Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WIN 32 DOWNLOADER GEN


  • Please log in to reply
10 replies to this topic

#1 norm11

norm11

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 09 April 2013 - 10:42 AM

Hi

Spybot is picking up win 32 downloader gen but can not remove it, I try in safe mode but have the same problem. Believe i got it from downloading a old version of uttorent did not like the new one. and I realise I can not open Google earth anymore never use to have a problem. THANKS



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:24 AM

Posted 09 April 2013 - 11:10 AM

Hello, many torrents are infected.

 

Let's be sure the SPYBOT TEATIMER is disabled so it doesn't interfere.
 

  • Launch Spybot S&D, go to the Mode menu and make sure "Advanced Mode" is selected.
  • On the left hand side, click on Tools, then click on the Resident Icon in the list.
  • Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
  • Click on the "System Startup" icon in the List
  • Uncheck the "TeaTimer" box and "OK" any prompts.
  • If Teatimer gives you a warning that changes were made, click the "Allow Change" box when prompted.
  • Exit Spybot S&D when done and reboot your computer.
    (When we are done, you can re-enable Teatimer using the same steps but this time place a check next to "Resident TeaTimer" and check the "TeaTimer" box in System Startup.]

 

 

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

>>>>>

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 norm11

norm11
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 09 April 2013 - 03:32 PM

Hi boopme

Here are the reports THANKS for your help

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Owner (administrator) on 09-04-2013 at 11:18:11
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "localhost,*.local"

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com

There are 15328 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

VIA Rhine II Fast Ethernet Adapter = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
1394 Net Adapter = 1394 Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : Love

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : cg.shawcable.net



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : cg.shawcable.net

        Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter

        Physical Address. . . . . . . . . : 00-11-2F-46-1F-E1

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.104

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 192.168.0.1

        Lease Obtained. . . . . . . . . . : April 9, 2013 1:45:01 AM

        Lease Expires . . . . . . . . . . : April 10, 2013 1:45:01 AM

Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  173.194.33.38, 173.194.33.34, 173.194.33.46, 173.194.33.32
      173.194.33.33, 173.194.33.36, 173.194.33.37, 173.194.33.39, 173.194.33.41
      173.194.33.35, 173.194.33.40



Pinging google.com [173.194.33.38] with 32 bytes of data:



Reply from 173.194.33.38: bytes=32 time=26ms TTL=56

Reply from 173.194.33.38: bytes=32 time=24ms TTL=56



Ping statistics for 173.194.33.38:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 24ms, Maximum = 26ms, Average = 25ms

Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=266ms TTL=53

Reply from 206.190.36.45: bytes=32 time=362ms TTL=53



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 266ms, Maximum = 362ms, Average = 314ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 2f 46 1f e1 ...... VIA Rhine II Fast Ethernet Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.104      20
     84.0.192.232  255.255.255.255      192.168.0.1   192.168.0.104      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0    192.168.0.104   192.168.0.104      20
      192.168.0.0    255.255.255.0    192.168.0.104   192.168.0.104      20
    192.168.0.104  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255    192.168.0.104   192.168.0.104      20
        224.0.0.0        240.0.0.0    192.168.0.104   192.168.0.104      20
  255.255.255.255  255.255.255.255    192.168.0.104   192.168.0.104      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/07/2013 04:38:35 PM) (Source: CltMngSvc) (User: )
Description: CltMngSvcShutting down. (Error: 997)

Error: (04/04/2013 11:31:55 AM) (Source: Application Error) (User: )
Description: Faulting application ielogic.exe, version 6.11.2.6, faulting module nsh7d.tmp.tbmixi.dll, version 6.11.2.6, fault address 0x0026493a.
Processing media-specific event for [ielogic.exe!ws!]

