cannot remove Win32.downloader malware

**halibrewer** · 2014-02-04, 10:14

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-04 00:24 - 2014-02-04 00:24 - 02347384 _____ (ESET) C:\Users\H\Desktop\esetsmartinstaller_enu.exe
2014-02-03 21:18 - 2014-02-03 21:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-03 21:02 - 2014-02-03 21:02 - 00003336 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2413547309-3373987886-2876452647-1000
2014-02-03 21:02 - 2014-02-03 21:02 - 00003194 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2413547309-3373987886-2876452647-1000
2014-02-03 20:46 - 2014-02-03 20:46 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-03 20:46 - 2014-02-03 20:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-03 20:41 - 2014-02-04 08:43 - 00003358 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2413547309-3373987886-2876452647-1000
2014-02-03 20:35 - 2014-02-03 20:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\H\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-03 19:33 - 2014-02-03 19:33 - 00036172 _____ () C:\Users\H\Desktop\Addition.txt
2014-02-03 19:32 - 2014-02-04 09:07 - 00036021 _____ () C:\Users\H\Desktop\FRST.txt
2014-02-03 19:32 - 2014-02-04 09:07 - 00000000 ____D () C:\FRST
2014-02-03 19:31 - 2014-02-03 19:31 - 02080256 _____ (Farbar) C:\Users\H\Desktop\FRST64.exe
2014-02-03 19:27 - 2014-02-03 19:27 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HALIMAB-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-03 19:25 - 2014-02-03 19:25 - 00000000 ____D () C:\RegBackup
2014-02-03 19:24 - 2014-02-03 19:24 - 00002251 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-02-03 19:24 - 2014-02-03 19:24 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-02-03 19:19 - 2014-02-03 19:19 - 03936992 _____ () C:\Users\H\Desktop\tweaking.com_registry_backup_setup.exe
2014-02-03 19:09 - 2014-02-04 09:04 - 00000000 ____D () C:\Users\H\Desktop\spybot tools from forum
2014-02-03 19:05 - 2014-02-03 19:07 - 00000000 ____D () C:\Users\H\Desktop\various
2014-02-03 18:50 - 2014-02-04 08:43 - 00003216 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2413547309-3373987886-2876452647-1000
2014-02-03 18:23 - 2014-02-03 18:23 - 00000000 ____D () C:\Windows\ERUNT
2014-02-03 17:43 - 2014-02-03 21:00 - 00027920 _____ () C:\Windows\PFRO.log
2014-02-03 17:38 - 2014-02-03 17:42 - 00000000 ____D () C:\AdwCleaner
2014-02-03 08:58 - 2014-02-04 08:47 - 00000000 ____D () C:\Windows\ERDNT
2014-02-03 08:56 - 2014-02-03 08:56 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-02-02 13:35 - 2014-02-04 08:42 - 00001120 _____ () C:\Windows\setupact.log
2014-02-02 13:35 - 2014-02-02 13:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 10:24 - 2014-02-02 10:24 - 00450712 ____R () C:\Windows\system32\Drivers\etc\hosts.20140202-102447.backup
2014-02-02 10:24 - 2014-02-02 10:23 - 00450712 ____R () C:\Windows\system32\Drivers\etc\hosts.20140202-102434.backup
2014-02-02 10:23 - 2014-02-02 10:22 - 00450712 ____R () C:\Windows\system32\Drivers\etc\hosts.20140202-102303.backup
2014-01-27 16:37 - 2014-01-27 16:37 - 00002962 _____ () C:\Windows\System32\Tasks\{25C68268-E81B-4740-8445-A0E990FDEBF4}
2014-01-27 16:37 - 2014-01-27 16:37 - 00002962 _____ () C:\Windows\System32\Tasks\{01CE5DFF-93BC-433A-A3A2-AD28A565E4CC}
2014-01-27 16:36 - 2014-01-27 16:36 - 00002962 _____ () C:\Windows\System32\Tasks\{4811AC6E-E0BA-42D1-AE43-79B6A205DA26}
2014-01-27 16:30 - 2014-01-27 16:30 - 00000000 ____D () C:\Users\H\New folder
2014-01-27 16:29 - 2014-01-27 18:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-27 16:07 - 2014-01-27 16:07 - 00002962 _____ () C:\Windows\System32\Tasks\{3C68EB6A-E311-4A85-9BB8-3A43DAC36A9A}
2014-01-27 16:05 - 2014-01-27 16:05 - 00002962 _____ () C:\Windows\System32\Tasks\{C8BC8C04-C892-4F10-AC08-EE3F6DDDF68A}
