Laptop no longer reocognising DVD rw

[barrel05]

My laptop recently wiped one of my DVD RW disks and now will no longer recognising any DVD RW disks inserted into the drive no matter if they are a data disk or a dvd. was wondering if anyone could help

[guestolo]

I just want to get a better idea of your system
Download [color=\"#FF0000\"]OTL.exe[/color][/url] by OldTimer to your Desktop.

• Close all windows and double click on OTL.exe to run it
• Click Run Scan and let the program run uninterrupted.
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.

NOTE: If you have trouble, or an error message trying to post the logs
Can you upload it to a reply box
In a Reply, select "Browse..." on the bottom right and then navigate to the file and select it
Then click "Upload"

In addition: Can you let me know the exact Make/Model of computer
and make/model of DVD drive

[barrel05]

OTL

OTL logfile created on: 24/01/2010 12:54:22 PM - Run 1
OTL by OldTimer - Version 3.1.25.4     Folder = C:\Documents and Settings\knox\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
 
502.00 Mb Total Physical Memory | 227.00 Mb Available Physical Memory | 45.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.69 Gb Total Space | 13.66 Gb Free Space | 24.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: YOUR-3962729A48
Current User Name: knox
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=\"#E56717\"]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/01/22 14:17:56 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\knox\Desktop\OTL.exe
PRC - [2009/12/03 18:39:52 | 00,083,280 | ---- | M] () -- C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe
PRC - [2009/10/21 11:50:12 | 00,995,528 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2009/10/21 11:50:10 | 00,711,248 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2009/10/15 19:00:30 | 00,275,792 | ---- | M] () -- C:\Program Files\Trend Micro\TrendSecure\TSCFCommander.exe
PRC - [2009/09/04 12:07:28 | 00,497,008 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
PRC - [2009/09/04 11:51:40 | 00,677,128 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/06 21:43:10 | 00,341,256 | ---- | M] () -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2009/03/24 19:09:36 | 00,169,296 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
PRC - [2009/02/12 20:46:37 | 00,181,584 | ---- | M] () -- C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe
PRC - [2009/02/12 17:52:44 | 00,161,104 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\platformdependent\ProToolbarComm.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/04/14 11:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/01/25 07:51:28 | 00,028,672 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\TCtrlIOHook.exe
PRC - [2004/12/07 01:49:32 | 00,088,363 | ---- | M] (Agere Systems) -- C:\WINDOWS\agrsmmsg.exe
PRC - [2004/11/30 16:06:26 | 00,053,248 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
PRC - [2004/11/30 04:10:22 | 00,667,648 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
PRC - [2004/11/13 12:57:12 | 00,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
PRC - [2004/11/02 12:03:44 | 00,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2004/11/02 11:59:42 | 00,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2004/10/26 09:23:10 | 00,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
PRC - [2004/09/16 10:03:08 | 00,135,168 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2004/07/15 11:07:32 | 00,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe
PRC - [2004/06/30 13:04:10 | 01,077,326 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
PRC - [2004/06/02 15:43:10 | 00,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2004/03/24 01:40:42 | 00,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apoint.exe
PRC - [2003/09/05 22:24:46 | 00,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2003/05/23 15:38:26 | 00,106,496 | ---- | M] (Matsu[censored]a Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2003/03/14 13:38:12 | 00,155,648 | ---- | M] (Matsu[censored]a Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2003/02/26 14:08:42 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApntEx.exe
 
 
[color=\"#E56717\"]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/01/22 14:17:56 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\knox\Desktop\OTL.exe
 
 
[color=\"#E56717\"]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2009/10/21 11:50:10 | 00,711,248 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/04 12:07:28 | 00,497,008 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw)
SRV - [2009/09/04 11:51:40 | 00,677,128 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/06 21:43:10 | 00,341,256 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2009/02/12 20:46:37 | 00,181,584 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe -- (Security Activity Dashboard Service)
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/04/14 11:11:55 | 00,028,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\irmon.dll -- (Irmon)
SRV - [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/29 07:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/05/23 15:38:26 | 00,106,496 | ---- | M] (Matsu[censored]a Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
 