Error: (04/02/2013 00:06:22 PM) (Source: Application Hang) (User: )
Description: Hanging application SpybotSD.exe, version 1.6.2.46, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/01/2013 11:27:23 AM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 19.0.2.4814, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/29/2013 05:23:47 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/03/29 17:23:47.734]: [00002264]: CUsbScnDev: DeviceIoControl Illegal response

Error: (03/23/2013 03:45:56 PM) (Source: Application Hang) (User: )
Description: Hanging application uTorrent.exe, version 3.3.0.29126, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/16/2013 04:27:27 PM) (Source: Application Hang) (User: )
Description: Hanging application uTorrent.exe, version 3.3.0.29342, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/16/2013 09:17:52 PM) (Source: Application Error) (User: )
Description: Faulting application HotFixInstaller.exe, version 9.0.40215.0, faulting module HotFixInstaller.exe, version 9.0.40215.0, fault address 0x0002ad3d.
Processing media-specific event for [HotFixInstaller.exe!ws!]

Error: (01/15/2013 00:18:31 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/01/15 11:18:31.937]: [00002552]: CUsbScnDev: DeviceIoControl Illegal response


System errors:
=============
Error: (04/08/2013 01:47:51 PM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%3

Error: (04/08/2013 01:47:51 PM) (Source: Service Control Manager) (User: )
Description: The NAVAPEL service failed to start due to the following error:
%%3

Error: (04/08/2013 01:47:51 PM) (Source: Service Control Manager) (User: )
Description: The ZoneAlarm Toolbar IswSvc service depends on the ZoneAlarm Toolbar ISWKL service which failed to start because of the following error:
%%3

Error: (04/08/2013 01:47:51 PM) (Source: Service Control Manager) (User: )
Description: The ZoneAlarm Toolbar ISWKL service failed to start due to the following error:
%%3

Error: (04/07/2013 08:34:01 PM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%3

Error: (04/07/2013 08:34:01 PM) (Source: Service Control Manager) (User: )
Description: The NAVAPEL service failed to start due to the following error:
%%3

Error: (04/07/2013 08:34:01 PM) (Source: Service Control Manager) (User: )
Description: The ZoneAlarm Toolbar IswSvc service depends on the ZoneAlarm Toolbar ISWKL service which failed to start because of the following error:
%%3

Error: (04/07/2013 08:34:01 PM) (Source: Service Control Manager) (User: )
Description: The ZoneAlarm Toolbar ISWKL service failed to start due to the following error:
%%3

Error: (04/07/2013 07:54:01 PM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%3

Error: (04/07/2013 07:54:01 PM) (Source: Service Control Manager) (User: )
Description: The NAVAPEL service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (04/07/2013 04:38:35 PM) (Source: CltMngSvc)(User: )
Description: CltMngSvcShutting down. (Error: 997)

Error: (04/04/2013 11:31:55 AM) (Source: Application Error)(User: )
Description: ielogic.exe6.11.2.6nsh7d.tmp.tbmixi.dll6.11.2.60026493a

Error: (04/02/2013 00:06:22 PM) (Source: Application Hang)(User: )
Description: SpybotSD.exe1.6.2.46hungapp0.0.0.000000000

Error: (04/01/2013 11:27:23 AM) (Source: Application Hang)(User: )
Description: firefox.exe19.0.2.4814hungapp0.0.0.000000000

Error: (03/29/2013 05:23:47 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/03/29 17:23:47.734]: [00002264]: CUsbScnDev: DeviceIoControl Illegal response

Error: (03/23/2013 03:45:56 PM) (Source: Application Hang)(User: )
Description: uTorrent.exe3.3.0.29126hungapp0.0.0.000000000

Error: (03/16/2013 04:27:27 PM) (Source: Application Hang)(User: )
Description: uTorrent.exe3.3.0.29342hungapp0.0.0.000000000

Error: (02/16/2013 09:17:52 PM) (Source: Application Error)(User: )
Description: HotFixInstaller.exe9.0.40215.0HotFixInstaller.exe9.0.40215.00002ad3d

Error: (01/15/2013 00:18:31 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/01/15 11:18:31.937]: [00002552]: CUsbScnDev: DeviceIoControl Illegal response


