I've got PC Tools antivirus, the latest edition. Things were working fine when I got a worm from my friends portable drive, one of those that (like Brontok, I guess) that spread from flash drives and it is not allowing me to view my hidden files. The options is always stuck at 'don't show hidden files or folders'. It is one of those things that screws around with the registry. It's not even letting me update the antivirus by running smart updates. Whenever, I run them smart update always gets stuck (not responding). It's also not letting me save my word documents easily. If try to change the Dword registry value for hidden files to 1, it again changes back to 0 or 2. It's not lettin me do that even.

Please advise me how should I get rid of this thing?? I am stuck, I can't do anything. My work involves editing word docs and because of this thing, I can't do it. Also, the antivirus is good for nothing if I can't update it. What should I do??

thanks!

Hi

To help you with your problem, please download Hijack This (http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe)

Doubleclick HJTInstall.exe to install it.
By default it will install to C:\Program Files\Trend Micro\HijackThis.
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Copy/Paste the log to your next reply please.
Don't use the Analyse This button, its findings are dangerous if misinterpreted.
Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

Download and run Flash_Disinfector

Download Flash_Disinfector from >here< (http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe) and save it to your desktop.
Doubleclick on Flash_Disinfector.exe to run it and follow the prompts.
Wait until it has finished scanning and then exit the program.
The utility may ask you to insert your flash drive and/or other removable drives. This may include your mobile phone.
Please do so and allow the utility to clean up those drives as well.

thanks and here's the code as asked. Hope it helps:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:43:02 PM, on 3/13/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\tlntsvr.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\sistray.EXE
C:\WINNT\System32\khooker.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SiS Tray] C:\WINNT\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINNT\System32\khooker.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKCU\..\Run: [amva] C:\WINNT\system32\amvo.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{D44ECDB1-77FA-49C6-A56A-1D1D6FD1AD16}: NameServer = 203.94.243.70,203.94.227.70
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe

--
End of file - 2894 bytes

Hi
Few more things to do.

Please open HijackThis
Click Scan only
Place checkmarks against the following:
O4 - HKCU\..\Run: [amva] C:\WINNT\system32\amvo.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
Close ALL open windows, except HijackThis
Click Fix checked
Close HijackThis


Please download the OTMoveIt2 (http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe) by OldTimer.

Save it to your desktop.
Please double-click OTMoveIt2.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):



C:\WINNT\system32\amvo.exe
C:\WINNT\web\related.htm

Return to OTMoveIt2, right click in the "Paste Standard List of Files/Folders to Move" window (under the light blue bar) and choose Paste.

Click the red Moveit! button.
Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTMoveIt2

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components and update.

Updating Java:

Download the latest version of Java(TM) SE Runtime Environment 6u5 (http://java.sun.com/javase/downloads/index.jsp).
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.


Please download Malwarebytes' Anti-Malware (http://www.besttechie.net/tools/mbam-setup.exe) to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\<User name>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt


Post a New HJT Log
Reboot your computer. Start HijackThis. Click Do System Scan and Save a Log File.
When the Scan is complete, select the whole log (Ctrl-A), copy and paste the log contents in a reply.

Hi! I did as asked and here are the logs:

Log for OTmoveIT:

C:\WINNT\system32\amvo.exe moved successfully.
C:\WINNT\web\related.htm moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03142008_133954


Log by Anti-Malware:


Malwarebytes' Anti-Malware 1.08
Database version: 490

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 79638
Time elapsed: 25 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
D:\Setups\sinstaller3.exe (Adware.Comet) -> Quarantined and deleted successfully.


New Hijack This log after all this:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:30:15 PM, on 3/14/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\tlntsvr.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\sistray.EXE
C:\WINNT\System32\khooker.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SiS Tray] C:\WINNT\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINNT\System32\khooker.exe
O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{D44ECDB1-77FA-49C6-A56A-1D1D6FD1AD16}: NameServer = 203.94.243.70,203.94.227.70
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe

--
End of file - 2513 bytes

Hi
Excellent. Your logs are looking clean :D A few housekeeping tasks left to do now.

I can't see any firewall in your HijackThis log.

FREE FIREWALLS

Outpost (http://www.agnitum.com/products/outpostfree/download.php)
Kerio (http://www.sunbelt-software.com/Kerio.cfm)
PC Tools Firewall Plus (http://www.pctools.com/firewall/)

Tutorial about Firewalls can be found here (http://www.bleepingcomputer.com/tutorials/tutorial60.html)
You can choose a free firewall from here (http://www.freebyte.com/antivirus/#freefirewalls)

Let's clear out the programs we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if used inappropriately.

Double click OTMoveIt2.exe to launch it.
Click on the CleanUp! button.
OTMoveIt will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access.
You will be prompted to allow the clean up procedure, click Yes
When finished exit out of OTMoveIt2
Now delete OTMoveIt2.exe (if still present)


Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.

Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialise and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com (http://www.windowsupdate.com) regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Install WinPatrol - Download and install Winpatrol by BillP Studios.
This program can monitor what software start with Windows. You can delay startup for some programs and stop malicious programs from starting up. It can also view some hidden files.
Download it from here (http://www.winpatrol.com/download.html)

Install Spybot - Search and Destroy - Download and install Spybot - Search and Destroy with its TeaTimer option.
This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here:
Instructions for - Spybot S & D (http://forum.malwareremoval.com/viewtopic.php?t=13)

Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A article on anti-malware products with links for this program and others can be found here:
Computer Safety on line - Anti-Malware (http://forum.malwareremoval.com/viewtopic.php?p=54#54)

Install ThreatFire - Download and install ThreatFire. This program defends against malware by detecting certain malicious behaviours. It is configured "out-of-the-box" and acts as a complement to your Antivirus software. It can be downloaded here:
PC Tools ThreatFire (http://www.threatfire.com/download/)

Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.Follow this list and your potential for being infected again will reduce dramatically.

Thanks Matt for your time and effort. Thanks a lot! :)

But the mail problem still remains. I still can't view my hidden files and the Smart Update still gets stuck (still not responding) although it gets stuck when it is download antivirus update number 21, before that it seems to be working fine???

Hi

Download to your Desktop FixPolicies.exe, a self-extracting ZIP archive from here: http://downloads.malwareremoval.com/BillCastner/FixPolicies.exe
Double-click FixPolicies.exe
Click the "Install" button on the bottom toolbar of the box that will open
The program will create a new Folder called FixPolicies
Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd
A black box will briefly appear and then close. This will enable your Control Panel and stop the Administrative warnings, at least until the malware infection resets the registry policy keys again. You can run this as many times as you like. A permanent fix requires removing the infection.
In your case the infection has been cleaned, so this should fix your hidden files problem.
What mail problem are you having?

Hi
A permanent fix requires removing the infection.
[/list]In your case the infection has been cleaned, so this should fix your hidden files problem.
What mail problem are you having?

Sorry, its the main problem, not mail. My bad.

Thanks, it fixed the hidden files problem for the time being but how do I ensure my comp. is infection free. The smart update of PCTAV still gets stuck like before. Here's a pic :o :

http://i25.tinypic.com/5o5rme.jpg

Hi
Sorry, its the main problem, not mail. My bad.No worries, we all make typos now and again ;)

The smart update of PCTAV still gets stuck like before.Can you try updating, but unselecting that database version?

The following is my usual speech for when someone is clean:

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Disable and Enable System Restore. - If you are using Windows ME/XP/Vista then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.

Reset System Restore.
Now you should disable System restore to purge any infected files and then re-enable it,

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
Restart your computer

Turn ON System Restore

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Un-Check Turn off System Restore.
Click Apply, and then click OK.

Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.

Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialise and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.

Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. For an article on Firewalls and a listing of some available ones see the link below:
Computer Safety On line - Software Firewalls (http://forum.malwareremoval.com/viewtopic.php?p=56#56)

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com (http://www.windowsupdate.com) regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Install WinPatrol - Download and install Winpatrol by BillP Studios.
This program can monitor what software start with Windows. You can delay startup for some programs and stop malicious programs from starting up. It can also view some hidden files.
Download it from here (http://www.winpatrol.com/download.html)

Install Spybot - Search and Destroy - Download and install Spybot - Search and Destroy with its TeaTimer option.
This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here:
Instructions for - Spybot S & D (http://forum.malwareremoval.com/viewtopic.php?t=13)

Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A article on anti-malware products with links for this program and others can be found here:
Computer Safety on line - Anti-Malware (http://forum.malwareremoval.com/viewtopic.php?p=54#54)

Install ThreatFire - Download and install ThreatFire. This program defends against malware by detecting certain malicious behaviours. It is configured "out-of-the-box" and acts as a complement to your Antivirus software. It can be downloaded here:
PC Tools ThreatFire (http://www.threatfire.com/download/)

Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.Follow this list and your potential for being infected again will reduce dramatically.

Hey, it seems that everything is working fine now!! :D The antivirus is taking updates and the scan revealed no infections... Thanks a lot Matt. I am following your advice and downloading stuff you mentioned.

There's just one little prob. left. After FixPolicies, I can see my hidden folders but can't hide them. The folder options tab shows that both the options are checked out, "show hidden files" and "don't show hidden files" too. How do I rehide them?? I can't check one of them, it again reverts back to both of them. (Tried restore defaults too!)

Pic: http://i31.tinypic.com/opd8x4.jpg

Hi
Please run FixPolicies again, but this time in Safe Mode
Go into Safe Mode by restarting your computer, then continually tapping F8 until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.
Close all open windows.
DO NOT USE MSCONFIG TO FORCE BOOTING INTO SAFE MODE. This can cause your system to get stuck in a loop if it cannot load Safe Mode, require a reinstall of Windows!

Double-click FixPolicies.exe
Click the "Install" button on the bottom toolbar of the box that will open
The program will create a new Folder called FixPolicies
Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd
A black box will briefly appear and then close. This will enable your Control Panel and stop the Administrative warnings, at least until the malware infection resets the registry policy keys again. You can run this as many times as you like. A permanent fix requires removing the infection.

Set correct settings for files that should be hidden in Windows
Click Start > Settings > Control Panel > Folder Options > View tab.
Under "Hidden files and folders" if necessary select Do not show hidden files and folders.
If unchecked please check Hide protected operating system files (Recommended)
If necessary Uncheck Hide file extensions for known file types.
Click OK
Restart into Normal Mode and check whether these settings are now correct.

Did it and everything's working fine now!! :D Thanks a lot Matt.

Just curious though, can you just describe in simple terms what's the difference between Threatfire and PCTAV?? Also, which one is better? :p Do you need both of them at the same or any one will do?? Could you give me a little more color on this??

Thanks!

Bikerdude

Hi
Glad that sorted it! :)

ThreatFire doesn't use threat signatures to identify malicious software, it uses behaviour-based rules and heuristics. PCTAV is like your traditional antivirus, it scans files/emails as they are opened and identifies viruses by it's threat signatures.

Technically both complement each other, so you can run them both at the same time. To make things simpler, there is a PRO version of ThreatFire that incorporates the PCTAV scanning engine and signatures, meaning that you would only need ThreatFire PRO. Obviously this comes at a price! At the moment this PRO version is half-price ($14.95 USD) for a 1-year subscription, and I have to say that it is well worth it! More info here (http://www.threatfire.com/purchase/).

Hope that helps