2014-01-27 16:03 - 2014-01-27 16:03 - 00002962 _____ () C:\Windows\System32\Tasks\{EC44D2C3-C8F6-40EE-93F5-97CDDAA88076}
2014-01-27 15:43 - 2014-01-27 15:43 - 00282992 _____ (Mozilla) C:\Users\H\Downloads\Firefox Setup Stub 26.0.exe
2014-01-27 15:19 - 2014-01-27 15:19 - 00002044 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-27 15:19 - 2014-01-27 15:19 - 00001984 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-01-27 15:18 - 2014-01-27 15:18 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-27 15:17 - 2014-01-27 15:17 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-27 15:10 - 2014-02-04 07:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-27 15:10 - 2014-01-27 15:10 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-27 15:10 - 2014-01-27 15:10 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-27 12:34 - 2014-01-27 12:34 - 00000000 ___HD () C:\Users\H\AppData\Roaming\AVAST Software
2014-01-27 12:28 - 2014-01-27 12:28 - 00000000 ____D () C:\Program Files\AVAST Software
2014-01-27 12:27 - 2014-01-27 12:27 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-01-25 18:06 - 2014-01-25 18:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-25 18:06 - 2014-01-25 18:06 - 00000000 ____D () C:\Program Files\iTunes
2014-01-25 18:06 - 2014-01-25 18:06 - 00000000 ____D () C:\Program Files\iPod
2014-01-25 18:06 - 2014-01-25 18:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-25 18:04 - 2014-01-25 18:04 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-01-25 18:04 - 2014-01-25 18:04 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-01-25 18:03 - 2014-01-25 18:03 - 00000000 ____D () C:\Program Files\Bonjour
2014-01-25 18:03 - 2014-01-25 18:03 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-01-25 17:52 - 2014-01-25 17:55 - 148904784 _____ (Apple Inc.) C:\Users\H\Downloads\iTunes64Setup.exe
2014-01-25 09:55 - 2014-01-25 09:55 - 05341472 _____ (Dll-Files.com ) C:\Users\H\Downloads\dffsetup-msvcr80.exe
2014-01-20 17:26 - 2014-01-20 17:27 - 00000017 _____ () C:\Windows\SysWOW64\shortcut_ex.dat
2014-01-20 09:58 - 2014-01-20 10:27 - 00000000 ___HD () C:\Users\H\AppData\Local\LogMeIn Rescue Applet
2014-01-17 18:50 - 2014-01-27 14:48 - 00000000 ____D () C:\Users\H\AppData\Roaming\Oxford University Press
2014-01-17 18:50 - 2014-01-17 18:50 - 00000000 ___HD () C:\Users\H\AppData\Local\Oxford University Press
2014-01-17 18:09 - 2014-01-17 18:09 - 00001629 _____ () C:\Users\Public\Desktop\English File third edition Elementary.lnk
2014-01-17 18:08 - 2014-01-17 18:08 - 00000000 ____D () C:\Program Files (x86)\Oxford University Press
2014-01-16 01:51 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-16 01:50 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-16 01:50 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-16 01:50 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-16 01:49 - 2014-01-16 01:50 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-15 08:56 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 08:56 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 08:56 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 08:56 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 08:56 - 2013-11-27 01:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 08:56 - 2013-11-27 01:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 08:56 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 08:55 - 2013-11-26 11:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 08:55 - 2013-11-26 10:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 07:59 - 2014-01-27 14:58 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 19:23 - 2014-01-06 19:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr

==================== One Month Modified Files and Folders =======

2014-02-04 09:07 - 2014-02-03 19:32 - 00036021 _____ () C:\Users\H\Desktop\FRST.txt
2014-02-04 09:07 - 2014-02-03 19:32 - 00000000 ____D () C:\FRST
2014-02-04 09:07 - 2012-02-04 10:55 - 00000296 _____ () C:\Windows\Tasks\PrintProjects Communicator.job
2014-02-04 09:04 - 2014-02-03 19:09 - 00000000 ____D () C:\Users\H\Desktop\spybot tools from forum
2014-02-04 08:59 - 2011-12-24 14:26 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2413547309-3373987886-2876452647-1000UA.job
2014-02-04 08:52 - 2009-07-14 04:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 08:52 - 2009-07-14 04:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 08:47 - 2014-02-03 08:58 - 00000000 ____D () C:\Windows\ERDNT
2014-02-04 08:47 - 2012-04-05 06:43 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-04 08:47 - 2010-10-13 06:22 - 01454923 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 08:43 - 2014-02-03 20:41 - 00003358 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2413547309-3373987886-2876452647-1000
2014-02-04 08:43 - 2014-02-03 18:50 - 00003216 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2413547309-3373987886-2876452647-1000
2014-02-04 08:42 - 2014-02-02 13:35 - 00001120 _____ () C:\Windows\setupact.log
2014-02-04 08:42 - 2011-05-31 18:08 - 00000000 ____D () C:\ProgramData\Kodak
2014-02-04 08:42 - 2010-12-20 07:02 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-04 08:41 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 08:36 - 2010-12-20 07:02 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-04 07:54 - 2014-01-27 15:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-04 07:54 - 2012-11-21 16:49 - 00000912 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2413547309-3373987886-2876452647-1000UA.job
2014-02-04 01:35 - 2013-01-25 10:30 - 00000000 ____D () C:\Users\H\Documents\karim
2014-02-04 01:35 - 2012-04-04 15:22 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-02-04 00:24 - 2014-02-04 00:24 - 02347384 _____ (ESET) C:\Users\H\Desktop\esetsmartinstaller_enu.exe
2014-02-03 23:59 - 2011-12-24 14:26 - 00000840 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2413547309-3373987886-2876452647-1000Core.job
2014-02-03 21:18 - 2014-02-03 21:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-03 21:02 - 2014-02-03 21:02 - 00003336 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2413547309-3373987886-2876452647-1000
2014-02-03 21:02 - 2014-02-03 21:02 - 00003194 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2413547309-3373987886-2876452647-1000
2014-02-03 21:00 - 2014-02-03 17:43 - 00027920 _____ () C:\Windows\PFRO.log
2014-02-03 20:46 - 2014-02-03 20:46 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-03 20:46 - 2014-02-03 20:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-03 20:35 - 2014-02-03 20:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\H\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-03 19:33 - 2014-02-03 19:33 - 00036172 _____ () C:\Users\H\Desktop\Addition.txt
2014-02-03 19:31 - 2014-02-03 19:31 - 02080256 _____ (Farbar) C:\Users\H\Desktop\FRST64.exe
2014-02-03 19:27 - 2014-02-03 19:27 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HALIMAB-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-03 19:25 - 2014-02-03 19:25 - 00000000 ____D () C:\RegBackup
2014-02-03 19:24 - 2014-02-03 19:24 - 00002251 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-02-03 19:24 - 2014-02-03 19:24 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-02-03 19:19 - 2014-02-03 19:19 - 03936992 _____ () C:\Users\H\Desktop\tweaking.com_registry_backup_setup.exe
