Dear friends,
Hello to everyone in Techspot Community, I just came to know about this site and really happy to find people really helpful to solve problems aroused.
First of all I would like to say that my computer was badly infected with viruses and I found a solution from user forums it helped me reducing the viruse but still there are problems persist.
My problems are:
1. CD Writer and DVD ROME Drive is detecting and playing all Audio, Video and Applications and working fine but, it is not able to write CD's. I am using Compact CD Rewritable High Speed & DVD Rome Drive. Please suggest a possible solution.
2. If I insert a blank CD in the Drive and click the CD drive from My Computer Window the message display "Incorrect Function". Please give a appropriate solution.
3. If I right click on any file or folder and then going on "Send TO" option on the menu tab, it show all drives to send the file or folder but doesn't show CD drive. Please suggest a possible solution.
4. If I click a Drive on My Computer Window it will display "Open With" Menu and ask me to select a program to open this drive. I have to right click on the drive and select "Open" command from the menu, Please give me an appropriate solution for this problem.
5. When I shutdown my computer it will run a tab of "End Program - Sample", I checked everything and also cleaned my computer using CC cleaner but I cannot find the registry file displaying this message. Please send me a possible solution.
I am inserting HijackThis and AVG Anti-Spyware latest report here, please help me out.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 6:02:05 PM, on 08/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
E:\Panda\Desktop\My Documents\My Digital Editions\Softwares\HiJackThis_v2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [RegProt] c:\docume~1\qaiser~1\locals~1\temp\rar$ex41.46342\regprot.exe /start
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsServer] msfir80.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-57989841-1708537768-1060284298-1003\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe" (User '?')
O4 - HKUS\S-1-5-21-57989841-1708537768-1060284298-1003\..\Run: [MsServer] msfir80.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
--
End of file - 3918 bytes
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 6:05:17 PM 08/08/2007
+ Scan result:
E:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000894.EXE/rfd.exe -> Backdoor.Delf.agf : Cleaned.
C:\Documents and Settings\Qaiser Ali Shah\Cookies\qaiser ali shah@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Qaiser Ali Shah\Cookies\qaiser ali shah@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Qaiser Ali Shah\Cookies\qaiser ali shah@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Qaiser Ali Shah\Cookies\qaiser ali shah@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000887.exe -> Trojan.Copyself : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000888.exe -> Trojan.Copyself : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000889.exe -> Trojan.Copyself : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000890.exe -> Trojan.Copyself : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000891.exe -> Worm.VB.el : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000892.exe -> Worm.VB.el : Cleaned.
E:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000893.exe -> Worm.VB.el : Cleaned.
::Report end
Hello to everyone in Techspot Community, I just came to know about this site and really happy to find people really helpful to solve problems aroused.
First of all I would like to say that my computer was badly infected with viruses and I found a solution from user forums it helped me reducing the viruse but still there are problems persist.
My problems are:
1. CD Writer and DVD ROME Drive is detecting and playing all Audio, Video and Applications and working fine but, it is not able to write CD's. I am using Compact CD Rewritable High Speed & DVD Rome Drive. Please suggest a possible solution.
2. If I insert a blank CD in the Drive and click the CD drive from My Computer Window the message display "Incorrect Function". Please give a appropriate solution.
3. If I right click on any file or folder and then going on "Send TO" option on the menu tab, it show all drives to send the file or folder but doesn't show CD drive. Please suggest a possible solution.
4. If I click a Drive on My Computer Window it will display "Open With" Menu and ask me to select a program to open this drive. I have to right click on the drive and select "Open" command from the menu, Please give me an appropriate solution for this problem.
5. When I shutdown my computer it will run a tab of "End Program - Sample", I checked everything and also cleaned my computer using CC cleaner but I cannot find the registry file displaying this message. Please send me a possible solution.
I am inserting HijackThis and AVG Anti-Spyware latest report here, please help me out.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 6:02:05 PM, on 08/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
E:\Panda\Desktop\My Documents\My Digital Editions\Softwares\HiJackThis_v2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [RegProt] c:\docume~1\qaiser~1\locals~1\temp\rar$ex41.46342\regprot.exe /start
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsServer] msfir80.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-57989841-1708537768-1060284298-1003\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe" (User '?')
O4 - HKUS\S-1-5-21-57989841-1708537768-1060284298-1003\..\Run: [MsServer] msfir80.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
--
End of file - 3918 bytes
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 6:05:17 PM 08/08/2007
+ Scan result:
E:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000894.EXE/rfd.exe -> Backdoor.Delf.agf : Cleaned.
C:\Documents and Settings\Qaiser Ali Shah\Cookies\qaiser ali shah@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Qaiser Ali Shah\Cookies\qaiser ali shah@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Qaiser Ali Shah\Cookies\qaiser ali shah@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Qaiser Ali Shah\Cookies\qaiser ali shah@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000887.exe -> Trojan.Copyself : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000888.exe -> Trojan.Copyself : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000889.exe -> Trojan.Copyself : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000890.exe -> Trojan.Copyself : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000891.exe -> Worm.VB.el : Cleaned.
C:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000892.exe -> Worm.VB.el : Cleaned.
E:\System Volume Information\_restore{58E3BD99-718D-4089-A488-B6511692FF63}\RP6\A0000893.exe -> Worm.VB.el : Cleaned.
::Report end