Solve : Can someone look at my logs please??

1.	Solve : Can someone look at my logs please??
Answer» To enable the viewing of HIDDEN and protected system files in Windows Vista please follow these steps: 1.Close all programs so that you are at your desktop. 2.Click on the Start button. This is the small round button with the Windows flag in the lower left corner. 3.Click on the Control Panel menu option. 4.When the control panel opens you can either be in Classic View or Control Panel Home view: If you are in the Classic View do the following: 1.Double-click on the Folder Options icon. 2.Click on the View tab. 3.Go to step 5. If you are in the Control Panel Home view do the following: 1.Click on the Appearance and Personalization link. 2.Click on Show Hidden Files or Folders. 3.Go to step 5. 5.Under the Hidden files and folders section select the radio button labeled Show hidden files and folders. 6.Remove the checkmark from the checkbox labeled Hide extensions for known file types. 7.Remove the checkmark from the checkbox labeled Hide protected operating system files. Once this is done, your Folder Options screen should look similar to the following image. 8.Press the Apply button and then the OK button. Now Windows Vista is configured to show all hidden files. =================================== Click on Start and copy and paste this in the "start search" box: C:\Windows\system32\igfxext.exe Right click on the file and delete it. Please let me know how you did. Well SuperDave, Not to good , I followed all the instructions and when I right clicked to delete it stated Access to the Destination File DENIED. I tried the search a second time and now the C:\Windows\system32\igfxext.exe search came with 2 exact matches as if the file duplicated itself. Would you be so kind to explain to me in 10 words what is going on? For what I have found out by myself is that a virus can be hidden under this file ext. Also I was wondering if I should change back my Folder Options to their original checked options. Is there hope for me and my computer? I am afraid to use the internet for anything with password and personal info. Please advice. Thank you again SuperDave for all your precious time and patience.Ok go ahead and hide your files again. I was wrong about that file. Let's run two more scans and then we'll be finished. You can use your computer on the internet. Download DrWeb CureIt & save it to your desktop. Scan with DrWeb-CureIt as follows: •Double-click on drweb-cureit.exe and then click Start •An information notice will appear, click OK. •This starts a short scan that will scan the files currently running in memory. •If you get a PROMPT to buy the full version just exit out of the window. The scanner will still work without buying the full version •If or when something is found, click the Yes button when it asks you if you want to cure it. •Once the short scan has finished, Click Settings > Change Settings •Under the Scanning tab UNcheck Heuristic analysis and click OK •Back at the main window, select the Complete scan button and then click the Green Arrow Start Scanning button on the right and the scan will start. •Click Yes to all if it asks if you want to cure/move any file(s). •When the scan is done. •In the Dr.Web CureIt menu on top left, click File and choose Save report list. •Save the DrWeb.csv report to your Desktop. •Exit Dr.Web Cureit. •Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot. * After reboot, Right-click the Dr.Web log on the desktop and choose Open With > Notepad * Copy and paste that log in the next reply =================================== * Go to Start > Run and type mrt.exe then press Enter on the keyboard). * (Vista and Windows 7 users go to Start and type mrt.exe in the search box then press Enter on the keyboard. * Click Next. * Choose Full Scan and click Next. * Once the scan is finished click View detailed results of the scan. Look through the list and let me know if anything was found infected. SuperDave I cannot get to have Drweb-CureIT to do anything at all Quote •If you get a prompt to buy the full version just exit out of the window. The scanner will still work without buying the full version when the prompt comes I exited but the computer would stale on EPM mode and the only option would be to download the free trial version which when cliked it would not work. I tried also to run it without the EPM to not avail. There is a warning window for Virus warning and file locations for the quarantine info and the log but when I go there there is no Quarantine file ext as on warning window and the notepad log file named Cureit is empty. Please advice. Thank you a million SuperDave Ok Delete Dr Web CureIt from your desktop and try this one. Also, don't forget to run MRT. Download Dr.Web CureIt to the desktop: DrWebCureit Double-click the launch.exe or cureit.exe file and Allow to run the express scan This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan. Once the short scan has finished, just let it cure whatever it finds... o Now, go to Settings >> Change Settings o Go to Actions tab >> under Objects section, change the settings to below Infected objects - Cure Incurable objects - Report Suspicious objects - Report o Don't change any other settings Start the scan again. This time, choose Complete Scan Click the green arrow button at the right, and the scan will start. After the scan finished, click Select all Click on Cure and choose Report incurable (means take no actions.. Don't "move", or "rename" or "delete") When the scan has finished, in the menu, click File and choose Save report list Save the report to your Desktop. The report will be called DrWeb.csv Post DrWeb.csv in your next reply (Open it as Notepad).. Do NOT reboot the computer yet.. Hello SuperDave, I tried to get DrWeb Cureit through your link but I have the exact same problem than before. I ran the MRT and it came with no infected files when I looked at the detailed report. Am I fine and save you think? Again and again I want to Thank you for all your help and your patience with me. Quote Am I fine and save you think? I would say that your computer is as clean as our scans can make it. Let's do some clean-up * Click START then RUN - Vista users press the Windows Key and the R keys for the Run box. * Now type Combofix /uninstall in the runbox * Make sure there's a space between Combofix and /Uninstall * Then hit Enter * The above procedure will: * Delete the following: * ComboFix and its associated files and folders. * Reset the clock settings. * Hide file extensions, if required. * Hide System/Hidden files, if required. * Set a new, clean Restore Point. =============================== Download OTC by OldTimer and save it to your desktop. 1. Double-click OTC to run it. 2. Click the CleanUp! button. 3. Select Yes when the "Begin cleanup Process?" prompt appears. 4. If you are prompted to Reboot during the cleanup, select Yes 5. OTC should delete itself once it finishes, if not delete it yourself. ================================= Clean out your temporary internet files and temp files. Download TFC by OldTimer to your desktop. Double-click TFC.exe to run it. Note: If you are running on Vista, right-click on the file and choose Run As Administrator TFC will close all programs when run, so make sure you have saved all your work before you begin. * Click the Start button to begin the CLEANING process. * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. * Please let TFC run uninterrupted until it is finished. Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning. ==================================== Looking over your log it seems you don't have any evidence of a third party firewall. Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors. Remember only install ONE firewall 1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one) 2) Online Armor 3) Agnitum Outpost 4) PC Tools Firewall Plus If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time. ===================================== Use the Secunia Software Inspector to check for out of date software. •Click Start Now •Check the box next to Enable thorough system inspection. •Click Start •Allow the scan to finish and scroll down to see if any updates are needed. •Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the LATEST Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly. Safe Surfing!