2014-02-03 19:08 - 2013-06-13 20:06 - 00000000 ____D () C:\Users\H\Documents\Media Go
2014-02-03 19:07 - 2014-02-03 19:05 - 00000000 ____D () C:\Users\H\Desktop\various
2014-02-03 19:07 - 2013-01-25 10:26 - 00000000 ____D () C:\Users\H\Desktop\greensquare
2014-02-03 19:06 - 2013-11-23 18:59 - 00000000 ____D () C:\Users\H\Desktop\Crisis and CIEH
2014-02-03 18:46 - 2010-08-03 06:07 - 00000000 ____D () C:\ProgramData\Norton
2014-02-03 18:23 - 2014-02-03 18:23 - 00000000 ____D () C:\Windows\ERUNT
2014-02-03 17:50 - 2009-07-14 05:13 - 00727334 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-03 17:42 - 2014-02-03 17:38 - 00000000 ____D () C:\AdwCleaner
2014-02-03 17:32 - 2012-02-28 20:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-03 16:54 - 2012-11-21 16:49 - 00000890 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2413547309-3373987886-2876452647-1000Core.job
2014-02-03 08:56 - 2014-02-03 08:56 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-02-03 08:56 - 2010-12-20 02:27 - 00000000 ___RD () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-02 19:47 - 2012-04-05 06:43 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-02 19:47 - 2012-04-05 06:43 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-02 19:47 - 2011-06-02 17:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-02 13:35 - 2014-02-02 13:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 10:24 - 2014-02-02 10:24 - 00450712 ____R () C:\Windows\system32\Drivers\etc\hosts.20140202-102447.backup
2014-02-02 10:23 - 2014-02-02 10:24 - 00450712 ____R () C:\Windows\system32\Drivers\etc\hosts.20140202-102434.backup
2014-02-02 10:22 - 2014-02-02 10:23 - 00450712 ____R () C:\Windows\system32\Drivers\etc\hosts.20140202-102303.backup
2014-01-31 16:39 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-27 22:35 - 2010-12-20 23:02 - 00000000 ____D () C:\Users\H\AppData\Local\Apple
2014-01-27 18:07 - 2014-01-27 16:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-27 16:37 - 2014-01-27 16:37 - 00002962 _____ () C:\Windows\System32\Tasks\{25C68268-E81B-4740-8445-A0E990FDEBF4}
2014-01-27 16:37 - 2014-01-27 16:37 - 00002962 _____ () C:\Windows\System32\Tasks\{01CE5DFF-93BC-433A-A3A2-AD28A565E4CC}
2014-01-27 16:36 - 2014-01-27 16:36 - 00002962 _____ () C:\Windows\System32\Tasks\{4811AC6E-E0BA-42D1-AE43-79B6A205DA26}
2014-01-27 16:30 - 2014-01-27 16:30 - 00000000 ____D () C:\Users\H\New folder
2014-01-27 16:29 - 2013-12-20 23:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-27 16:07 - 2014-01-27 16:07 - 00002962 _____ () C:\Windows\System32\Tasks\{3C68EB6A-E311-4A85-9BB8-3A43DAC36A9A}
2014-01-27 16:05 - 2014-01-27 16:05 - 00002962 _____ () C:\Windows\System32\Tasks\{C8BC8C04-C892-4F10-AC08-EE3F6DDDF68A}
2014-01-27 16:04 - 2011-02-27 18:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-27 16:03 - 2014-01-27 16:03 - 00002962 _____ () C:\Windows\System32\Tasks\{EC44D2C3-C8F6-40EE-93F5-97CDDAA88076}
2014-01-27 15:43 - 2014-01-27 15:43 - 00282992 _____ (Mozilla) C:\Users\H\Downloads\Firefox Setup Stub 26.0.exe
2014-01-27 15:19 - 2014-01-27 15:19 - 00002044 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-27 15:19 - 2014-01-27 15:19 - 00001984 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-01-27 15:18 - 2014-01-27 15:18 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-27 15:17 - 2014-01-27 15:17 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-27 15:10 - 2014-01-27 15:10 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-27 15:10 - 2014-01-27 15:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-27 14:59 - 2013-12-29 11:15 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-01-27 14:59 - 2013-03-10 16:53 - 00000000 ___SD () C:\Users\H\Google Drive
