Infected with Trojan - log post

Scan results:



USBNoRisk 2.5 (26 July 2009) by bobby

Started at 8.3.2010 18:47:42

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {1246143b-cf81-11db-a98d-806d6172696f}
P: {78f6d95a-4088-11dd-a653-00138fe7f926}
F: {96090060-e61e-11dd-a691-00138fe7f926}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 1246143b-cf81-11db-a98d-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

No blocked files found on F:
No Autorun.inf files found on F:
No mountpoint found for F:
Sanitized mountpoint for 96090060-e61e-11dd-a691-00138fe7f926
----------------------------------------
Desktop.ini found at F:\Recycled\ contains interesting CLSID string
----------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},InfoTip = @%SystemRoot%\system32\SHELL32.dll,-22915
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},IntroText = @%SystemRoot%\system32\SHELL32.dll,-31748
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E},LocalizedString = @%SystemRoot%\system32\SHELL32.dll,-8964
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,@ = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Empty = %SystemRoot%\System32\shell32.dll,31
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon,Full = %SystemRoot%\System32\shell32.dll,32
HKLM\Software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\InProcServer32,@ = shell32.dll
----------------------------------------

No blocked files found on P:
No Autorun.inf files found on P:
No mountpoint found for P:
No mountpoint found for 78f6d95a-4088-11dd-a653-00138fe7f926
No Desktop.ini files found on P:
----------------------------------------

========================================
Initial scan finished!
========================================
========================================
Removed F:
========================================


New device connected at 8.3.2010 18:50:22

Scanning for connected USB mass storage...
----------------------------------------
E: {0ca40c69-3e46-11dd-a651-00138fe7f926}
Added E:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on E:
----------------------------------------
No Autorun.inf files found on E:
Sanitized mountpoint for 0ca40c69-3e46-11dd-a651-00138fe7f926
----------------------------------------

No Desktop.ini files found on E:
----------------------------------------

No mimics found on drive E:
========================================

========================================
Removed E:
========================================


New device connected at 8.3.2010 18:52:53

Scanning for connected USB mass storage...
----------------------------------------
H: {aa704e90-cfc7-11db-b6b5-9ac5f0551756}
Added H:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on H:
----------------------------------------
No Autorun.inf files found on H:
No mountpoint found for aa704e90-cfc7-11db-b6b5-9ac5f0551756
----------------------------------------

No Desktop.ini files found on H:
----------------------------------------

No mimics found on drive H:
========================================

========================================
Removed H:
========================================


New device connected at 8.3.2010 18:55:24

Scanning for connected USB mass storage...
----------------------------------------
I: {f2c1e79a-d34a-11db-b6db-003054837fcb}
Added I:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on I:
----------------------------------------
No Autorun.inf files found on I:
No mountpoint found for f2c1e79a-d34a-11db-b6db-003054837fcb
----------------------------------------

No Desktop.ini files found on I:
----------------------------------------

No mimics found on drive I:
========================================

========================================
Removed I:
========================================

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

BitTorrent
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 2
LimeWire 5.1.1

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Here it is, seems there are no threats.

Malwarebytes' Anti-Malware 1.44
Database version: 3838
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

8.3.2010 20:32:32
mbam-log-2010-03-08 (20-32-32).txt

Scan type: Quick Scan
Objects scanned: 137104
Time elapsed: 6 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Hello.

To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

• Click the CleanUp! button.
  
• Select Yes when the "Begin cleanup Process?" prompt appears.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.
  

How is the machine running now?

Thanx, but do I need to delete those programs, maybe I might need them in the future?
Machine is running normally ever since the first day I posted here and you prompted me through first steps.
I never thought bittorrent and limewire as worldwide sharing programmes would be causing this.
And suggestions on p2p replacement programmes I could safely use?

No, Limewire is a clean program, but the files you are downloading may not be, so we recommend that users stay away from P2P altogether.

Nice.
I'm running a football forum and know how tedious it gets with navigating newbies. Thanx for your time!