Answer»

To enable the viewing of HIDDEN and protected system files in Windows Vista please follow these steps:

1.Close all programs so that you are at your desktop.

2.Click on the Start button. This is the small round button with the Windows flag in the lower left corner.

3.Click on the Control Panel menu option.

4.When the control panel opens you can either be in Classic View or Control Panel Home view:

If you are in the Classic View do the following:

1.Double-click on the Folder Options icon.

2.Click on the View tab.

3.Go to step 5.

If you are in the Control Panel Home view do the following:

1.Click on the Appearance and Personalization link.

2.Click on Show Hidden Files or Folders.

3.Go to step 5.

5.Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.

6.Remove the checkmark from the checkbox labeled Hide extensions for known file types.

7.Remove the checkmark from the checkbox labeled Hide protected operating system files. Once this is done, your Folder Options screen should look similar to the following image.

8.Press the Apply button and then the OK button.

Now Windows Vista is configured to show all hidden files.
===================================

Click on Start and copy and paste this in the "start search" box: C:\Windows\system32\igfxext.exe Right click on the file and delete it.

Please let me know how you did.

Well SuperDave,

Not to good , I followed all the instructions and when I right clicked to delete it stated Access to the Destination File DENIED. I tried the search a second time and now the C:\Windows\system32\igfxext.exe search came with 2 exact matches as if the file duplicated itself. Would you be so kind to explain to me in 10 words what is going on? For what I have found out by myself is that a virus can be hidden under this file ext. Also I was wondering if I should change back my Folder Options to their original checked options.
Is there hope for me and my computer? I am afraid to use the internet for anything with password and personal info.
Please advice. Thank you again SuperDave for all your precious time and patience.Ok go ahead and hide your files again. I was wrong about that file. Let's run two more scans and then we'll be finished. You can use your computer on the internet.