2014-01-27 14:59 - 2012-02-04 12:44 - 00000000 ___RD () C:\Users\H\Dropbox
2014-01-27 14:59 - 2011-11-02 08:05 - 00000000 ____D () C:\Windows\system32\Drivers\MCLIENTx64
2014-01-27 14:59 - 2011-01-07 19:49 - 00000000 ____D () C:\Users\H\Downloads\Tor Browser
2014-01-27 14:59 - 2010-08-03 06:07 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-01-27 14:58 - 2014-01-07 07:59 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-27 14:58 - 2014-01-04 16:50 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-01-27 14:58 - 2013-10-23 16:28 - 00000000 ____D () C:\Users\H\Downloads\OpenOffice 4.0.1 (en-US) Installation Files
2014-01-27 14:58 - 2013-09-22 09:59 - 00000000 ____D () C:\Users\H\Documents\Data from Baoji University Arts and Sciiences Advance Knowledge in Nanoelectronics and Optoelectronics - HispanicBusiness.com_files
2014-01-27 14:58 - 2013-07-28 13:53 - 00000000 ____D () C:\Users\H\Downloads\OpenOffice 4.0.0 (en-US) Installation Files
2014-01-27 14:58 - 2013-06-14 08:13 - 00000000 ____D () C:\Users\H\AppData\Local\Viber
2014-01-27 14:58 - 2013-05-30 11:43 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2014-01-27 14:58 - 2013-05-30 11:05 - 00000000 ____D () C:\Users\H\AppData\Roaming\Scribus
2014-01-27 14:58 - 2013-05-16 18:32 - 00000000 ____D () C:\Users\H\Documents\Old Firefox Data
2014-01-27 14:58 - 2013-04-07 11:33 - 00000000 ____D () C:\Users\H\AppData\Roaming\vlc
2014-01-27 14:58 - 2012-12-04 07:27 - 00000000 ____D () C:\Users\H\AppData\Roaming\ICAClient
2014-01-27 14:58 - 2012-10-15 05:55 - 00000000 ____D () C:\Users\H\Downloads\OpenOffice.org 3.4.1 (en-US) Installation Files
2014-01-27 14:58 - 2012-09-28 09:51 - 00000000 ____D () C:\Users\H\AppData\Roaming\SMART Technologies
2014-01-27 14:58 - 2012-07-12 15:19 - 00000000 ____D () C:\Users\H\Downloads\OpenOffice.org 3.4 (en-US) Installation Files
2014-01-27 14:58 - 2012-07-04 07:58 - 00000000 ____D () C:\Users\H\AppData\Local\{BD52D38F-4F0D-4325-BB9E-32223CCB54AA}
2014-01-27 14:58 - 2012-06-29 05:14 - 00000000 ____D () C:\Users\H\Documents\computer and tech stuff
2014-01-27 14:58 - 2012-03-23 08:37 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Cloud Networks
2014-01-27 14:58 - 2012-03-23 08:37 - 00000000 ____D () C:\Users\H\AppData\Local\The_Cloud_Networks
2014-01-27 14:58 - 2012-03-04 19:58 - 00000000 ____D () C:\Users\H\Downloads\iolo
2014-01-27 14:58 - 2012-02-24 22:02 - 00000000 ___RD () C:\Users\H\Documents\Insync
2014-01-27 14:58 - 2012-02-24 22:00 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Insync
2014-01-27 14:58 - 2012-02-15 01:34 - 00000000 ____D () C:\Users\H\AppData\Local\{FFFA2FB9-4857-4475-8379-F36343DA5801}
2014-01-27 14:58 - 2012-02-04 12:42 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-27 14:58 - 2012-02-04 11:20 - 00000000 ____D () C:\Users\H\Documents\greensquare_brain
2014-01-27 14:58 - 2011-12-24 14:25 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-01-27 14:58 - 2011-11-18 10:42 - 00000000 ____D () C:\Users\H\AppData\Roaming\ASUS WebStorage
2014-01-27 14:58 - 2011-11-09 08:43 - 00000000 ____D () C:\Users\H\AppData\Local\{485D00B3-DB2C-480C-A96B-106D9BBEF1D9}
2014-01-27 14:58 - 2011-11-01 17:34 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-01-27 14:58 - 2011-09-29 09:43 - 00000000 ____D () C:\Users\H\Documents\ESOL
