My computer is running slow and my firefox browser is redirecting to search.searchcompletion.com when i try to search for stuff. This happened after i installed some software so i could watch an online stream. it was obviously malware. i have learned my lesson! any help appreciated
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_26
Run by Carl at 16:30:05 on 2011-10-29
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.353.1033.18.892.229 [GMT 1:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\MP4 Player\Mp4Player.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files\GetRight\GetRight.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://startsear.ch/?aff=1
mStart Page = hxxp://startsear.ch/?aff=1
BHO: AutorunsDisabled - No File
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IE5BarLauncherBHO Class: {78f3a323-798e-4aea-9a57-88f4b05fd5dd} - c:\program files\vshare.tv plugin\BarLcher.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: GOM Player + Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: GOM Player + Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: VShareToolBar: {7ac3e13b-3bca-4158-b330-f66dbb03c1b5} - c:\program files\vshare.tv plugin\BarLcher.dll
uRun: [MP4 Player] "c:\program files\mp4 player\mp4Player.exe" hmw
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Eraser] "c:\progra~1\eraser\Eraser.exe" --atRestart
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
IE: Copy to Semagic - c:\program files\semagic\copy.htm
IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
IE: Download with GetRight - c:\program files\getright\GRdownload.htm
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: Open with GetRight Browser - c:\program files\getright\GRbrowse.htm
IE: Save YouTube Video as MP3
IE: Semagic - c:\program files\semagic\link.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-be ... canner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/f ... wflash.cab
TCP: DhcpNameServer = 89.101.160.4 89.101.160.5
TCP: Interfaces\{A051663B-F789-401B-9233-9C0CFBD8340C} : DhcpNameServer = 89.101.160.4 89.101.160.5
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\carl\appdata\roaming\mozilla\firefox\profiles\no7badff.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://startsear.ch/?aff=1
FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=1&src=sp&cf=67 ... dae0ab7&q=
FF - component: c:\program files\orbitdownloader\addons\oneclickyoutubedownloader\components\GrabXpcom.dll
FF - component: c:\users\carl\appdata\roaming\mozilla\firefox\profiles\no7badff.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPGetRt.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npvsharetvplg.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-3-3 66616]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-6-9 22712]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-6-9 39984]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368]
.
=============== File Associations ===============
.
regfile="regedit.exe" "%1"
.
=============== Created Last 30 ================
.
2011-10-29 15:19:54 -------- d-----w- c:\program files\vShare.tv plugin
2011-10-28 09:20:07 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{958c8662-4bbd-4ca0-b8f0-82898c069f5b}\offreg.dll
2011-10-28 09:20:01 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{958c8662-4bbd-4ca0-b8f0-82898c069f5b}\mpengine.dll
2011-10-19 03:02:17 -------- d-----w- c:\users\carl\appdata\local\Eraser 6
2011-10-16 01:23:43 -------- d-----w- c:\program files\Eraser
2011-10-13 14:41:56 -------- d-----w- c:\programdata\GetRight
2011-10-13 14:41:24 108544 ----a-w- c:\program files\mozilla firefox\plugins\NPGetRt.dll
2011-10-13 14:37:07 -------- d-----w- c:\program files\GetRight
2011-10-10 15:45:34 -------- d-sh--w- C:\found.003
2011-10-09 00:03:55 -------- d-----w- c:\users\carl\appdata\roaming\Individual Software
2011-10-09 00:00:02 -------- d-----w- c:\programdata\Individual Software
2011-10-08 23:57:47 -------- d-----w- c:\program files\ResumeMaker
2011-10-03 14:58:48 -------- d-----r- c:\program files\Skype
2011-10-03 09:14:54 83456 ----a-w- c:\program files\mozilla firefox\plugins\npvsharetvplg.dll
2011-09-30 01:19:57 -------- d-----w- c:\program files\Ask.com
2011-09-30 01:18:02 -------- d-----w- c:\program files\GRETECH
.
==================== Find3M ====================
.
2011-09-16 21:54:29 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
.
============= FINISH: 16:33:08.79 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 09/01/2009 17:26:06
System Uptime: 29/10/2011 06:45:01 (10 hours ago)
.
Motherboard: DIXONSXP | | N/A
Processor: Genuine Intel(R) CPU T1500 @ 1.86GHz | uPGA 479M | 933/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 101 GiB total, 4.44 GiB free.
