8 steps are complete and here are the logs
Amazing howmany Viruses were found!38 viruses and/or unwanted programs were found
P2P Warning!
- IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.
LimeWire
Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. You may continue to use P2P sharing at your own risk; however, please keep in mind that this practice may be the source of your current malware infestation
I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
References for the risk of these programs can be found in these links: http://www.microsoft.com/windows/ie/community/columns/protection.mspx
http://www.techweb.com/wire/160500554
http://www.internetworldstats.com/articles/art053.htm
See Clean/Infected P2P Programs here
I would recommend that you uninstall LimeWire, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.
Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
- Then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform full scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected. <========= Not Done
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
iTunesHelper.exe Big resource user!
Adobe Reader Speed LauncherBackground task installed by Apple's iTunes music player and also by version 7 of QuickTime which now comes inseparably bundled with iTunes. It is thought that this task used to be a 3rd party add-on program in the early days of Apple's iPod when its iTunes software was incompatible with many CD-Writers. This task does not need to be installed as a startup since iTunes starts it up anyway when it needs it.
1. UNCHECK on Startup menu using msconfig. It uses nearly 6MB of memory.
SunJavaUpdateSched1. Use msconfig to UNCHECK all; Adobe Reader entries> Apply> OK
2. Open the Adobe Reader and Disable all Toolbars-unless you use the PDF feature frequently.
3. Change the Adobe LM Service to Manual Startup.
4. Only the most current version (now v9) should be listed in Add/Remove Programs.
To stop: Control Panel> Java> Update tab> UNCHECK 'check automatically check for update'> Apply> answer Yes to confirmation message that comes up> Close.
(NOTE: every time you update, install or uninstall, this process puts itself back. You don't want it to run, so keep that in mind and stop as needed.
I also have instructions for REAL PLAYER and BONJOUR/MDSRESPONDER: if you need them.
For msconfig: Start> Run> msconfig> enter> Selective Startup> Startup tab>>> make changes> Apply> OK.
For Services: Start> Run> services.msc> right click on the Service you want to change> make the change in the Startup type (Manual or Disabled)> Close.
NOTE: the first time you reboot after making changes on the startup menu using the msconfig utility, you will get a nag message-it can be ignores and closed after checking 'don't show this message again'. Stay in Selective Startup.
Let us know if you need any more help.