2014-01-27 14:58 - 2011-05-07 01:53 - 00000000 ____D () C:\Users\H\Downloads\DeDRM_WinApp_v1.8
2014-01-27 14:58 - 2011-03-21 06:19 - 00000000 ____D () C:\Users\H\Downloads\OpenOffice.org 3.3 (en-US) Installation Files
2014-01-27 14:58 - 2011-03-20 21:18 - 00000000 ____D () C:\Users\H\AppData\Roaming\Tor
2014-01-27 14:58 - 2011-03-11 18:16 - 00000000 ____D () C:\Users\H\Documents\kindle docs
2014-01-27 14:58 - 2011-03-01 20:08 - 00000000 ____D () C:\Users\H\AppData\Roaming\Spotify
2014-01-27 14:58 - 2011-02-12 08:31 - 00000000 ____D () C:\Users\H\AppData\Roaming\Real
2014-01-27 14:58 - 2010-12-22 08:50 - 00000000 ____D () C:\Users\H\Downloads\avast
2014-01-27 14:58 - 2010-12-21 06:00 - 00000000 ____D () C:\Users\H\AppData\Roaming\SNS
2014-01-27 14:58 - 2010-12-20 07:02 - 00000000 ____D () C:\Users\H\AppData\Roaming\Skype
2014-01-27 14:58 - 2010-12-20 04:32 - 00000000 ____D () C:\Users\H\AppData\Roaming\Thunderbird
2014-01-27 14:58 - 2010-12-20 04:25 - 00000000 ____D () C:\Users\H\AppData\Roaming\Mozilla
2014-01-27 14:58 - 2010-12-20 04:14 - 00000000 ____D () C:\Users\H\AppData\Roaming\Google
2014-01-27 14:58 - 2010-12-20 02:27 - 00000000 ___RD () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-27 14:58 - 2010-12-20 02:26 - 00000000 ___RD () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-27 14:58 - 2010-12-20 02:26 - 00000000 ___RD () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-27 14:58 - 2010-12-19 22:27 - 00000000 ____D () C:\Users\H\Documents\redist
2014-01-27 14:58 - 2010-12-19 22:25 - 00000000 ____D () C:\Users\H\Documents\inserts for docs
2014-01-27 14:57 - 2011-11-02 08:05 - 00000000 ____D () C:\Program Files (x86)\Norton Management
2014-01-27 14:57 - 2010-08-03 06:34 - 00000000 ___HD () C:\OEM
2014-01-27 14:57 - 2010-08-03 06:05 - 00000000 ____D () C:\ProgramData\Symantec
2014-01-27 14:57 - 2010-08-03 06:05 - 00000000 ____D () C:\Program Files (x86)\Symantec
2014-01-27 14:57 - 2010-08-03 05:46 - 00000000 ____D () C:\Intel
2014-01-27 14:54 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\registration
2014-01-27 14:52 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2014-01-27 14:49 - 2010-12-19 22:26 - 00000000 ____D () C:\Users\H\Documents\ptlls
2014-01-27 14:48 - 2014-01-17 18:50 - 00000000 ____D () C:\Users\H\AppData\Roaming\Oxford University Press
2014-01-27 14:48 - 2013-07-28 14:08 - 00000000 ____D () C:\Users\H\AppData\Roaming\OpenOffice
2014-01-27 14:48 - 2012-07-08 14:07 - 00000000 ____D () C:\Users\H\AppData\Roaming\RealNetworks
2014-01-27 14:48 - 2012-02-04 11:42 - 00000000 ____D () C:\Users\H\AppData\Roaming\XMind
2014-01-27 14:48 - 2012-01-12 10:02 - 00000000 ____D () C:\Users\H\Documents\ESOL EFL CD
2014-01-27 14:48 - 2012-01-08 10:51 - 00000000 ____D () C:\Users\H\Documents\New folder
2014-01-27 14:48 - 2011-11-08 10:48 - 00000000 ____D () C:\Users\H\AppData\Roaming\SoftGrid Client
2014-01-27 14:48 - 2011-10-20 20:39 - 00000000 ____D () C:\Users\H\Documents\Fax
2014-01-27 14:48 - 2011-04-26 18:43 - 00000000 ____D () C:\Users\H\AppData\Roaming\Transparent
2014-01-27 14:48 - 2011-01-25 03:21 - 00000000 ____D () C:\Users\H\Documents\CLASSWORK
2014-01-27 14:48 - 2010-12-21 04:15 - 00000000 ____D () C:\Users\H\AppData\Roaming\Trusteer
2014-01-27 14:48 - 2010-12-20 04:51 - 00000000 ____D () C:\Users\H\AppData\Roaming\OpenOffice.org
2014-01-27 14:48 - 2010-12-19 22:26 - 00000000 ____D () C:\Users\H\Documents\javamail-1.4.3
2014-01-27 14:46 - 2013-11-21 21:19 - 00000000 ____D () C:\Users\H\AppData\Local\TomTom
2014-01-27 14:46 - 2012-02-24 22:00 - 00000000 ____D () C:\Users\H\AppData\Roaming\Insync
