Tech Support Forum banner
Status
Not open for further replies.
1 - 6 of 6 Posts

·
Registered
Joined
·
90 Posts
Discussion Starter · #1 · (Edited)
Ok, this is a weird one... I'm not even sure I'm posting this in the right place, I'm tempted to take this over to the malware section...

Google has let me down for the first time this year, the only results I get link to some site that's all in Chinese/Japanese or something :(

Anyway, on to the problem...

I noticed earlier tonight that my computer (Running windows 7 x64) apparently has a blue ray drive (it doesn't). It automagically installed itself while I was playing MW2, just before the Steam servers went off line for "routine maintenance".


From my dxdiag (if you want the whole thing I'll post it, but I doubt it will help):

Code:
------------------
------------------------
Disk & DVD/CD-ROM Drives
------------------------
      Drive: C:
 Free Space: 43.9 GB
Total Space: 76.2 GB
File System: NTFS
      Model: ST380215 AS SCSI Disk Device

      Drive: D:
 Free Space: 87.5 GB
Total Space: 286.2 GB
File System: NTFS
      Model: ST330062 0AS SCSI Disk Device

      Drive: E:
 Free Space: 36.1 GB
Total Space: 156.3 GB
File System: NTFS
      Model: Maxtor 6L160P0 ATA Device

      [color=red]Drive: F:
      Model: TOTOJ D2JG16V SCSI CdRom Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (English), 7/13/2009 23:19:54, 147456 bytes[/color]

      Drive: Z:
      Model: TSSTcorp CDDVDW SH-S203D SCSI CdRom Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (English), 7/13/2009 23:19:54, 147456 bytes

--------------
About my drives (the real ones that are actually there): Drives C and D aren't actually SCSI, they're SATA, but they've always shown up like that.
Drive Z is my DVD drive, again it's SATA, not SCSI. Drive E is an old IDE.

Now the problem: Drive F does not exist... It shows up under computer as "BD-ROM Drive F". I'm not using any drive emulation software before you ask, in fact I don't even have any installed...

I've tried uninstalling it through device manager, but as soon as I refresh it's back.

So I decided to open up regedit and remove the pesky thing manually... with regedit I started searching for "TOTOJ", deleting any entries I found, thinking to myself that it was going a little too easily...

I found a "properties" folder in my registry that I couldn't access: "Properties cannot be opened. An error is preventing this key from being opened. Details: Access is denied." I've seen this before, and I know ways around it, except this time they don't work?

So I skipped to the next folder "Error while deleting key". I can't delete/rename/edit any of the files in the registry folder. I can view them, but that's all... I don't have the apropriate permissions.

"No problem" I thought to myself, and proceeded to edit permissions, a process I've done countless times when trying to manually remove malware from Vista/XP, as well as just deleting junk entries that are no longer needed...

It's not working though... So I tried to take ownership of the item, something I've only done once or twice, but it's straight forward enough, except this time it doesn't want to work...

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_TOTOJ&Prod_D2JG16V&Rev_1.03 <-- There's 4 folders within here that I can't delete.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\SCSI\CdRom&Ven_TOTOJ&Prod_D2JG16V&Rev_1.03 <-- There's 23 folders in this one that I can't delete, only 2 of which contain data, and one of which I get the "Properties cannot be opened. An error is preventing this key from being opened. Details: Access is denied" error.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\SCSI\CdRom&Ven_TOTOJ&Prod_D2JG16V&Rev_1.03 <-- This one has 22 Folders that I can't do anything with. Again most of them have no data, but I can't do anything. There's another one with the "access is denied error" too.

I've tried removing them in safe mode, to no avail. And this irritating imaginary Blueray drive will not go away, regarldess of anything that I try :(

Malwarebytes anti malware scanner has found nothing after scanning my whole system, neither has Spybot S&D. AVG Free version (yes I know it's not the best) also finds nothing, not that I expected it to...

The only two things I've done today, that could be considered in any way unusual regarding my normal activities:

1. Left my computer turned off while I went out to do some christmas shopping (I rarely leave my computer, nevermind turn it off).

