PA
Mon Aug 02 14:35:26 CDT 2004
How does "the JAVA VM exploit" figure in your problem?
Advanced users will find Spybot a useful tool but none of them are worth
bupkiss if you don't seek first seek updates before running 'em each and
every time, even "right out of the box" new.
HijackThis (HT) won't take care of anything on its own. Post your HT log to
one of the recommended forums for expert advice.
Also see section in previous reply about running an AV scan in Safe Mode.
(In fact, try running Ad-aware, Spybot and HT in Safe Mode after enabled
'Show Hidden Files'.)
--
~PA Bear
John McNamara wrote:
> Okay great! I have used ADAware and CoolWebShredder
> before the udpate. The MS update from the CD should take
> care of the JAVA VM exploitation. I'll try Hijackthis to
> take care of the bad dll.
>
>> -----Original Message-----
>> MSFI.DLL is not a Windows file, though MSI.DLL is. Check your system for
>> "hijackware":
>>
>> Help with Hijackware
>>
http://aumha.org/a/parasite.htm
>>
http://aumha.org/a/quickfix.htm
>>
http://mvps.org/winhelp2002/unwanted.htm
>>
http://inetexplorer.mvps.org/Darnit.htm
>>
>> CoolWebSearch Chronicles
>>
http://www.spywareinfo.com/~merijn/cwschronicles.html
>>
>> Run these tools in the following order with nothing else running in
>> background:
>>
>> 1. CWShredder (fix all found)
>>
>> 2. Ad-Aware (fix all found)
>>
>> 3. Spybot (RTFM but generally fix everything in red)
>>
>> Important: You *must* seek updates for Ad-Aware, Spybot, etc., before
>> each and every use, even "right out of the box". But even they can't
>> catch everything, 24/7. When all else fails, HijackThis
>> (
http://www.spywareinfo.com/~merijn/files/HijackThis.exe) is the
>> preferred tool to use. It will help you to both identify and remove any
>> hijackware/spyware. **Post your files to
>
http://forums.spywareinfo.com/ or
>>
http://forum.aumha.org/viewforum.php?f=30 for expert analysis, not
>> here.**
>>
>> [Alternate download pages for many of the above tools may be found at
>>
http://aumha.org/a/parasite.htm.]
>>
>> Also:
>>
>> 1. Download and run Stinger
> (
http://vil.nai.com/vil/stinger/); then...
>>
>> 2. Update your virus definitions, enable Show Hidden Files
>>
> (
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2
> 002092715262339)
>> and then run a full system scan in Safe Mode
>>
> (
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2
> 001052409420406)
>> with nothing else running in background. Note the files identified and
>> removed then find the corresponding page for the file at your AV maker's
>> online support pages (e.g.,
>>
http://securityresponse.symantec.com/avcenter/venc/data/ad
>> ware.winfavorites.html) and follow all Removal steps.
>>
>> WinXP Only (WinME similar): If this scan finds anything, create a new
>> Restore Point then Disk Cleanup > More options > Delete all but the most
>> recent Restore Point.
>>
>> 3. Check in at Windows Update.
>>
>> So How Did I Get Infected Anyway?
>>
http://boards.cexx.org/viewtopic.php?t=957
>>
>> --
>> HTH - Please Reply to This Thread
>>
>> ~Robear Dyer (PA Bear)
>> MS MVP-Windows (IE/OE), AH-VSOP
>>
>> AumHa Forums
>>
http://forum.aumha.org
>>
>> What You Should Know About Spyware
>>
http://www.microsoft.com/mscorp/twc/privacy/spyware.mspx
>>
>> John McNamara wrote:
>>> Has anyone encountered a problem after installing the
>>> Windows Security Update CD? I loaded the CD on a win98
>>> machine and get an invalid page fault caused by a MSFI.dll
>>> file in explorer. Any suggestions on what this may be
>>> caused by or how to fix the problem? This dll seems to be
>>> a "newbie" out of Redmond WA.
>>
>> .