~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows Vista (TM) Home Basic x86 
Ran by KLUCAS (Administrator) on Mon 03/20/2017 at 20:48:51.83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 20 

Successfully deleted: C:\Program Files\mozilla firefox\defaults\pref\itms.js (File) 
Successfully deleted: C:\ProgramData\ammyy (Folder) 
Successfully deleted: C:\Users\KLUCAS\AppData\Roaming\Mozilla\Firefox\Profiles\0uxde7hp.default\Invalidprefs.js (File) 
Successfully deleted: C:\Users\KLUCAS\AppData\Roaming\Mozilla\Firefox\Profiles\0uxde7hp.default\user.js (File) 
Successfully deleted: C:\Users\KLUCAS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1VB8DGRH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\KLUCAS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1WQSS2WK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\KLUCAS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92TH2P28 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\KLUCAS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APK2IDD6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\KLUCAS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MCITGH0N (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\KLUCAS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3X75FOQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\KLUCAS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S289O5CQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\KLUCAS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZJ3VGD0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1VB8DGRH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1WQSS2WK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92TH2P28 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APK2IDD6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MCITGH0N (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3X75FOQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S289O5CQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZJ3VGD0 (Temporary Internet Files Folder) 

Deleted the following from C:\Users\KLUCAS\AppData\Roaming\Mozilla\Firefox\Profiles\0uxde7hp.default\prefs.js
user_pref(extensions.irmysearch.cd, 2XzuyEtN2Y1L1QzutDtDtC0DtDzy0AtD00CtBzytBtGyD0CtC0BtGyCyBtBtA0Byz0EyD0D2Q);
user_pref(extensions.mysearchdial.AL, 2);
user_pref(extensions.mysearchdial.aflt, dnldstr_14_15_ff);
user_pref(extensions.mysearchdial.appId, {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8});
user_pref(extensions.mysearchdial.cd, 2XzuyEtN2Y1L1QzutDtDtC0DtDzy0AtD00CtBzytBtGyD0CtC0BtGyCyBtBtA0Byz0EyD0D2Q);
user_pref(extensions.mysearchdial.cr, 11564551);
user_pref(extensions.mysearchdial.dfltLng, );
user_pref(extensions.mysearchdial.dnsErr, true);
user_pref(extensions.mysearchdial.excTlbr, false);
user_pref(extensions.mysearchdial.id, 001D09A0FF72C06B);
user_pref(extensions.mysearchdial.instlDay, 16168);
user_pref(extensions.mysearchdial.instlRef, 140305_b);
user_pref(extensions.mysearchdial.newTabUrl, hxxp://start.mysearchdial.com/?f=2&a=dnldstr_14_15_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0DtDzy0AtD00CtBzytBtGyD0CtC0BtGyCyBtBtA0Byz0EyD0
user_pref(extensions.mysearchdial.prdct, mysearchdial);
user_pref(extensions.mysearchdial.prtnrId, mysearchdial);
user_pref(extensions.mysearchdial.srchPrvdr, Mysearchdial);
user_pref(extensions.mysearchdial.tlbrId, base);
user_pref(extensions.mysearchdial.tlbrSrchUrl, hxxp://start.mysearchdial.com/?f=3&a=dnldstr_14_15_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0DtDzy0AtD00CtBzytBtGyD0CtC0BtGyCyBtBtA0Byz0Ey
user_pref(extensions.mysearchdial.vrsn, 1.8.29.0);
user_pref(extensions.mysearchdial.vrsni, 1.8.29.0);
user_pref(extensions.mysearchdial_i.newTab, false);
user_pref(extensions.mysearchdial_i.smplGrp, none);
user_pref(extensions.mysearchdial_i.vrsnTs, 1.8.29.014:41:24);



Registry: 4 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/20/2017 at 20:50:58.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~