2014-01-27 14:46 - 2012-02-04 12:41 - 00000000 ____D () C:\Users\H\AppData\Roaming\Dropbox
2014-01-27 14:46 - 2011-04-21 06:20 - 00000000 ____D () C:\Users\H\AppData\Local\Trusteer
2014-01-27 14:46 - 2010-12-22 23:46 - 00000000 ____D () C:\Users\H\AppData\Roaming\Hemera
2014-01-27 14:46 - 2010-12-20 04:03 - 00000000 ____D () C:\Users\H\AppData\Roaming\Adobe
2014-01-27 14:46 - 2010-12-20 02:27 - 00000000 ____D () C:\Users\H\AppData\Roaming\Macromedia
2014-01-27 14:46 - 2010-12-20 02:27 - 00000000 ____D () C:\Users\H\AppData\Local\VirtualStore
2014-01-27 14:43 - 2011-02-12 08:42 - 00000000 ____D () C:\ProgramData\Real
2014-01-27 12:34 - 2014-01-27 12:34 - 00000000 ___HD () C:\Users\H\AppData\Roaming\AVAST Software
2014-01-27 12:28 - 2014-01-27 12:28 - 00000000 ____D () C:\Program Files\AVAST Software
2014-01-27 12:27 - 2014-01-27 12:27 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-01-25 18:06 - 2014-01-25 18:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-25 18:06 - 2014-01-25 18:06 - 00000000 ____D () C:\Program Files\iTunes
2014-01-25 18:06 - 2014-01-25 18:06 - 00000000 ____D () C:\Program Files\iPod
2014-01-25 18:06 - 2014-01-25 18:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-25 18:04 - 2014-01-25 18:04 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-01-25 18:04 - 2014-01-25 18:04 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-01-25 18:03 - 2014-01-25 18:03 - 00000000 ____D () C:\Program Files\Bonjour
2014-01-25 18:03 - 2014-01-25 18:03 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-01-25 18:02 - 2010-12-20 23:02 - 00000000 ____D () C:\ProgramData\Apple
2014-01-25 17:55 - 2014-01-25 17:52 - 148904784 _____ (Apple Inc.) C:\Users\H\Downloads\iTunes64Setup.exe
2014-01-25 17:32 - 2011-02-27 14:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-01-25 09:55 - 2014-01-25 09:55 - 05341472 _____ (Dll-Files.com ) C:\Users\H\Downloads\dffsetup-msvcr80.exe
2014-01-23 08:29 - 2010-12-20 23:04 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Apple Computer
2014-01-22 20:37 - 2010-12-21 04:15 - 00316312 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2014-01-20 17:27 - 2014-01-20 17:26 - 00000017 _____ () C:\Windows\SysWOW64\shortcut_ex.dat
2014-01-20 10:27 - 2014-01-20 09:58 - 00000000 ___HD () C:\Users\H\AppData\Local\LogMeIn Rescue Applet
2014-01-18 16:55 - 2010-12-21 04:53 - 00000000 ___HD () C:\Users\H\AppData\Local\Adobe
2014-01-18 10:33 - 2014-01-04 16:50 - 00000000 ____D () C:\Users\H\AppData\Local\Amazon Cloud Player
2014-01-17 18:50 - 2014-01-17 18:50 - 00000000 ___HD () C:\Users\H\AppData\Local\Oxford University Press
2014-01-17 18:09 - 2014-01-17 18:09 - 00001629 _____ () C:\Users\Public\Desktop\English File third edition Elementary.lnk
2014-01-17 18:08 - 2014-01-17 18:08 - 00000000 ____D () C:\Program Files (x86)\Oxford University Press
2014-01-16 08:02 - 2009-07-14 04:45 - 00338160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 01:53 - 2013-10-17 20:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-16 01:50 - 2014-01-16 01:49 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 01:50 - 2011-01-03 08:25 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-15 21:43 - 2013-07-16 05:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 21:33 - 2010-12-20 02:52 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-13 11:44 - 2011-11-08 10:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-01-06 19:23 - 2014-01-06 19:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-01-05 17:43 - 2009-07-14 05:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-29 09:55

