864 ----a-w-    C:\Windows\System32\mshtml.tlb
2014-03-31 00:13:30 2724864 ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-03-17 23:02:08 70592   ----a-w-    C:\Windows\System32\drivers\cfwids.sys
2014-03-17 22:54:54 345456  ----a-w-    C:\Windows\System32\drivers\mfewfpk.sys
2014-03-17 22:54:26 185792  ----a-w-    C:\Windows\System32\mfevtps.exe
2014-03-17 22:49:44 783864  ----a-w-    C:\Windows\System32\drivers\mfehidk.sys
2014-03-17 22:47:30 522360  ----a-w-    C:\Windows\System32\drivers\mfefirek.sys
2014-03-17 22:45:38 311600  ----a-w-    C:\Windows\System32\drivers\mfeavfk.sys
2014-03-17 22:44:40 180272  ----a-w-    C:\Windows\System32\drivers\mfeapfk.sys
2014-03-04 09:44:21 362496  ----a-w-    C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712  ----a-w-    C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312   ----a-w-    C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:03 16384   ----a-w-    C:\Windows\System32\ntvdm64.dll
2014-03-04 09:17:19 14336   ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05 44032   ----a-w-    C:\Windows\apppatch\acwow64.dll
2014-03-04 09:16:54 25600   ----a-w-    C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2014-03-04 08:09:30 7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048    ----a-w-    C:\Windows\SysWow64\user.exe
2014-03-01 05:16:26 4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048   ----a-w-    C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640   ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264  ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616  ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608  ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032  ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 03:54:33 5768704 ----a-w-    C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952   ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200   ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128  ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472  ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w-    C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-10-15 20:15:44 50053120    ----a-w-    C:\Program Files (x86)\GUT3D8.tmp
.
============= FINISH: 22:53:47.64 ===============






Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/13/2014
Scan Time: 10:30:01 PM
Logfile: scanlog mbam.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.14.01
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Moe

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 280362
Time Elapsed: 16 min, 47 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.uTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\uTorrentControl3, Quarantined, [7fcadb76a2d9ac8a7f2de0ae649e35cb], 
PUP.Optional.PriceGong.A, HKU\S-1-5-21-151135825-428247964-4109679886-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, Quarantined, [c089fd54017a70c6f0b160328979d729], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 33
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\mysearchdial, Quarantined, [d4759eb31863fc3a91172a44c1414ab6], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\mysearchdial\icons_2.17.0.1, Quarantined, [d4759eb31863fc3a91172a44c1414ab6], 
PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial, Quarantined, [60e9d37ecbb01c1a29e6e18fe81a8779], 
PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0, Quarantined, [60e9d37ecbb01c1a29e6e18fe81a8779], 
PUP.Optional.uTorrentControl.A, C:\Program Files (x86)\uTorrentControl3, Quarantined, [3c0d8ac73d3eca6c1b0f2d4760a28c74], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales\en-US, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\a9siqqfv.default\extensions\ffxtlbr@mysearchdial.com, Quarantined, [64e5d77a017a1d19abfc5123778b4ab6], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\a9siqqfv.default\extensions\ffxtlbr@mysearchdial.com\content, Quarantined, [64e5d77a017a1d19abfc5123778b4ab6], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\a9siqqfv.default\extensions\ffxtlbr@mysearchdial.com\content\imgs, Quarantined, [64e5d77a017a1d19abfc5123778b4ab6], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\a9siqqfv.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs, Quarantined, [64e5d77a017a1d19abfc5123778b4ab6], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\a9siqqfv.default\extensions\ffxtlbr@mysearchdial.com\META-INF, Quarantined, [64e5d77a017a1d19abfc5123778b4ab6], 

Files: 161
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\a9siqqfv.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi, Quarantined, [82c7d9780d6e62d4d0e3ccbaeb175ba5], 
PUP.Optional.FindRight.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{42e50651-9669-456e-9081-d5a836274274}.xpi, Quarantined, [9faa3a1788f38caa2f2fe6a7768cb44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\Mysearchdial.xml, Quarantined, [9faa272a3249e5510bb9404d2bd77090], 
PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\uninst.dat, Quarantined, [60e9d37ecbb01c1a29e6e18fe81a8779], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\install.rdf, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\.DS_Store, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\.background.jsm.swp, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\background.jsm, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\browser.xul, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\timer.jsm, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_de.json, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_en-gb.json, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_en_us.json, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_fr.json, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_he.json, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_it.json, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_pt-br.json, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_ru.json, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_tr.json, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\gallery.html, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\newtab.html, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\search.html, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\foundation.min.css, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\indicator.gif, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\Jcrop.gif, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.autocomplete.css, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.Jcrop.min.css, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.simplecolorpicker.css, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\normalize.css, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\arrow-gallery-cat-selected.png, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\arrow.png, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\emptyArea.png, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\gallery.css, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\gallery_templates.html, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\icon-gallery-search.png, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\not_available_32.png, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\plus.png, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:\Users\Moe\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\Thumbs.db, Quarantined, [3712cd84e893d5618c1a650fbe44b44c], 
PUP.Optional.MySearchDial.A, C:

Looks like MBAM solved your problem. Nothing else shows after a quick glance at logs.

Member Avatar for Moe1981

Yeah sounds like everything is gone to me as well. Thing is running smoothly right now. Thanks a lot for viewing that very long code, haha

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.