 
[color=\"#E56717\"]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2009/05/22 19:02:26 | 00,225,296 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmxpflt.sys -- (tmxpflt)
DRV - [2009/05/22 19:00:40 | 00,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmpreflt.sys -- (tmpreflt)
DRV - [2009/05/22 18:45:58 | 01,220,120 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vsapint.sys -- (vsapint)
DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/06 21:43:46 | 00,335,376 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TM_CFW.sys -- (tmcfw)
DRV - [2009/04/06 21:43:45 | 00,080,400 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2009/04/03 10:08:54 | 00,050,192 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2009/04/03 10:08:52 | 00,050,192 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2009/04/03 10:08:48 | 00,153,104 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2009/03/26 16:23:46 | 00,036,864 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2008/04/14 04:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2007/11/13 21:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/09/29 03:07:50 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/07/18 19:37:51 | 00,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2007/07/18 19:33:29 | 00,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2004/12/15 17:22:08 | 00,010,240 | ---- | M] (Dritek System Inc.) [Kernel | Auto | Running] -- C:\DRIVERS\FN-ESSE\DPortIO.sys -- (DritekPortIO)
DRV - [2004/12/14 21:29:28 | 00,016,128 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
DRV - [2004/12/12 09:12:00 | 00,006,144 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\Program Files\TOSHIBA\Windows Utilities\spDispatch.sys -- (SPCtl)
DRV - [2004/12/12 09:12:00 | 00,006,144 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\HWS_IoDispatch.sys -- (HWSCtrl)
DRV - [2004/12/11 20:52:14 | 00,006,144 | ---- | M] (TOSHIBA ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TCtrlIO.sys -- (TCtrlIO)
DRV - [2004/12/11 09:00:44 | 00,006,144 | ---- | M] (TOSHIBA) [Kernel | System | Running] -- C:\Program Files\TOSHIBA\Accessibility\StickyMesger.sys -- (StickyMesger)
DRV - [2004/12/11 08:49:18 | 00,006,144 | ---- | M] (TOAHIBA, ) [Kernel | System | Running] -- C:\Program Files\TOSHIBA\TouchPad\TPECioCtl.sys -- (TPECioCtl)
DRV - [2004/12/11 03:29:50 | 00,006,144 | ---- | M] (TOAHIBA, ) [Kernel | System | Running] -- C:\Program Files\TOSHIBA\E-KEY\EKECioCtl.sys -- (EKECioCtl)
DRV - [2004/12/07 01:50:14 | 01,270,572 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/11/27 08:04:38 | 00,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2004/11/26 10:29:00 | 00,224,000 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/11/17 13:30:00 | 00,147,840 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2004/11/15 19:22:08 | 00,101,874 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/11/02 12:27:20 | 00,773,565 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/10/30 13:48:10 | 03,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2004/10/27 16:57:38 | 02,284,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/04 23:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/07/31 09:05:04 | 00,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EPIOMngr.sys -- (SerTVOutCtlr)
DRV - [2004/07/30 18:05:08 | 00,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\Program Files\TOSHIBA\E-KEY\SSIOMngr.sys -- (SrvcSSIOMngr)
DRV - [2004/07/30 18:05:04 | 00,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\Program Files\TOSHIBA\E-KEY\EKIOMngr.sys -- (SrvcEKIOMngr)
DRV - [2004/06/17 06:19:58 | 00,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004/01/30 12:32:32 | 00,090,480 | ---- | M] (Matsu[censored]a Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2003/09/19 20:47:00 | 00,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/09/11 18:36:54 | 00,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
 