==================== End Of Log ============================

**Juliet** · 2014-02-04, 12:25

The error from ERUNT is because you have a link in your START UP group for a backup. This gets launched without Admin rights so it fails. You can either modify the shortcut to have Admin rights or remove the shortcut and that should get rid of the error.

I see Tweaking.com Registry Backup, have you used this?

**halibrewer** · 2014-02-04, 12:39

I think I would prefer to modify the shortcut so it does not get launched at start up and only opens if I decide to open it at some later date, for example, when asking for help and needing it. (how do I do that, exactly?)
as for the tweaking registry, was that not something you requested I use some posts back? must go through and check. Otherwise, no, I have not used it -nor the NTRGOP tool on my desktop and do not know what it is.

just checked, yes you sent me an instruction that said download tweaking.com Registry backup and install, and told me to press backup. so I did. that is the only time I have used it.

**Juliet** · 2014-02-04, 17:22

sorry for the delay but taking 2 steps forwards and then 3 steps back, have a 4 year old and he was sick.

NTREGOPT is not a registry cleaner. It's a registry compactor
"Note" that the program NTREGOPT does NOT change the contents of the registry in any way, nor does it physically defrag the registry files on the drive. The optimization done by NTREGOPT is simply compacting the registry hives to the minimum size possible.
You can right click on that NTREGOPT shortcut and choose delete to remove it from the desktop.

ERUNT can be used to restore a registry from within the RE, and unlike a windows registry backup (which is useless) all of the registry is backed up.

A great tutorial showing exactly how to do this can be found
http://www.winhelponline.com/blog/ba...y-using-erunt/

**Juliet** · 2014-02-04, 17:26

Any more issues?
I think we're ready to remove the quarantine folders and list preventive tips now?

**halibrewer** · 2014-02-04, 18:42

thank you - I believe that covers all the issues. my little computer seems a lot faster now and easier. I guess we can put spybot back to "resident"? and do final checking, but it seems good to me. you have been marvellous and wonderful. Good luck with your child (I had 4, the youngest over 30 now, so I sympathise.) Should I do one more scan with that online scanner? would have to leave the computer for about 3 hours, but can do tonight.

You are an angel.

**Juliet** · 2014-02-04, 20:52

Thank you for the kind words.

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Run FRST/FRST64 and press the Fix button just once and wait.
no needed to post the log this time.

start
DeleteQuarantine:
end

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Download and Run OTC

We will now remove the tools we used during this fix using OTC.

Download OTC by OldTimer and save it to your desktop.
Double click icon to start the program. If you are using Vista, please right-click and choose run as administrator
Then Click the big button.
You will get a prompt saying "Being Cleanup Process". Please select Yes.
Restart your computer when prompted.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you see any other tools we used and files just delete those..

re-enable your computer protection now.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Your good to go, good job!

Please take the time to read over a few of my preventive tips.

Computer Security
http://malwareremoval.com/forum/view...557960#p557960
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be prepared for CryptoLocker:

Cryptolocker Ransomware: What You Need To Know

CryptoLocker Ransomware Information Guide and FAQ

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please navigate to Microsoft Windows Updates and download all the "Critical Updates" for Windows.

Firefox 3
The award-winning Web browser is now faster, more secure, and fully customizable to your online life. With Firefox 3, added powerful new features that make your online experience even better. It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.
*NoScript - Addon for Firefox that stops all scripts from running on websites. Stops malicious software from invading via flash, java, javascript, and many other entry points.

AdblockPlus

AdblockPlus, Surf the web without annoying ads!
Blocks banners, pop-ups and video ads - even on Facebook and YouTube
Protects your online privacy
Two-click installation, It's free!
click the icon that corresponds to your browser and download.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
WOT Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

Green should be good to go
Yellow for caution
Red to stop

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

How to prevent Malware: Created by Miekiemoes

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article (http://www.forbes.com/sites/eliseack...-disable-java/
and this article (http://www.nbcnews.com/technology/te...late-1B7938755

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser (http://www.geekstogo.com/2600/how-to...r-web-browser/) and How to unplug Java from the browser (http://krebsonsecurity.com/how-to-un...m-the-browser/))

Avoid P2P

P2P may be a great way to get lots of stuffs, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.
- FBI Cyber Education Letter
  File sharing infects 500,000 computers
  USAToday
  infoworld
*********************************************

Secure My Computer: A Layered Approach

Free Antivirus-AntiSpyware-Firewall Software

Extra note:
Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan. http://secunia.com/software_inspector/

**Juliet** · 2014-02-05, 15:13

Glad we could help.

Since this issue appears resolved ... this Topic is closed.

Thread: cannot remove Win32.downloader malware

Thread Tools

Display

cannot remove Win32.downloader malware 2nd part frst txt

cannot remove Win32.downloader malware final bit

Posting Permissions