Clicking on the c drive prompts "choose the program you want this

[Guest]

to open. right clicking and open or explore prompts the same thing.

I had a virus attck then a sys tem crash. The odd thing is the computer will
finish booting and act's resonably normal until try to re-install the
TredMicro Client for SMB. Then it just sits there hourglass turning. I tried
inserting the OS disk rebooted and selected repair. After finishing displayed
the same problem.

 

[Guest]

You have unnecessary hidden files on the root of your drive. Open My Computer
and right-click on a Drive and you will notice that there will be an Auto
Play option on the top. This is caused when an Autorun.inf file exist on the
root of the drive.

1. Open My Computer - click Tools - Folder Options
2. Click View tab - click on "Show Hidden Files and Folders" and uncheck the
"Hide Protected Operating System Files" option
3. Open the drive by right-clicking Open or Explorer. If that doesn't help
then in the Address bar type the drive letter following by colon sign and
press enter e.g. C:
4. Delete the Autorun.inf file. Restart your PC. You can repeat this
procedure for each drive.

Now, restart your PC and check if it solves the problem.

If you still have an autoplay option as the first choice when you right
click that means the autorun.inf file is being generated automatically. it
could be possible due to a Virus / Trojan / Spyware has effected your system
and is recreating the files on Startup. Meanwhile, update your antivirus and
run a virus scan on all the drives.

Hope this help, let us know!

 

[Guest]

Yup, that worked. But now it is not accepting updates from windows Update
site? I tried to resolve this earlier by inserting the os disk and doing a
repair. That completed ok but that set the patches back and now it is not
accepting new updates. The TrendMicro SMB was not functioning, so on the
phone with them they had me remove the product the last step of that was to
delete the folder, which I could not do at the time. I ran there
Housecall.trendmicro and found 2 malware "TSPY_WOW_.AGM and TROJ_GENERIC" I
think I got rid of one. I will re-run and await your answer? Thanks for your
help--
RH

 

[Guest]

Found and finally removed "ppi9h.dll" TrendMicro had it as low risk "my butt"
TROJ_GENERIC. The computer still will not allow updates form the update
site???

 

[Guest]

I don't exactly know what to do with that Window Update bug but here I go.
According to my experience it is not easy to remove spyware as they mostly
effect the startup processes and even after the clean up when you restart
your PC they still resist in memory and that could be a reason with the
Update Process.

http://technodigits.wordpress.com/2007/07/24/how-to-manually-remove-viruses-from-your-system/

The above link has two tool which you can use to track all the startup
process and remove the unecessary ones.

Are you using Internet Explorer for downloading Windows Update? You can try
resetting Internet Security options by clicking Tools - Internet Options -
click Security tab - and set Default Level for each Internet - Local Intranet
- Trusted Sites - Restricted Sites. You can also reset Advanced settings by
clicking Advanced tab and clicking Restore Default button.

Do you receive any error messages while updating? If so, please mention them
in your next post.

Let us know!

 

[Guest]

Reset as suggested, no help. Dialog box comes up and says "Some updates were
not installed" then it lists any I attempt to download. Can you use the
update site in Safe Mode with networking?

 

[Guest]

Tried all, nothing worked, don't have the time to play anymore. I've started
to re-install the OS. An interesting note to you, I found an unrecognized 2mb
partiion of which 1mb was used! I'm thinking this was part of it. This was a
bad one. Another note I would pass to you was that after removing all the bad
files I could find and runing TrendMicro Housecall numerous times it did not
find any malware anymore but did find new cookies everytime as well as at the
end of each scan a "low virtual memory" would appear.
Thanks for your help--
RH

 

[Guest]

And one note for you. If you are planning to reinstall your OS then the good
idea will be a Fresh Installation instead of Repair Installation. Suppose, if
you have Windows installed on C drive then move all of your data to another
partition and then reinstall your partition using the Quick Format option.
This will clean all the junk from your drive and a fresher and faster window
will be installed. Update your Windows, Antivirus and Anti-Spyware. After
successful completion of everything creating a System Restore point.

I have never tried Internet in Safe Mode with Networking. Will soon do so.

 

[Guest]

Ya Ya, I just wiped everything, did a clean install. No data to save it's an
SBS client.

 

[Guest]

OH MY GOD I'ts back. I have scanned the server it retuns no viruses found.
After completing the re-install I connected to the server and scaned for
viruses with TM SMB and it found spyware grayware cookies and I started
getting memory errors and dlls that did not work.
Where could this be hiding? eprom? hard drive, somehow? I did get an error
from the video card driver, these things can't stay in memory when the power
is off can they?

 

[Guest]

As you said you wipe out your Client PC and then connected it to the server.
You also scanned your Server and there were no viruses.

First thing you should check is the method of cleaning your client pc. If
you are deleting just file and folders then it will not be sufficient. If
there is no data required then I will suggest you to format all the
partitions or at the time of reinstallation delete all the partitions and
recreate them.

You must be sure that your server is clean and your antivirus software is
up-to-date. It could be possible that your server pc is infecting the client.
After reinstallation of windows on client pc, do not connect it with server
and run a scan and do other routine tasks. Check if you are still safe. If
yes, then you must check the server pc.

Let us know!

 

[Guest]

Well, I've been working with TrendMicro Tech Support and pretty much tried
everything. Stopped over the weeked, will now resume. No, I'm no longer
attempting to connect to the server until this is resolved. Using TM SMB
System Cleaner and have manually installed the SMB client. Funny thing system
cleaner and the SMB client report clean, but when I try housecall.trendmicro
it finds grayware file:/Internet Explorer Cashe\server.iad.liveperson.net and
when removed a rescan shows clear and clean. Turn off or reboot rescan with
Housecal and boom it's back. I think these are seperate issues. I think the
laptop picked up this iad.liveperson.nett a convention in Burbank. Two of my
servers I think have been hacked via IUSER or IWAM account advapi. I think I
have that under control now changing those passwords.

 

[Guest]

Read the following discussion about server.iad.liveperson.net :

http://www2.oanda.com/cgi-bin/msgboard/ultimatebb.cgi?ubb=get_topic;f=17;t=001944

Hope this help, let us know!