Starting the holiday weekend with computer cleanup chores. I have a laptop and a desktop to do, so you'll see another post soon with the desktop logs.
Thanks for the help!
Thanks for the help!
:
[1] UNCHECK all 'Real', Real Player' and 'Real One' entries on the Startup menu
[2] If you use Real Player disable the auto-update feature in your Tools- Preferences- Automatic Services- AutoUpdate (In RealPlayer).
[3] Right click on Start> Explore> Programs> Common> Real Update> right click> delete the file "realshed.exe"
Edit to add: Empty the Recycle Bin again
Differences Between the Recycle Bin and the Recycler Folder:
When you delete a file in Windows NT Explorer or My Computer, the file is stored in the Recycle Bin. The file remains in the Recycle Bin until you empty the Recycle Bin or restore the file.
The Recycler folder is used only on NTFS partitions. The Recycler folder contains a Recycle Bin for each user that logs on to the computer, sorted by their security identifier (SID).
Check Add/Remove Programs for Wild Tangent. If found, uninstall it.Wild Tangent is a video game software company specializing in online games. It has even made a partnership with AOL to include itself as part of the AOL Instant Messenger for their AIM games section. The WildTangent Web Driver is their technology that allows you to play 3D games over the Internet. Although its not technically considered spyware it does have built in components to update itself and gather information about the computer system including
- Operating System Version
- CPU Type and Speed
- Memory Amount
- Video Card type and Driver Version
- Sound Card type and Driver Version
- DirectX Version
- Location that the Web Driver was installed from
http://www.pchell.com/support/wildtangent.shtml
Question:
Have you specifically set these Ports to be globally open in the Firewall?
TCP 135: Transacted connection to SQL Server to create, connect or track.
TCP 5000-5020: Secondary RPC ports (Remote Procedure Call) endpoint mapper
Thank you touch.Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop
Killall::
Snapshot::
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Glob allyOpenPorts\List]
"135:TCP"=-
"5000:TCP"=-
"5001:TCP"=-
"5002:TCP"=-
"5003:TCP"=.
"5004:TCP"=-
"5005:TCP"=-
"5006:TCP"=-
"5007:TCP"=-
"5008:TCP"=-
"5009:TCP"=-
"5010:TCP"=-
"5011:TCP"=-
"5012:TCP"=-
"5013:TCP"=-
"5014:TCP"=-
"5015:TCP"=-
"5016:TCP"=-
"5017:TCP"=-
"5018:TCP"=-
"5019:TCP"=-
"5020:TCP"=-
Once saved, refering to this image and drag CFScript.txt into ComboFix.exe:
Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall
If Symantec isn't easy/user-friendly, would you recommend a firewall and AV that is? Would that be the quickest way to resolve this?