 
[color=\"#E56717\"]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=\"#E56717\"]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={sea...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=\"#E56717\"]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {f8454bbe-519f-4004-85c1-12d1b31988fc}:1.24
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.10
FF - prefs.js..extensions.enabledItems: [email protected]:0.7.9
FF - prefs.js..extensions.enabledItems: {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.2
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.0
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.3
FF - prefs.js..extensions.enabledItems: {06997db0-c027-4d5f-bd37-b0d9230226ea}:0.52
FF - prefs.js..extensions.enabledItems: {cd617375-6743-4ee8-bac4-fbf10f35729e}:2.5
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.3.20091214_AMO
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.3
FF - prefs.js..extensions.enabledItems: {22181a4d-af90-4ca3-a569-faed9118d6bc}:1.2.0.1073
FF - prefs.js..extensions.enabledItems: unplug@compunach:2.024
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.2.14
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension [2010/01/23 16:15:56 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/07 19:40:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/08 15:23:39 | 00,000,000 | ---D | M]
 
[2009/11/12 23:58:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\knox\Application Data\Mozilla\Extensions
[2008/07/10 02:19:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\knox\Application Data\Mozilla\Extensions\[email protected]
[2009/02/23 17:52:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\knox\Application Data\Mozilla\Extensions\[email protected]
[2010/01/23 17:28:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions
[2009/11/14 02:21:39 | 00,000,000 | ---D | M] (Remove Cookie(s) for Site) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{06997db0-c027-4d5f-bd37-b0d9230226ea}
[2010/01/12 10:36:14 | 00,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
[2009/12/31 15:31:01 | 00,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2009/11/14 11:33:34 | 00,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010/01/21 15:29:43 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/11/14 02:21:45 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}
[2010/01/21 15:29:41 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010/01/12 10:36:12 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/11/14 02:21:57 | 00,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/11/14 11:34:38 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/01/12 10:36:20 | 00,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/11/14 11:02:49 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{f8454bbe-519f-4004-85c1-12d1b31988fc}
[2009/11/14 11:02:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\[email protected]
[2009/12/05 12:36:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\[email protected]
[2009/12/16 15:37:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\SkipScreen@SkipScreen
[2010/01/16 13:14:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\[email protected]
[2009/11/20 02:05:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\unplug@compunach
[2010/01/16 13:14:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\[email protected]
[2009/10/27 07:34:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/17 19:40:12 | 00,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
 
O1 HOSTS File: ([2004/08/04 23:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1f6e533e-905c-484b-b5c0-c42f2b5c7c8b} - Reg Error: Value error. File not found
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\agrsmmsg.exe (Agere Systems)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy]  File not found
O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ZoomingHook] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\knox\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsu[censored]a Electric Industrial Co., Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: {79DDFA20-063B-1033-0413-05080220003d} = "C:\Program Files\Common Files\{79DDFA20-063B-1033-0413-05080220003d}\Update.exe" mc-110-12-0001411 File not found
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra 'Tools' menuitem : IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} -  File not found
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Marcia\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 8 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/Facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/Facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/Messe...nt.cab50997.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\knox\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\knox\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/12/28 11:33:53 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7e53f466-c806-11dc-a019-0012f051e6ae}\Shell\AutoRun\command - "" = E:\InstallTomTomHOME.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
[color=\"#E56717\"]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/01/22 14:17:20 | 00,547,840 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\knox\Desktop\OTL.exe
[2010/01/20 17:59:00 | 00,000,000 | ---D | C] -- C:\Config.Msi
[2010/01/20 14:08:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\knox\Local Settings\Application Data\Ahead
[2010/01/20 13:52:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\knox\Application Data\Ahead
[2010/01/20 13:48:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010/01/18 10:41:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\knox\Desktop\New Folder (2)
[2010/01/13 13:35:25 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/04/06 22:19:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Trend Micro
[2008/06/10 09:49:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/12/04 22:53:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2007/01/16 20:23:57 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/11/01 08:23:13 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2005/11/15 17:28:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2004/12/28 11:37:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=\"#E56717\"]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/01/24 12:53:33 | 00,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F17FA9A5-94A2-4393-8283-B524550BF09B}.job
[2010/01/24 12:46:06 | 00,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2370085308-4065420486-4255011411-1006UA.job
[2010/01/24 12:04:22 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/24 12:01:37 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 12:01:33 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 12:01:32 | 52,689,7152 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/23 19:21:59 | 06,172,672 | ---- | M] () -- C:\Documents and Settings\knox\ntuser.dat
[2010/01/23 19:21:59 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\knox\ntuser.ini
[2010/01/23 19:21:06 | 05,411,756 | -H-- | M] () -- C:\Documents and Settings\knox\Local Settings\Application Data\IconCache.db
[2010/01/22 14:17:56 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\knox\Desktop\OTL.exe
[2010/01/21 15:22:48 | 00,082,944 | ---- | M] () -- C:\Documents and Settings\knox\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/20 22:46:01 | 00,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2370085308-4065420486-4255011411-1006Core.job
[2010/01/20 19:40:29 | 00,000,937 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Media Player Classic.lnk
[2010/01/20 15:13:37 | 00,000,042 | ---- | M] () -- C:\Documents and Settings\knox\default.pls
[2010/01/16 14:18:15 | 17,535,561 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\the-cougar-club-trailer-scene5-2.mp4
[2010/01/14 16:03:14 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/13 19:57:10 | 00,012,088 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\bzv_carmella_bing.wmv.torrent
[2010/01/13 19:56:57 | 00,020,273 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\btis_angelina_carmella.wmv.torrent
[2010/01/13 19:10:33 | 00,030,644 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\Bonny Bon-lesbian anal fist.mpg.torrent
[2010/01/13 18:56:45 | 00,012,936 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\adventures in squirtland.mp4.torrent
[2010/01/12 20:08:59 | 00,759,677 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\FarmvilleGuide.pdf
[2010/01/09 19:33:21 | 00,014,763 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\gianna_michaels-donger_brothers.wmv.torrent
[2010/01/08 22:28:47 | 00,010,729 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\btiu_carmella_bing.wmv.torrent
[2010/01/04 11:53:12 | 00,163,846 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\supergirl megan.jpeg
[2010/01/03 03:26:52 | 00,016,859 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\Blacks On Blondes - Gianna Michaels.torrent
[2010/01/03 03:17:01 | 00,036,780 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\MyFirstSexTeacher.com - Julia Ann - HDV 720p + Picture - Set(2).torrent
[2009/12/30 19:58:40 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/29 16:42:47 | 00,068,589 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\Angelica Sin.torrent
[2009/12/26 00:04:07 | 00,027,822 | ---- | M] () -- C:\Documents and Settings\knox\Desktop\Pregnant [censored]ing in public places 3 p.torrent
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=\"#E56717\"]========== Files Created - No Company Name ==========[/color]
 
[2010/01/20 15:13:37 | 00,000,042 | ---- | C] () -- C:\Documents and Settings\knox\default.pls
[2010/01/19 19:23:19 | 06,172,672 | ---- | C] () -- C:\Documents and Settings\knox\ntuser.dat
[2010/01/16 14:11:48 | 17,535,561 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\the-cougar-club-trailer-scene5-2.mp4
[2010/01/13 19:57:05 | 00,012,088 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\bzv_carmella_bing.wmv.torrent
[2010/01/13 19:56:56 | 00,020,273 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\btis_angelina_carmella.wmv.torrent
[2010/01/13 19:10:11 | 00,030,644 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\Bonny Bon-lesbian anal fist.mpg.torrent
[2010/01/13 18:56:44 | 00,012,936 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\adventures in squirtland.mp4.torrent
[2010/01/12 20:08:53 | 00,759,677 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\FarmvilleGuide.pdf
[2010/01/09 19:33:20 | 00,014,763 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\gianna_michaels-donger_brothers.wmv.torrent
[2010/01/08 22:28:46 | 00,010,729 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\btiu_carmella_bing.wmv.torrent
[2010/01/04 11:53:11 | 00,163,846 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\supergirl megan.jpeg
[2010/01/03 03:26:52 | 00,016,859 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\Blacks On Blondes - Gianna Michaels.torrent
[2010/01/03 03:17:00 | 00,036,780 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\MyFirstSexTeacher.com - Julia Ann - HDV 720p + Picture - Set(2).torrent
[2009/12/30 19:58:40 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/29 16:42:46 | 00,068,589 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\Angelica Sin.torrent
[2009/12/26 00:04:07 | 00,027,822 | ---- | C] () -- C:\Documents and Settings\knox\Desktop\Pregnant [censored]ing in public places 3 p.torrent
[2009/11/14 03:30:35 | 00,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/11/14 03:30:34 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/11/14 03:30:31 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/11/14 03:30:31 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/11/14 03:30:29 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/11/14 03:30:29 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/12/31 17:04:42 | 00,691,560 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/11/07 03:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/07 03:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/09/05 08:38:30 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/09/04 21:45:06 | 00,000,025 | ---- | C] () -- C:\WINDOWS\CDE CX5500Asia.ini
[2007/12/05 00:16:23 | 00,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI
[2007/07/18 19:33:29 | 00,642,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/07/18 19:33:29 | 00,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd4781.sys
[2007/06/14 01:44:05 | 00,000,216 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/01/03 20:06:52 | 00,001,739 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/08/20 18:09:50 | 00,000,026 | ---- | C] () -- C:\WINDOWS\dvdSanta.INI
[2006/08/07 01:04:12 | 00,001,891 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2006/05/13 10:43:35 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\impborl.dll
[2005/10/11 22:51:29 | 00,000,056 | ---- | C] () -- C:\WINDOWS\RALLYC.INI
[2005/09/15 18:31:40 | 00,082,944 | ---- | C] () -- C:\Documents and Settings\knox\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/08/28 10:00:54 | 00,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/08/28 10:00:54 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/08/28 10:00:54 | 00,010,167 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/08/28 10:00:54 | 00,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/08/11 09:00:12 | 00,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2004/12/28 22:22:37 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/12/28 12:27:22 | 00,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
[2004/12/28 12:21:50 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/12/28 12:17:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2004/12/28 12:16:10 | 00,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2004/12/28 12:16:10 | 00,028,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2004/12/28 12:15:35 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/12/28 12:14:41 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/12/28 12:14:41 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/12/28 12:14:41 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/12/28 12:14:41 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/12/28 12:14:41 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/12/28 12:14:41 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/12/28 12:03:21 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/12/28 11:38:39 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/12/28 10:14:48 | 00,002,388 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/12/15 02:40:16 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll
[2004/01/13 21:46:00 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[1999/01/23 13:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
[color=\"#E56717\"]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CAAA7DD7
< End of report >

[barrel05]

Extras

OTL Extras logfile created on: 24/01/2010 12:54:22 PM - Run 1
OTL by OldTimer - Version 3.1.25.4     Folder = C:\Documents and Settings\knox\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
 
502.00 Mb Total Physical Memory | 227.00 Mb Available Physical Memory | 45.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.69 Gb Total Space | 13.66 Gb Free Space | 24.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: YOUR-3962729A48
Current User Name: knox
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=\"#E56717\"]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=\"#E56717\"]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=\"#E56717\"]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[color=\"#E56717\"]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"8540:TCP" = 8540:TCP:*:Enabled:BitComet 8540 TCP
"8540:UDP" = 8540:UDP:*:Enabled:BitComet 8540 UDP
 
[color=\"#E56717\"]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com)
 