2. Installed the logitech setpoint 6.0 Win7 x64 beta. I thought maybe this was the problem, but removing it didn't help. Also I fail to see why mouse/keyboard drivers would install an imaginary drive? I know beta's can do some funky things, but not that funky surely?

Well, if you've got this far I'd like to thankyou just for reading this (sorry it was so long, but I wanted to make sure I gave all the info). If you can help, then it will be much apreciated :D
 

·
Emeritus
Joined
·
51,675 Posts
It sounds like some software has created a Virtual Drive. Try a System Restore back to a time before the problem occurred.
 

·
Registered
Joined
·
90 Posts
Discussion Starter · #3 · (Edited)
Yep that's what I thought too...

It's somehow on both of my restore points though, one of which is 8 weeks old the other of which I created yesterday before installing the setpoint beta (and a few hours before the phantom drive appeared).

The fact that I can't edit the registry entries either manually, or using reg editing tools leads me to believe it's something dodgy; but nothing I've tried can find anything harmful or even remotely suspicious on my system (since I made the first post I've tried Sophos Anti-rootkit, AVG rootkit detector, eset.com's online scanner, Lavasoft's adaware). I've run hijackthis, but going through the log I can't see anything abnormal... My PC appears to be in perfect health? I've even run the Eicar test to make sure my AV is functioning, which it is. :4-dontkno

I've got no unusual processes in my task manager, memory usage is normal...

I'm usually pretty careful about downloading things/clicking links etc, and haven't actually had any sort of virus or serious malware that I know of for over 2 years, on 4 seperate computers. Hell I don't even get tracking cookies these days :laugh:

Apart from the phantom drive I'm not noticing any strange behaviour, my custom service setup is as it should be, everything runs well.

Going through my windows drive by mounting it in Ubuntu I can't see any dodgy files that are masked in Windows, just the usual hidden files (that I can see in Windows anyway, by showing hidden files).

The only problem I have is the occasional crash playing MW2, if I forget to crank my GPU fan speed up. Obviously I know what causes that, my GPU doesn't like going much above 70C :tongue:

The only other software (besides the setpoint beta) I've added since Modern Warfare 2 on release day, was a DivX update two or three days after MW2. I just updated the codec and the webplayer, I didn't install the actual divx player, and I've never heard of that adding an emulated/virtual drive two weeks down the line...
 

·
Registered
Joined
·
90 Posts
Discussion Starter · #4 ·
Sorry to double post, but I can't edit my last one...

Situation has taken a turn for the worst, I've just had a BSOD (first one in years). Going off the error code it looks like a disk malfunction. Wether it's the phantom drive spewing out error's because I've disabled it, or wether one of my HDD's is on it's way out I don't know yet?

I'm actually hoping it's the latter. I know my IDE drive is getting on a bit (I've been getting minor SMART errors with it for a while). I can easily fix that by removing the IDE drive from my PC. If it's the phantom drive and the fact that I've removed some of it's registry entries, I'm probably going to be reinstalling Windows if I can't get rid of the damned thing out of my registry...
 

·
Emeritus
Joined
·
51,675 Posts
Formatting should be the last resort but sometimes it is the only resort.
 

·
Registered
Joined
·
90 Posts
Discussion Starter · #6 · (Edited)
Yeah I know... Oddly enough I haven't been able to replicate whatever caused the BSOD, I've even tried stressing my drives; but everything seems stable again...

Still can't figure out how to get these entries out of my registry, but I'm kind of determined not to format just yet... I used to reformat XP every 12-18 months as a matter of course, so I'm used to backing things up; most things are kept on seperate drives to the one I install my OS onto anyway, so it's not that big a deal.

Bloody annoying that this almost new OS has been installed for what seems like a few weeks and I'm already considering the format though :(

I might go and try editing the windows registry from my linux boot before I format, failling that can you reccomend a good reg cleaner that will force the unwanted entries out? I haven't used any in a while, preferring to edit the reg myself; but I'm running out of ideas :(

On another topic, I've just looked at your system specs... Is the Mint OS any good? I might download that over the weekend and have a play with it before I p*ss about finding all my game saves/profiles in windows to back them up :laugh:
 
1 - 6 of 6 Posts
Status
Not open for further replies.
Top