InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Solve : computer acting up? |
|
Answer» Quote Is this it?That's the one. Thanks ===================================== Code: [Select]C:\Program Files\1bomb.ini Do you know what this program is for? ==================================== Please read here for more information about WildTangent. Your choice if you want to remove it or not. If you choose to follow my advice, please follow these instructions. Go to Start > Control Panel > Add/Remove Programs and remove the FOLLOWING programs. •WildTangent Web Driver (or anything else with the name WildTangent.) I suspect that WildGames is one of these programs since they come from the same site. =================================================== Please go to Jotti's malware scan (If more than one file needs scanned they MUST be done separately and logs posted for each one) * Copy the file path in the below Code box: Code: [Select]C:\WINDOWS\system32\drivers\rewac.sys C:\WINDOWS\system32\mfc45.dll * At the upload site, click once inside the window next to Browse. * Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window. * Next click Submit file * Your file will possibly be entered into a queue which normally takes less than a minute to clear. * This will perform a scan across multiple different virus scanning engines. * Important: Wait for all of the scanning engines to complete. * Once the scan is finished, Copy and then Paste the link in the address bar into your next reply. ================================== Re-running ComboFix to remove infections:
Download Security Check by screen317 from one of the following links and save it to your desktop. Link 1 Link 2 * Unzip SecurityCheck.zip and a folder named Security Check should appear. * Open the Security Check folder and double-click Security Check.bat * Follow the on-screen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt * Post the contents of that document in your next reply. Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so. Here is the info on 1bomb file. It's a configuration.Video_Width: 640 Video_Height: 480 BPP: 16 VSync: 1 FullScreen: 0 InputType: 0 Sound: 1 Volume: -512 Stats: 0 *Note : Must have a space between item and value! I'll send more in a little bit. My kids play the Wild Tangent games. I'd like to keep them.I'm not to concerned with the info they create about the games. They do more learning about your shopping habit with your credit card than Wild Tangent and games. I understand its a privacy issue and agree with you , but I don't think it has any harm in it. My 2 cents. I'll get the other logs soon.http://virusscan.jotti.org/en/scanresult/8c048105ef576585bf710909ad9b2fa7e6f632f4/ad94ec62df70c322fa3ccaf0efdd5d5d1b88edf3I've moved the file over and it auto starts and then ask me if I wanted CFSript.txt to run.It say it is misspelled and the program shuts down when I click OK.Results of screen317's Security Check version 0.99.4 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! avast! Free Antivirus Webroot AntiVirus with Spy Sweeper Online Armor 4.0 ``````````````````````````````` Anti-malware/Other Utilities Check: Scholastic's I SPY Fantasy Webroot AntiVirus with Spy Sweeper Spy Sweeper Core SUPERAntiSpyware Free Edition HijackThis 2.0.2 Java(TM) 6 Update 17 Out of date Java installed! Adobe Flash Player 10.0.45.2 Adobe Reader 8.1.3 Out of date Adobe Reader installed! MOZILLA Firefox (3.6.3) ```````````````````````````````` Process Check: objlist.exe by Laurent Ad-Aware AAWService.exe iolo common lib ioloServiceManager.exe ```````````````````````````````` DNS Vulnerability Check: Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?) ``````````End of Log```````````` The Jotti's link is for the wrong file. It's for imfivpf. I wanted two files scanned: C:\WINDOWS\system32\drivers\rewac.sys and C:\WINDOWS\system32\mfc45.dll Could you please try to scan them again and give me the links. ========================================= Quote It say it is misspelled and the program shuts down when I click OK.Please try it again. ======================================== Update Your Java (JRE) Old versions of Java have vulnerabilities that malware can use to infect your system. First Verify your Java Version If there are any other version(s) installed then update now. Get the new version (if needed) If your version is out of date install the newest version of the Sun Java Runtime Environment. Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update. Be sure to close ALL open web browsers before starting the installation. Remove any old versions 1. Download JavaRa and unzip the file to your Desktop. 2. Open JavaRA.exe and choose Remove Older Versions 3. Once complete exit JavaRA. 4. Run CCleaner. Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the INITIAL startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer. =============================== Please download the newest version of Adobe Acrobat Reader from Adobe.com Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable. Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7). Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them. Once old versions are gone, please install the newest version. ============================================= I'm unable to remove old java.The new version will not download. I tried to update adobe and it fails too. Adobe error info ID-6702.402.502.20041 send report to adobe http://Http://www.adobe.com/misc/bugreport.html Installation is corrupt!(16263.201.355-42072312.80040154FFFFFFFF.80040154 I tried to do this when my computer started acting up without success. Most programs have issues downloading. OK. Got them removed. Now I'll update again.still get error messages.How did you do with the ComboFix script and the two files to be scanned?I will try that in a bit . Busy day.http://virusscan.jotti.org/en/scanresult/2e6031ed88b70d1cbfa7798771041464f553d1e8http://virusscan.jotti.org/en/scanresult/85a8e39972371a64284a8fd215c32b940c2173aeThat looks good. Can you now please run the ComboFix script from Reply # 30?I've tried 4 other times with no luck. It keeps repeating that it is miss spelt. It spells it that way too. rather a surprise to have an errors grammar incorrect. |
|