Download DrWeb CureIt & save it to your desktop. Scan with DrWeb-CureIt as follows:

•Double-click on drweb-cureit.exe and then click Start

•An information notice will appear, click OK.

•This starts a short scan that will scan the files currently running in memory.
•If you get a PROMPT to buy the full version just exit out of the window. The scanner will still work without buying the full version

•If or when something is found, click the Yes button when it asks you if you want to cure it.
•Once the short scan has finished, Click Settings > Change Settings

•Under the Scanning tab UNcheck Heuristic analysis and click OK

•Back at the main window, select the Complete scan button and then click the Green Arrow Start Scanning button on the right and the scan will start.

•Click Yes to all if it asks if you want to cure/move any file(s).

•When the scan is done.
•In the Dr.Web CureIt menu on top left, click File and choose Save report list.

•Save the DrWeb.csv report to your Desktop.

•Exit Dr.Web Cureit.
•Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
* After reboot, Right-click the Dr.Web log on the desktop and choose Open With > Notepad
* Copy and paste that log in the next reply

===================================

* Go to Start > Run and type mrt.exe then press Enter on the keyboard).
* (Vista and Windows 7 users go to Start and type mrt.exe in the search box then press Enter on the keyboard.
* Click Next.
* Choose Full Scan and click Next.
* Once the scan is finished click View detailed results of the scan.

Look through the list and let me know if anything was found infected.

SuperDave I cannot get to have Drweb-CureIT to do anything at all Quote

•If you get a prompt to buy the full version just exit out of the window. The scanner will still work without buying the full version

when the prompt comes I exited but the computer would stale on EPM mode and the only option would be to download the free trial version which when cliked it would not work. I tried also to run it without the EPM to not avail. There is a warning window for Virus warning and file locations for the quarantine info and the log but when I go there there is no Quarantine file ext as on warning window and the notepad log file named Cureit is empty. Please advice.

Thank you a million SuperDave
Ok Delete Dr Web CureIt from your desktop and try this one. Also, don't forget to run MRT.

Download Dr.Web CureIt to the desktop:
DrWebCureit

Double-click the launch.exe or cureit.exe file and Allow to run the express scan
This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
Once the short scan has finished, just let it cure whatever it finds...

o Now, go to Settings >> Change Settings
o Go to Actions tab >> under Objects section, change the settings to below
Infected objects - Cure
Incurable objects - Report
Suspicious objects - Report
o Don't change any other settings

Start the scan again. This time, choose Complete Scan
Click the green arrow button at the right, and the scan will start.
After the scan finished, click Select all
Click on Cure and choose Report incurable (means take no actions.. Don't "move", or "rename" or "delete")
When the scan has finished, in the menu, click File and choose Save report list
Save the report to your Desktop. The report will be called DrWeb.csv
Post DrWeb.csv in your next reply (Open it as Notepad).. Do NOT reboot the computer yet..

Hello SuperDave,

I tried to get DrWeb Cureit through your link but I have the exact same problem than before.
I ran the MRT and it came with no infected files when I looked at the detailed report.
Am I fine and save you think?

Again and again I want to Thank you for all your help and your patience with me.

Quote

Am I fine and save you think?

I would say that your computer is as clean as our scans can make it. Let's do some clean-up

* Click START then RUN - Vista users press the Windows Key and the R keys for the Run box.
* Now type Combofix /uninstall in the runbox
* Make sure there's a space between Combofix and /Uninstall
* Then hit Enter

* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore Point.

===============================

Download OTC by OldTimer and save it to your desktop.

1. Double-click OTC to run it.
2. Click the CleanUp! button.
3. Select Yes when the "Begin cleanup Process?" prompt appears.
4. If you are prompted to Reboot during the cleanup, select Yes
5. OTC should delete itself once it finishes, if not delete it yourself.

=================================

Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the CLEANING process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

====================================

Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.

=====================================

Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the LATEST Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Solve : Can someone look at my logs please??

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment