PLEASE HElP, I know we just did this

No P2P programs are actually safe. That is why the How to protect thread warns you about using them. Some are just worse than others and even come bundled with malware. Some versions of Limewire did come bundled with malware. What you download with it and where you download it from can be the problem. How do you know that the person (or persons) you are downloaded from have a clean PC and that what you are downloading is clean or is even what it says it is.

Don't believe all the garabage that AOL is feeding you about how great their security center is. It is all hype. AOL is even the company that keeps reinstalling the Viewpoint crap on your PC and noone really needs it or wants it and it is considered adware/spyware. However uninstalling AOL's software should not be breaking anything on your PC. I'm not sure what your problems are right now and I'm not sure what you think you have installed and uninstalled, but I see signs of 3 antivirus applications in your log. AOL Antivirus, McAfee, PC Tools. Why do you have 3 installed? Don't you remember what step 3 of the READ & RUN ME indicates. Only 1 must ever be installed. Installing more than one can cause ALL kinds of problems. You could be running into problems because you have installed too many antivirus, too many realtime blockers, and maybe even multiple firewalls.

Which of these antivirus programs are you supposed to be using? Uninstall all but that one.

Why are there two Java and two FireFox folders in Add/Remove programs?

Code:

"C:\Program Files\"
JAVA          Nov 30 2006              "Java"
JAVA(2)       Nov 27 2006              "Java(2)"
MOZILL~1      Nov 30 2006              "Mozilla Firefox(2)"
MOZILL~2      Dec  6 2006              "Mozilla Firefox"

What is the below that you recently downloaded?

Code:

"C:\"
sc3.avi       Dec  3 2006  1171556352  "sc3.avi"
sc3.vsp       Dec  3 2006       16384  "sc3.VSP"
sc3~1.mpe     Dec  3 2006     5679491  "sc3.mpeg"
thumbs.db     Dec  3 2006      291840  "Thumbs.db"
uvs7_w~1.txt  Dec  3 2006         201  "UVS7_WKLog.txt"

Why didn't you run CCleaner? If you had run it, you would not have files as old as Dec 3 rd in your Temp folder.

 

There are processes still trying to load. We will fix them.

In you previous logs AOL Security was still installed ( Safety and Security Center Uninstaller ) now it is no longer in your log so you must have just done something to uninstall it. Also, your previous log showed the below:
CA Pest Patrol Realtime Protection
PC Tools AntiVirus 3.0

Now they are gone too. So you must have also just uninstalled them.

I was not referring to two of them in Add/Remove Programs. I was referring to the multiple folders for them. Also you did not download and install the current version of Sun Java as you just said. You are running update 9 and update 10 is what our link takes you to. Uninstall update 9 and install the current update 10.

Delete the below two folders:
C:\Program Files\Java(2)
C:\Program Files\Mozilla Firefox

Look in your current newfiles.txt log which you just posted and see this folder:

C:\Documents and Settings\Mitch Schwartz\Local Settings\Temp\

It has a load of files in it and some date back to Dec 3rd. If CCleaner is run, this folder should have all files cleaned up. If it is not cleaning them, that means you change the options on CCleaner so that it is not cleaning up Temp folders and that is the whole purpose of using it. Run CCleaner again and watch this folder (have it open) and see if the files disappear when CCleaner is run. If not then you need check the options in CCleaner and make sure that System -->Temporary Files is checked. (In fact everything under System should be checked)


What is the below process for that you stopped from loading with MSconfig:
C:\Program Files\Slide\Slide.exe

Make sure viewing of hidden files is enabled (per the tutorial).

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\MITCHS~1\LOCALS~1\Temp\2006101919121_mcinfo.exe /insfin
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\MITCHS~1\LOCALS~1\Temp\2006101919132_mcappins.exe /v=3 /cleanup
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://softdev.adelphia.net/sdccommon/download/tgctlins.cab

NOTE: The below are not malware but you don't need them to load at startup. You can optionally have HJT fix these lines to conserve the system resources:

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"



After clicking Fix, exit HJT.

Now reboot in normal mode
Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now locate the below files and delete them if found:
C:\Program Files\support.com\adelphia\scripts\IEconfig.vbs
C:\WINDOWS\install.inf
C:\WINDOWS\TWl0Y2hlbGwgU2Nod2FydHo\nq5XsZ15v3T0oZhCxZIVxJC.vbs

Now attach the below new logs and tell me how the above steps went.

1. GetRunKey
2. ShowNew
3. HJT

Make sure you tell me how things are working now!

Reminder Note: Once we have determined you are malware free you will need to disable System Restore, reboot, and re-enable system restore per step 1 of the READ & RUN ME. This only applies to if using WinXP or WinMe.

 

We have three more folders to delete. One I mentioned last time. Delete the below folders:
C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\Program Files\Viewpoint
C:\Program Files\Common Files\Java(2)

How are things working now?

Your log is clean. If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix you can delete the ComboFix.exe file and associated C:\combofix.txt log that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
5. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
6. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
7. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
8. If you are running Windows XP or Windows ME, do the below:
   • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
9. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!