need help

Welcome to Majorgeeks!

Issues like this are typically not related to malware. However you do have a few things to fix (but they will not fix your problems with your CD/DVD drives). And one of your problems is quite serious on the financial front.

IMPORTANT NOTE: You have the below Trojan (or have signs that you did at one time have it).

You are strongly advised to do the following immediately:

1. Disconnect infected computer from the internet and from any networked computers until the computer can be cleaned. If you have network compters, start checking them for problems too.
2. Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
3. From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.

Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passords and transaction
information.


Did you add the below two lines to your hosts file? Are they really necessary? Normal procedures are to remove all items like this!
O1 - Hosts: 67.19.16.18 jon.morchand.com
O1 - Hosts: 70.84.82.190 morchandstaging.com

Goto Add/Remove Programs and uninstall the below software.
J2SE Runtime Environment 5.0 Update 4
Viewpoint Manager (Remove Only)

Make sure viewing of hidden files is enabled (per the tutorial).

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe


After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\Program Files\Viewpoint <--- the whole folder if found
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe <--- look for any files here that begin with ibm00 and end with anything else and delete them.


If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.
Now run Ccleaner (installed while running the READ ME FIRST).

Now reboot in normal mode and post a new HJT log.

Make sure you tell me how things are working now.

Reminder Note: Once we have determined you are malware free you will need to disable System Restore, reboot, and re-enable system restore per step 1 of the READ & RUN ME. This only applies to if using WinXP or WinMe.

 

ibm00001.exe was Torpig. And since you did have it on your PC at one time, you still really should be safe and change passwords and verifify with and financial companies that no illegal activity has occurred.

Your log is clean. If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

After that, you should work thru the below link:

How to Protect yourself from malware!