Cannot set option"show hidden files"

Cannot set the option Folder Options/View/Show Hidden Files

5 Step Process


Please follow these instructions BEFORE posting your log. This will help the cleaning process and make things easier for you. DO NOT FIX ANY ENTRIES OR DELETE ANY FILES YOURSELF. NOTE THAT IF YOU CHOOSE TO RUN ANY SPECIALISED TOOLS THAT YOU SEE BEING USED IN OTHER THREADS, WITHOUT SUPERVISION, TSF CANNOT BE HELD RESPONSIBLE FOR ANY SYSTEM DAMAGE CAUSED. You may end up with a useless system. A trained Analyst will review your log and provide detailed instructions thereafter.


It is appreciated that the level of infection may not allow you to complete all these steps. Therefore, if for some reason you cannot perform one of the steps, move on to the next step and advise the Analyst accordingly when you post the requested logs.


NOTE: We are aware that users sometimes seek help from several Forums at the same time. Unfortunately, this can cause confusion and actually wastes time and resources - yours, ours and other Volunteers across the community. If you have already posted at another Forum, please advise us, or them, and choose just one.



STEP 1


Uninstall Malware from Windows Add/Remove Program Tab

Go to Start > Control Panel > Add / Remove Programs and uninstall any of the following malware/spyware/adware programs if you find them listed.

180 Search Assistant
180Solutions
Active alert
Ad Service
AdTools
AdTools Service
Alexa toolbar
BargainBuddy
Bullseye Networks
CashBack
cosmi
DH
EasySearchBar
Elite Sidebar
Elite Toolbar
Freeze Clip Art
GAIN
Gator
Hotbar Outlook Tools
Hotbar Web Tools
HuntBar
ISTbar
ISTSvc
Media Access
Media Gateway
MySearch
MyWay Search Bar
MyWebSearch
NavExcel Search Toolbar
NavHelper
ncase
Oemji Toolbar
Open Site
Preview AdService
Search Toolbar (HuntBar/WinTools)
ShopperReports by Hotbar
Sidefind
SideSearch
Slotchbar
Software Update Manager
SurfAccuracy
Upspiral Toolbar
TurboDownload
VBouncer
Viewpoint
Viewpoint Manager
Viewpoint Media Player
WareOut
WeatherBug
Web Rebates
Web Search Toolbar (WinTools)
Webhancer
WhenU (any entry)
WeirdOnTheWeb
Windows AdService
Windows ServeAd
WinTools
WinTools Easy Installer
WSEM Update

These are Optional removals but we recommend you remove them as well.

Download Accelerator Plus
Kazaa
Kontiki
Messenger Plus
NetPumper
NewDotNet
P2P Networking
StarWare
WildTangent

*Note* If you're unsure about ANY entry then leave it alone and the Analyst will advise you in the fix later.



Search for Rogue and Suspect Programs

Please visit the following site and REMOVE/UNINSTALL any program you have that is listed on this site.

Spyware Warrior: Rogue/Suspect Anti-Spyware Products & Web Sites

This site is updated and maintained with a list of known "Rogue" and "Suspect" programs. These programs cannot be trusted as they either don't do what they say, are poorly designed, or take advantage of the user in an effort to get YOU to spend money on buying their products. Several of these programs actually install "Spyware/Adware" on your system!

STEP 2


Run an Online scan

Perform an online scan with Internet Explorer with Panda ActiveScan

1. Click on located at the bottom of the page.
2. A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
3. Enter your e-mail address, country, and state & click "Free Online Scan" *The download of the 8 MB Panda's ActiveX control will take place*

Begin the scan by selecting

• If it finds any malware, it will offer you a report.
• Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
• Click on then click

* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan


Add the Panda log to your first post after you’ve completed the remaining steps.

STEP 3


Installing Immediate Protection

Please download and install the following programmes – they will provide some protection against further malware attacks and will continue to protect your system after you have been cleansed.

Spyware Blaster to help prevent spyware from installing in the first place. A tutorial on installing this product can be found here.


IE-Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impairs attempts to infect your system. A tutorial on installing this product can be found here.


*Note* After installing IE-SPYAD, a HijackThis scan will take a bit longer to run. This is normal – please be patient.


STEP 4


Update your Operating System

This is a basic step that seems to be ignored by many users. In a high percentage of cases this is the reason the user is infected in the first place. Microsoft doesn’t issue patches and updates for fun – they are issued to fix flaws in the system and ensure that users are not left open to attack.

NOTE: we may STOP the cleansing process until this is done.

*Note* There are some infections that may prevent you from updating your Operating System. In these cases please make sure you tell the analyst on your first post. They will provide a "General" fix and will try to ensure that you can update your system as soon as possible.

Note: This step is intended for those who have no Service Packs installed. If you're not sure, you can find out by right-clicking My Computer>select Properties and look on the General Tab under "System:". If you already have Service Pack 1 or Service Pack 2, please skip this step.

Please visit Microsoft's Window's Update Page and install the latest service packs, patch’s and security updates for your system.


For Windows XP Users! Only if you have NO Service Packs installed.

