well over a month ago, I caught this virus a couple of times and thought I had it successfully removed. the computer has been running fine. at least it is not popping up anymore. after downloading the most recent updates, I ran spybot last night (version 1.6.2.46) and fakeporn.winlock, kind labeled as trojanc-03, appeared under problems. log as follows.

FakePorn.Winlock: [SBI $A7055E90] Executable (File, nothing done)
C:\Users\Owner\AppData\Roaming\skype.dat
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2012-06-14 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2013-04-11 Includes\Adware.sbi (*)
2013-10-08 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2013-04-11 Includes\DialerC.sbi (*)
2013-04-11 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2013-04-11 Includes\HijackersC.sbi (*)
2013-10-16 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2013-04-11 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-10-01 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-10-08 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2013-04-11 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2012-11-19 Includes\Tracks.uti
2013-01-16 Includes\Trojans.sbi (*)
2013-08-13 Includes\TrojansC-02.sbi (*)
2013-10-07 Includes\TrojansC-03.sbi (*)
2013-10-16 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-04-19 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll


when I clicked fix selected problems, I got a message saying "unexpected error in fixing problem (cannot create file "c:\windows\wininit.ini" access is denied)" the expanded window says (sbi $a7055e90) executable c:\users\owner\appdata\roaming\skype.dat, kind is labeled as file. erunt has been downloaded and run. attach is zipped and attached. dds is as follows. I think this is everything requested. your assistance is appreciated.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.25.2
Run by Owner at 9:52:19 on 2013-10-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1918.800 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopConnect.exe
C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
C:\Windows\STK03N\STK03NM.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.wascals.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [CrossLoop] "C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopConnect.exe" -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.crossloop.com -webservice=www.crossloop.com -startup=server -minimize
uRun: [cdloader] "C:\Users\Owner\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
mRun: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STK03N~1.LNK - C:\Windows\STK03N\STK03NM.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:3
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0549DBFB-F6FB-44A1-B11E-1444476B2D27} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0549DBFB-F6FB-44A1-B11E-1444476B2D27}\2375942554132303 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0549DBFB-F6FB-44A1-B11E-1444476B2D27}\237594255413230316 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0549DBFB-F6FB-44A1-B11E-1444476B2D27}\2375942554133373 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0549DBFB-F6FB-44A1-B11E-1444476B2D27}\2456C6B696E6F5730373368383 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{96EA3375-554B-4601-90C2-19726E0FF3FE} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\822\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\kwhmbeuw.default\
FF - prefs.js: browser.search.selectedEngine - Dogpile
FF - prefs.js: browser.startup.homepage - hxxp://www.wascals.com
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\thinkTDA\npthinkorswim.dll
FF - plugin: C:\Program Files (x86)\thinkTDA\nptossc.dll
FF - plugin: C:\Program Files\Vividas\Player\npVividasPlayer.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2012-6-9 25312]
R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\Windows\System32\drivers\jswpslwfx.sys [2012-6-9 26624]
R2 CrossLoopService;CrossLoop Service;C:\Users\Owner\AppData\Local\CrossLoop\CrossLoopService.exe [2012-7-19 569072]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-2-18 462632]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 139616]
R2 WSWNA1100;WSWNA1100;C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [2012-6-9 266240]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2012-6-9 1924096]
S3 CGVPNCliSrvc;CyberGhost VPN Client;C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2012-11-3 2438696]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup;C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [2012-6-9 960992]
S3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\System32\drivers\NMgamingms.sys [2009-7-24 11264]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-6-11 59392]
S3 tvnserver;TightVNC Server;C:\Users\Owner\AppData\Local\CrossLoop\tvnserver.exe [2012-7-19 814080]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-8 1255736]
.
=============== Created Last 30 ================
.
2013-10-20 13:31:31 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D3DBF6DB-75A8-4DF4-93D8-7A7F55012EDA}\mpengine.dll
2013-10-19 13:35:02 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FEBEBF7-28DC-43FA-9120-43233453EC06}\gapaengine.dll
2013-10-19 13:34:29 10280728 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-09 10:11:25 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-09 10:10:59 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-10-09 10:10:59 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-10-09 10:10:59 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-10-09 10:10:59 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-10-09 10:10:59 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-10-09 10:10:58 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-10-09 10:10:58 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-10-09 06:24:22 17813896 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-10-01 12:53:51 -------- d-----w- C:\Users\Owner\AppData\Local\Corel
2013-10-01 12:51:00 -------- d-----w- C:\Program Files (x86)\Corel
2013-09-27 14:15:19 -------- d-----w- C:\Users\Owner\AppData\Local\Wondershare
2013-09-27 14:15:17 -------- d-----w- C:\Program Files (x86)\Common Files\Wondershare
2013-09-27 14:14:50 -------- d-----w- C:\Users\Owner\AppData\Roaming\Wondershare
2013-09-27 14:14:42 -------- d-----w- C:\Program Files (x86)\Wondershare
.
==================== Find3M ====================
.
2013-10-09 06:24:43 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 06:24:43 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
.
============= FINISH: 9:54:32.89 ===============

:welcome:

Sorry for the delay, sometimes a thread or two falls through cracks, but i am with you now.

Looks like it may be in Skype


BitTorrent

P2P (File Sharing ) programs form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P program is not configured correctly you may be sharing more files than you realize. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.

Many of the programs come bundled with other unwanted programs, but even the ones free of any bundled software are not safe to use.

When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.


This article from InfoWorld illustrates the dangers of a poorly configured P2P program.
http://www.infoworld.com/article/07/09/06/...ID-theft_1.html (http://www.infoworld.com/article/07/09/06/Seattle-man-arrested-for-p-to-p-ID-theft_1.html)





Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)


Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please



OTL by OldTimer

Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Still need help or have you resolved this issue ??

Due to inactivity, this thread will now be closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.