=========================== Installed Programs ============================

µTorrent (Version: 3.3.0.29462)
1300 (Version: 40.0.105.000)
1300_Help (Version: 40.0.105.000)
1300Tour (Version: 40.0.105.000)
1300Trb (Version: 40.0.105.000)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
ACE Mega CoDecS Pack (Version: 6.03.0911)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 2.5.1.17730)
Adobe Download Manager (Version: 1.6.2.97)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Agere Systems PCI Soft Modem
AiO_Scan (Version: 40.0.105.000)
AIOMinimal (Version: 40.0.105.000)
AiOSoftware (Version: 40.0.105.000)
Amazon Browser Bar (Version: 3.0.2012.0507)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 5.0.594.0)
AVI To MP4 Converter 1.0
Boilsoft Video Joiner 6.56
Boilsoft Video Splitter 5.21
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-J415W (Version: 1.0.3.0)
Canon Camera Access Library (Version: 8.4.0.1)
Canon Camera Support Core Library (Version: 7.3.1.6)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.3.9)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.1.0.7)
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (Version: 5.4.5.17)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities Easy-PrintToolBox
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.1.8)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.1.0.20)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)
CCleaner (Version: 4.00)
CDisplayEx 1.6
Choice Guard (Version: 1.2.87.0)
DirectXInstallService (Version: 9.0.0)
D-i-v-X AVI Codec Pack Pro 2.4.0
Easy Video Splitter 1.28
EPSON Attach To Email (Version: 1.01.0000)
EPSON Copy Utility 3 (Version: 3.3.0.0)
EPSON Event Manager (Version: 1.80.00)
EPSON Perfection V500 Photo Scanner Driver Update
EPSON Perfection V500P User's Guide
EPSON Scan
EPSON Scan Assistant (Version: 1.11.00)
ESET Online Scanner v3
Fax (Version: 40.0.105.000)
foobar2000 v1.1.1 (Version: 1.1.1)
Garmin MapSource (Version: 6.16.3)
Garmin Training Center (Version: 3.6.1)
Garmin USB Drivers (Version: 1.0.0.0)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.4.2)
Google Earth (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.135)
HP Deskjet Preloaded Printer Drivers (Version: 8.3.3.0)
HP Instant Support
HP Product Detection (Version: 11.15.0004)
HP PSC & OfficeJet 3.5 (Version: 3.5)
HP Software Update (Version: 1.0.22.20030804)
HpSdpAppCoreApp (Version: 3.00.0000)
ImgBurn (Version: 2.5.7.0)
IntelliMover Data Transfer Demo
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.3.1)
Java DB 10.5.3.0 (Version: 10.5.3.0)
Java™ 6 Update 24 (Version: 6.0.240)
Java™ SE Development Kit 6 Update 23 (Version: 1.6.0.230)
Junk Mail filter update (Version: 14.0.8064.206)
LG ODD Auto Firmware Update (Version: 9.01.1124.01)
LG USB Modem driver (Version: 1.0)
Live 6.0.1
MAGIX 3D Maker (embeded) (Version: 6.0.0.10)
MAGIX Screenshare 4.3.6.1987 (UK) (Version: 4.3.6.1987)
Malwarebytes' Anti-Malware
MapSource - Topo Canada v2 (Version: 2.00)
MapSource (Version: 5.4)
Mapwel 2012 (Version: Mapwel 2012 Build 9.6)
MemoriesOnTV 4.0.4
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Digital Image Suite 2006 (Version: 11.0.0422)
Microsoft Digital Image Suite 2006 Editor (Version: 11.0.0422)
Microsoft DirectX SDK (June 2010) (Version: 9.29.1962.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works 7.0 (Version: 07.02.0808)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 6 Enterprise Edition
Overland (Version: 2.1.4)
Panda ActiveScan 2.0 (Version: 01.04.00.0000)
PaperPort Image Printer (Version: 1.00.0000)
PrintScreen (Version: 5.35.0.035)
PS2
Python 2.2 combined Win32 extensions
Python 2.2.1 (Version: 2.2.1)
QuickTime (Version: 7.71.80.42)
Readme (Version: 40.0.105.000)
Roxio Activation Module (Version: 1.0)
Roxio Central Audio (Version: 3.6.0)
Roxio Central Copy (Version: 3.6.0)
Roxio Central Core (Version: 3.6.0)
Roxio Central Data (Version: 3.6.0)
Roxio Central Tools (Version: 3.6.0)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Easy Media Creator 10 Suite (Version: 1.0.044)
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
Safety Peak Anti-Malware (Version: 1.00.0000)
SATARaid
Scan (Version: 3.5.0.0)
ScanSoft PaperPort 11 (Version: 11.2.0000)
Segoe UI (Version: 14.0.4327.805)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 5.0 (Version: 5.0.0)
SUPERAntiSpyware (Version: 4.43.1000)
Syncios version 2.0.2 (Version: 2.0.2)
Toolkit View(HP)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB953356) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC 9.0 Runtime (Version: 1.0.0)
VIA Rhine-Family Fast Ethernet Adapter
VIA/S3G Display Driver
VLC media player 2.0.5 (Version: 2.0.5)
WebFldrs XP (Version: 9.50.6513)
WinAVI Video Converter
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0017.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Mail (Version: 14.0.8064.0206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Live OneCare safety scanner
Windows Live Photo Gallery (Version: 14.0.8064.206)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition Screen Saver Screen Saver
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 1471.48 MB
Available physical RAM: 857.44 MB
Total Pagefile: 1997.06 MB
Available Pagefile: 1621.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.27 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:69.75 GB) (Free:25.43 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:4.79 GB) (Free:0.67 GB) FAT32
4 Drive f: (230 Gig Hardrive) (Fixed) (Total:232.88 GB) (Free:232.47 GB) NTFS
5 Drive g: (My Book) (Fixed) (Total:465.65 GB) (Free:304.16 GB) FAT32
6 Drive h: (New Volume) (Fixed) (Total:931.51 GB) (Free:764 GB) NTFS

========================= Users: ========================================

User accounts for \\LOVE

Administrator            ASPNET                   Guest                    
HelpAssistant            Owner                    SUPPORT_388945a0         
SUPPORT_fddfa904         

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 

# AdwCleaner v2.200 - Logfile created 04/09/2013 at 11:26:30
# Updated 02/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - LOVE
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nvcdsbrh.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R3].txt - [698 octets] - [09/04/2013 11:26:30]

########## EOF - C:\AdwCleaner[R3].txt - [757 octets] ##########
 

 

C:\Program Files\Mozilla Firefox\components\sprotector.js    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP1\A0000091.exe    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP1\A0000092.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP1\A0000093.exe    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP1\A0000202.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP1\A0000203.exe    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP1\A0000204.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP1\A0000205.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP2\A0000414.exe    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP2\A0000417.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP2\A0000418.exe    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000501.dll    a variant of Win32/Toolbar.CrossRider.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000505.exe    Win32/Toolbar.CrossRider.B application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000506.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000507.exe    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000508.exe    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000509.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000510.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000513.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000514.exe    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000540.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000541.exe    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000542.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP3\A0000543.dll    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:24 AM

Posted 09 April 2013 - 10:21 PM

You're welcome Norm... we need to do a couple things after ESET.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 norm11

norm11
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 10 April 2013 - 10:35 AM

OK



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:24 AM

Posted 10 April 2013 - 07:09 PM

Go into Control Panel>>Add/Remove

Remove these


Java™ 6 Update 24 (Version: 6.0.240)

These can stay if you use them.

Java DB 10.5.3.0 (Version: 10.5.3.0)
Java™ SE Development Kit 6 Update 23 (Version: 1.6.0.230)

 

Reboot

install Version 7 Update 17

 

Also update to Adobe Reader XI

 

 

How is it now??


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 norm11

norm11
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 11 April 2013 - 12:29 PM

Thanks very good but still can't open Google earth keep asking me to upgrade directX mode and it is upgrade , but over all very fast and work very good. THANKS



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:24 AM

Posted 11 April 2013 - 09:01 PM

Try Uninstalling Google Earth , reboot and Reinstall it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 norm11

norm11
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 12 April 2013 - 12:24 PM

Yes try that before same problem. THANKS boopme



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:24 AM

Posted 12 April 2013 - 01:51 PM

Lets do a little cleanup and see...

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 norm11

norm11
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 13 April 2013 - 11:52 AM

THANK  boopme






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users