Quote:

IMPORTANT!: Before we can proceed any further, please visit the Microsoft's Windows Update Page and install ALL Critical Updates for your system (except service pack 2) (SP2). SP2 should only be installed on a fully disinfected system. At the minimum install at least SP1a for both XP and IE6. Without these updates your system is wide open to re-infection and we are both wasting our efforts to clean your system. After we have completed your clean-up, we will have you return to the Windows Update page and install SP2. We will also then advise you on how to better protect yourself online. Please apply those updates BEFORE posting your next log. It is this forum's policy to stop the disinfection process until these basic updates are done. If during the updating process you get a message that your product key is invalid ....then you may not have a legitimate copy of Windows XP. Unfortunately it’s also this forums policy that we only address users with a legal copy of Windows XP.... therefore if you can not update Windows XP to SP1 we must stop the cleansing process here. **Note** If you're having trouble locating the service pack SP1a here is a direct link to download it from.. http://download.microsoft.com/downlo...p1a_en_x86.exe Thank you for your cooperation.

STEP 5


Preparing to Post your Log


Posting Rules

1. Please do not start a new thread each time you reply. We need you to keep your logs in one thread only. It’s almost impossible to complete a fix by trying to follow more than one thread.

Please do not post your logs in any other Forum - logs should ONLY be posted in the HijackThis Forum.


2. Please be considerate of the fact that the people helping you are all volunteers, and in many cases usually have a job, and a limited amount of time to help, and therefore can only do so much. If no one has replied to your thread within 72hrs after you posted, please reply in your thread with the word BUMP to move it forward.

DO NOT Bump the thread unless 72 hours has passed. We work from oldest to newest posts so your wait will be longer if you bump it forward before the 72 hours is up.

3. Please have the common courtesy to follow your thread to it’s conclusion. Most analysts will post a clean speech and give you instructions and advice on programs to use that will help you prevent this from happening again. If you fail to conclude the thread your PC will be left vulnerable to another infection. We devote our time to you so please return the favour and make sure your thread reaches its logical conclusion.

4. Try to post your replies and logs in a timely manner. This can be critical depending on the infection. Many infections today are able to transform and rename themselves, thus making detection and removal much harder.

For users running Windows 2000, XP or Vista

Preparing to get a log with Deckard's System Scanner (formerly Comboscan)

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.

1. Close all applications and windows.
2. Double-click on dss.exe to run it, and follow the prompts.
3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt in your thread in the HijackThis Log Help Forum.
5. Please attach extra.txt to your post.

To attach a file to a new post, simply

1. Click the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
2. copy and paste the following into the "Upload File from your Computer" box:

   C:\Deckard\System Scanner\extra.txt
   

3. Click Upload.

What DSS will do:

• create a new System Restore point in Windows XP and Vista.
• clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
• check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

For users running Windows 95, 98 or ME

Please download HijackThis to your desktop - this program will help us determine if there are any spyware/malware on your computer.

Alternate link

Make sure you close down EVERY open window and close ALL browser windows. The only thing that should be open is the HijackThis program.

Double-click on the file you just downloaded.
Click on the "Install" button to install. It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis

Upon install, HijackThis should open for you.

Should it not open, navigate to C:\Program Files\Trend Micro\HijackThis and double click on HijackThis.exe

• If it gives you an intro screen, just choose 'Do a system scan and save a log file'.
• If not, run a scan and save the log file.
• Copy the text file (Ctrl+A then Ctrl+C) and paste it (Ctrl+V) in a new thread in the HJT Forum
• Do not fix any entries in HijackThis since they may be harmless.
• Make sure to include the System information at the top of the log as well.

Posting the Log

Important:

1. Be specific about YOUR issue.

The more information you can provide the easier it will be for us to ascertain your problem. If you receive a warning about a specific virus/trojan/worm then include the name of the infection in the thread header. For example, if your Antivirus picks up Alcra.B worm then your thread header would be something like

”Constant pop ups – Alcra.B worm”


2. Describe your issue/problem in DETAIL!

DO NOT use something like "Help Me" or "Here's My Log"...etc. This tells us nothing and is a waste of our time and yours. We cannot guess as to what may be your problem. Please provide as much detail as possible, including virus/trojan/worm names and locations if available. The more information you can give us the better we can help.

When posting the log please DO NOT:

• Attach the log. (Post it as text in the thread). Only attach the extra.txt log if you are using Deckards System Scanner.
• Wrap the log using Quote or Code tags. (DO make sure notepad word-wrap is OFF)
• Post another Program’s log (Unless we specifically ask for it)
• Cut off the header of any log (It contains important information for the Analyst)
• DO NOT Private Message the Analyst unless asked to do so.

3. Once you have posted, Subscribe to your thread by going to Thread Tools (at the top of the thread) > Subscribe. Make sure it is set to Instant Notification, then click Add Subscription.so that you are notified when you receive a reply.


This concludes the basic steps required before posting your log. Everything listed here is an effort from us to help you help yourself. The Analyst will cover many of these procedures again when reviewing your logs so please follow their instructions. And yes, you may be asked to run a tool again, even if you’ve already advised that you’ve run it previously. Once your issue is resolved the Analyst will provide links to programs and advice to help you prevent further infections in the future. Thank you for taking the time to read this.



Click here to post your log in the HijackThis Forum

View blog reactions