cmd?

Hi, recently I've been unable to double click and open my hard drive without an error message:


Right clicking on the hard drive shows that I'm able to open it but "cmd" is in bold as the main option:


How do I resolve this issue so that double-clicking the hard drive directly allow me to open it without right-clicking and choosing Open all the time.

Much thanks!

Hi, TFadam.

If you are still unable to run an .exe or similar file, it could well be your computer is infected. With Windows 7, you may want to first try System Restore to a point prior to when those files started appearing. Windows 7 has a much more robust System Restore than Windows XP and Windows Vista. If that doesn't work, I suggest doing the following:

Please download rkill from one of the following links and save to your Desktop:

One, Two,Three or Four

• Double-click rkill to run.
• A command window will open then disappear upon completion, this is normal.
• Please leave rkill on the Desktop until otherwise advised.
• Do NOT restart your computer after running rkill as the malware program(s) will start again.

Notes:

If you you receive security warnings about rkill, please ignore and allow the download to continue.

Following that, proceed with MBAM, as suggested by Capt.Jack Sparrow:

Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, be sure Quick scan is selected, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:
  
• Click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See the Note below)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Please post contents of that file in your next reply.

** Note **

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

From MBAM:

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Database version: 4386

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

03/08/2010 6:37:53 PM
mbam-log-2010-08-03 (18-37-53).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 293917
Time elapsed: 39 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files (x86)\Tencent\QQ\Bin\TXOPShow.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Tencent\QQ\Plugin\Com.Tencent.QQPet\bin\QQPet\QQPetDazzle.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
C:\Users\Adam\AppData\Roaming\chrtmp (Malware.Trace) -> Quarantined and deleted successfully.



After restarting as prompted, the cmd option is still there when I right click my hard drive.

Hi, TFadam.

Did you install the Chinese Instant Messenger program, Tencent, on your computer? Note that two infections located in the Tencent folder were identified as a backdoor trojan.

Because backdoor trojans have the potential to gain such complete control of a system, and install malicious code that may not be detectable, it’s wise to consider reformatting any system that’s been infected. Backdoor trojans allow hackers to remotely control your computer, steal critical system information and Download and Execute files

I would counsel you to disconnect this PC from the Internet immediately. Because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

I would strongly recommend format and reinstallation of this machine. For more information, you may wish to read one of these excellent articles:

• Malware Removal -- Where to Draw the Line
• When Should I Reformat? How Should I Reinstall?
• How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

If you do not have backups of your data, we could attempt a cleanup, but, again, there is no way to be sure your computer can ever again be trusted. Please let me know if you wish to continue to clean this machine or if you wish to format.

Corrine,
For my own info, what's the chance that with use of Autoruns that one would be able to get rid of the pest?

i realize that when doing such you must disable more than just one thing since these things quite often use a big brother approach to make sure that they haven't been disabled.

Do you know what you're looking for? It would certainly take a lot of research. I may use it on my computer but it isn't something I would use in analyzing on the forums.

Yes, I would know what I was looking for. You answered my question.