Spyware and other problems

Hey it looks like I might have some kind of spyware and other type of problem.

I followed all of your instructions on how to clean out my system. When I ran the last online scanner program it found a few things.

I am attaching all of the logs and Hijack log to this post so you can see what my problem might be. I even disabled system restore just incase there was something trapped in it.

I rescanned it with Active Scan and still had something show up
I only sent you the latest Active Scan log of that.

Thanks for your help.


John

 

Download
- Pocket Killbox

Empty the Norton Antivirus Quarantine Folder
Empty the Norton Protected Recycle Bin.
Empty the Recycle Bin.

Using Add or Remove Programs in the Control Panel; uninstall the following:

Download LSP-Fix

After download is complete, Run LSP-Fix

Check the Box labeled "I know what I'm doing" and then click on the bmnet.dll file (in the “Keep” section) to select it.

Then, Select the >> button to move bmnet.dll into the Remove section.

Now, click the Finish Button. When the Repair Summary box appears, click OK.
(Note: If the file bmnet.dll is already in the remove section, then just click FINISH.)

<< The installed version of Java on this compter is out-dated. Install version 1.5.0_07 available from http://www.java.com/en/download/manual.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

Windows Messeger is running in the background on this computer, and represents a security risk. Disable Windows Messenger by running Shoot The Messenger. If you are using this as your IM client then replace it with MSN Messenger.

Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open ExplorerXP navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode

Post a fresh HijackThis log.

 

Ok I have followed all of the steps and I am posting a new Hijack Log.

I do have a couple of questions though.


Question 1 is about Weather Bug (I use it all of the time).

It is setup to work with the Local TV Station I work for providing weather alerts from us. I didn't know there was a problem with it. Is it not a legitimate application? We have been promoting them on the company website.


Question 2: I can't find Java version 1.5.0_07 It says the latest version on their website is verson 1.5.0_06 That is what I have installed.


Question 3: What is wrong with this Ringtone_CD_Ripper program?

Is it some kind of sypware? I downloaded it from Version Tracker. (I thought they checked all the stuff they posted).

Question 4: This one is another issue that has recently come up.

I have noticed that each time I startup my computer it says that my Norton Auto Protect is off. (However when I check it is running).
I only have Anti Virus and not Norton Utilities on this computer so couldn't find the Norton Protected Bin..

Thanks for all of your help and let me know if there are anymore problems that I need to clear up.


John

 

Nothing as long as it is the paid version. The unpaid version is Adware, and there are privacy concerns with it, as it tracks your surfing habits.

It would appear they have not updated their Java Website. 1.5.0_07 is indeed teh latest version and has been available for download for 2 months.

Try this link. http://java.sun.com/javase/downloads/index.jsp

Spyware:Spyware/LZIO-Media from your Panda ActiveScan log.

There are several tyoes of Malware that target application like Norton. It's not unusual to for one to have to uninstall Norton, reboot , then install. To get it working properly again after an infection.