 
[color=\"#E56717\"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(tm) 6 Update 17
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(tm) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(tm) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(tm) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(tm) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(tm) 6 Update 7
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40E12A55-C504-4223-AFAC-7672DBF1ACDE}" = Trend Micro Internet Security Pro
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{47FBF7F9-FBD3-43EF-823B-7684D56C1962}" = Tabbed Browsing (Windows Live Toolbar)
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls
"{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{68108E66-D13A-4EE8-A6F4-40E4B90C2A26}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security Pro
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B2BC65-F997-4208-AEE5-CF8B809A3A71}" = TIxx21/x515
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8338BA06-E527-491B-9400-F51708FEE695}" = iPod for Windows 2005-11-17
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{91A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A38D57D1-5F29-4691-B3DD-FE4B3A7B3AFE}" = TOSHIBA Power Saver
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B148AB4B-C8FA-474B-B981-F2943C5B5BCD}" = OGA Notifier 1.7.0105.35.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9DBA8C2-74F7-4ECC-850B-B76E852DA6A6}" = Image Converter 3.0
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}" = SMSC IrCC V5.1.3600.5 SP2
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"BitComet" = BitComet 1.16
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"dvdSanta 4.00 - Create Your Own DVD Movies!_is1" = dvdSanta 4.00
"Fn-esse" = TOSHIBA Fn-esse
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Information Center" = Information Center
"InstallShield_{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls
"InstallShield_{73B2BC65-F997-4208-AEE5-CF8B809A3A71}" = Texas Instruments PCIxx21/x515 drivers.
"InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"InstallShield_{8338BA06-E527-491B-9400-F51708FEE695}" = iPod for Windows 2005-11-17
"InstallShield_{A38D57D1-5F29-4691-B3DD-FE4B3A7B3AFE}" = TOSHIBA Power Saver
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Full)
"LimeWire" = LimeWire 5.0.11
"MediaSupplyCodec" = Media Supply Codec v1.6
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MultiMedia Software" = MultiMedia Software
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Total Annihilation" = Total Annihilation
"Total Annihilation Units Compilation Pack_is1" = Total Annihilation Units Compilation Pack Version 1.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
[color=\"#E56717\"]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
[color=\"#E56717\"]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 19/01/2010 10:47:27 PM | Computer Name = YOUR-3962729A48 | Source = MsiInstaller | ID = 11704
Description = Product: Nero 7 Premium -- Error 1704. An installation for Java(tm)
 6 Update 17 is currently suspended.  You must undo the changes made by that installation
 to continue.  Do you want to undo those changes?
 
Error - 22/01/2010 12:19:30 AM | Computer Name = YOUR-3962729A48 | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.1.3642, faulting module
 msvcr80.dll, version 8.0.50727.4053, fault address 0x0000f880.
 
[ System Events ]
Error - 23/01/2010 1:16:34 AM | Computer Name = YOUR-3962729A48 | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
 
Error - 23/01/2010 1:16:34 AM | Computer Name = YOUR-3962729A48 | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
 
Error - 23/01/2010 1:16:34 AM | Computer Name = YOUR-3962729A48 | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
 
Error - 23/01/2010 1:16:34 AM | Computer Name = YOUR-3962729A48 | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
 
Error - 23/01/2010 1:21:07 AM | Computer Name = YOUR-3962729A48 | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
 
Error - 23/01/2010 1:21:20 AM | Computer Name = YOUR-3962729A48 | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
 
Error - 23/01/2010 1:24:25 AM | Computer Name = YOUR-3962729A48 | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
 
Error - 23/01/2010 1:26:41 AM | Computer Name = YOUR-3962729A48 | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
 
Error - 23/01/2010 1:26:55 AM | Computer Name = YOUR-3962729A48 | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
 
Error - 23/01/2010 4:21:55 AM | Computer Name = YOUR-3962729A48 | Source = DCOM | ID = 10010
Description = The server {C548029D-D36D-4515-BC3B-E94DEE3B9766} did not register
 with DCOM within the required timeout.
 
 
< End of report >

[guestolo]

My laptop recently wiped one of my DVD RW disks

Can you tell me what you meant by that

In addition, how long ago did you notice this first happening
Do you have any system restore points before that time you can try restoring too?

