IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.
Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realise. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.
Please read these short reports on the dangers of peer-2-peer programs and file sharing.
FBI Cyber Education Letter
File sharing infects 500,000 computers
These logs are looking allot better. But we still have some work to do.
Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..
uninstall some programs
NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.
You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)
Programs to remove
Adobe Reader 9.5.2 MUI
Java 6 Update 20
Java 6 Update 24
Java 6 Update 24 (64-bit)
Java 7 Update 4
Java SE Development Kit 6 Update 24 (64-bit)
- Please download and install Revo Uninstaller Free
- Double click Revo Uninstaller to run it.
- From the list of programs double click on The Program to remove
- When prompted if you want to uninstall click Yes.
- Be sure the Moderate option is selected then click Next.
- The program will run, If prompted again click Yes
- when the built-in uninstaller is finished click on Next.
- Once the program has searched for leftovers click Next.
- Check/tick the bolded items only on the list then click Delete
- when prompted click on Yes and then on next.
- put a check on any folders that are found and select delete
- when prompted select yes then on next
- Once done click Finish.
Update Adobe Reader
Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.
You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.
If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, be careful not to install anything to do with AskBar.
Please go here to install Java
- click on the Free Java Download Button
- click on Agree and start Free download
- click on Run
- click on run again
- click on install
- when install is complete click on close
Clean Out Temp Files
- This small application you may want to keep and use once a week to keep the computer clean.
Download CCleaner from here http://www.ccleaner.com/
- Run the installer to install the application.
- When it gives you the option to install Yahoo toolbar uncheck the box next to it.
- Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
- Click Run Cleaner.
- Close CCleaner.
: Malwarebytes' Anti-Malware :
- I would like you to rerun MBAM
- Double-click mbam icon
- go to the update tab at the top
- click on check for updates
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform quick scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
- When completed, a log will open in Notepad. please copy and paste the log into your next reply
- If you accidentally close it, the log file is saved here and will be named like this:
- C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)
- Go Here to download HijackThis Installer
- Save HijackThis Installer to your desktop.
- Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
- By default it will install to C:\Program Files\Trend Micro\HijackThis .
- Click on Install.
- It will create a HijackThis icon on the desktop.
- Once installed it will launch Hijackthis.
- Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
- Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
- Come back here to this thread and Paste the log in your next reply.
- DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
- DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator
"information and logs"
- In your next post I need the following
- Log From MBAM
- report from Hijackthis
- let me know of any problems you may have had
- How is the computer doing now?