E: is CDROM ()
S: is FIXED (NTFS) - 1 GiB total, 1.026 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0002
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #3
PNP Device ID: ROOT\*ISATAP\0002
Service: tunnel
.
==== System Restore Points ===================
.
RP1514: 28/10/2011 10:18:02 - Windows Update
RP1515: 29/10/2011 03:00:24 - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
AAC Decoder
Abdio Free ASF Player (Free)
Actual Spy 3.0
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
ASIO4ALL
Ask Toolbar
µTorrent
Audacity 1.2.6
AutoUpdate
Avira AntiVir Personal - Free Antivirus
Compatibility Pack for the 2007 Office system
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
Eraser 6.0.8.2273
ESET Online Scanner v3
FL Studio 9
FLV Player 2.0 (build 25)
Free CD to MP3 Converter
GetRight
GoldWave v5.25
GOM Player
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
H.264 Decoder
Hardcore
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
IL Download Manager
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 26
K-Lite Codec Pack 3.2.5 Standard
Launch
Malwarebytes' Anti-Malware version 1.51.0.1200
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
mIRC
MKV Player 2.0
MKV Splitter
Mozilla Firefox 7.0.1 (x86 en-GB)
MP4 Player
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OGA Notifier 2.0.0048.0
Ogg Codecs 0.81.15562
Orbit Downloader
PhotoScape
PoiZone
Power2Go
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
ResumeMaker Professional
Sawer
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Semagic (remove only)
SiS VGA Utilities
Skype Click to Call
Skype™ 5.5
SopCast 3.3.2
Spare Messaging
Switch Sound File Converter
Synaptics Pointing Device Driver
Toxic Biohazard
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.762
Veetle TV 0.9.18
VLC media player 1.1.10
vShare.tv plugin 1.3
WAV to MP3 Encoder
Windows Media Player Firefox Plugin
Windows Movie Maker 2.6
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
29/10/2011 06:45:26, Error: EventLog [6008] - The previous system shutdown at 04:41:14 on 29/10/2011 was unexpected.
29/10/2011 03:34:30, Error: EventLog [6008] - The previous system shutdown at 03:13:32 on 29/10/2011 was unexpected.
28/10/2011 20:52:49, Error: EventLog [6008] - The previous system shutdown at 20:42:30 on 28/10/2011 was unexpected.
28/10/2011 19:18:07, Error: EventLog [6008] - The previous system shutdown at 19:12:25 on 28/10/2011 was unexpected.
28/10/2011 00:35:05, Error: EventLog [6008] - The previous system shutdown at 21:20:31 on 27/10/2011 was unexpected.
26/10/2011 06:25:06, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
26/10/2011 01:49:50, Error: EventLog [6008] - The previous system shutdown at 01:44:17 on 26/10/2011 was unexpected.
25/10/2011 23:03:29, Error: EventLog [6008] - The previous system shutdown at 23:01:41 on 25/10/2011 was unexpected.
25/10/2011 13:05:24, Error: EventLog [6008] - The previous system shutdown at 07:27:58 on 25/10/2011 was unexpected.
25/10/2011 04:17:44, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting.
25/10/2011 04:11:12, Error: EventLog [6008] - The previous system shutdown at 02:44:39 on 25/10/2011 was unexpected.
24/10/2011 19:40:49, Error: EventLog [6008] - The previous system shutdown at 19:30:07 on 24/10/2011 was unexpected.
24/10/2011 14:08:44, Error: EventLog [6008] - The previous system shutdown at 07:12:28 on 24/10/2011 was unexpected.
23/10/2011 03:50:45, Error: Service Control Manager [7031] - The Software Licensing service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
23/10/2011 03:50:33, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
23/10/2011 03:49:14, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
22/10/2011 05:56:47, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800b0100: Update for Windows Vista (KB970430).
22/10/2011 05:43:50, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
22/10/2011 05:42:06, Error: EventLog [6008] - The previous system shutdown at 22:00:41 on 21/10/2011 was unexpected.
22/10/2011 05:41:52, Error: Microsoft-Windows-Kernel-Processor-Power [2] - Performance power management features on processor 1 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
22/10/2011 05:41:52, Error: Microsoft-Windows-Kernel-Processor-Power [2] - Performance power management features on processor 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
.
==== End Of File ===========================