[barrel05]

I Installed nero onto my laptop and was checking some disks all was well then all of a sudden one of the disks wouldn't open an error message came up saying there was something wrong with the computer about reading upper and lower. i tried other disks and they were all working, i tried the disk that wasn't on my upstairs pc and it didn't work. I tried rebooting the computer but when i did the laptop wouldn't recognize any of my RW disks but they would work fine upstairs all other types of disk would work fine. I did a system restore and still the problem was there. I unistalled Nero and Sonic but that didn't help

[guestolo]

something wrong with the computer about reading upper and lower

Thanks for that info, let's go that route
Can you do the following
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
Change the Save as Type to All Files.
Name the file as Export.bat

Code: [Select]

regedit /e Export.txt "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}"Double click on Export.bat, a text file called Export.txt
should produce on your desktop
Copy>>paste back here the contents of Export.txt please

[barrel05]

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}]
"Class"="CDROM"
@="DVD/CD-ROM drives"
"EnumPropPages32"="MmSys.Cpl,MediaPropPageProvider"
"Installer32"="storprop.dll,DvdClassInstaller"
"SilentInstall"="1"
"NoInstallClass"="1"
"TroubleShooter-0"="hcp://help/tshoot/tsdrive.htm"
"Icon"="-51"
"LowerFilters"=hex(7):50,00,78,00,48,00,65,00,6c,00,70,00,32,00,30,00,00,00,49,\
  00,76,00,69,00,61,00,73,00,70,00,69,00,00,00,50,00,66,00,63,00,00,00,00,00
"UpperFilters"=hex(7):47,00,45,00,41,00,52,00,41,00,73,00,70,00,69,00,57,00,44,\
  00,4d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0001]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0001\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0002]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0002\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0012]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0012\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[guestolo]

Let's try the following
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as fix.reg

Save this file on the desktop
Ensure to copy from REGEDIT4 and down in the code box

 

Code: [Select]

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}]
"LowerFilters"=-
"UpperFilters"=-

Double click on fix.reg and allow to add/merge to the registry at the prompt
Reboot the computer

Let me know if that fixes your CD/DVD RW problems
If it does, don't run away, we just need to update a bit of your software

[barrel05]

It worked for about five minutes the when i put another disk in it came up with an error box

D:\is not accesible
the request could not be performed because of an I/O device error

[guestolo]

OK, let's try a different route, get some of your software updated and check for unwanted software

Please download [color=\"#FF0000\"]JavaRa[/color]  (Copyright © 2008 RaProducts.org) and unzip it to your desktop.

Print these instructions, or save them to a text file on desktop...you won't have Internet access during this particular phase!

[color=\"#8B0000\"]***Please close any instances of Internet Explorer or any other browser before continuing!***
[/color]

Access your Add and Remove Programs and remove all older versions of Java
This includes all the following:
Javaâ„¢ 6 Update 17
J2SE Runtime Environment 5.0 Update 9
J2SE Runtime Environment 5.0 Update 10
Javaâ„¢ SE Runtime Environment 6 Update 1
Javaâ„¢ 6 Update 2
Javaâ„¢ 6 Update 3
Javaâ„¢ 6 Update 5
Javaâ„¢ 6 Update 7
Don't reboot if prompted, carry on with the following

1. Double-click on

JavaRa.exe  to start the program.
   2. From the drop-down menu, choose English or the appropriate language...and click on Select.
   3. JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
   4. Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
   5. A logfile will pop up. Please save it to a convenient location.
[/list]
I'll need to see that log later

Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately.
If not prompted to reboot, do so manually anyways

Back in Windows
 
Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
[color=\"blue\"]Updating Java:[/color]

• Download the latest version of  Java Runtime Environment (JRE) .
  
• Scroll down to where it says "JDK 6 Update 18 (JDK or JRE)".
  
• Click the "Download JRE" button to the right.
  
• In the Window that opens, select Windows,>>Check the "agree" box and click Continue.
  
• Click on the link to download Windows Offline Installation and save to your desktop.
  
• Then from your desktop double-click on jre-6u18-windows-i586.exe that you downloaded to install the newest version.
  

download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
     
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
     
  
• Make sure that everything is checked, and click Remove Selected.
      * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
     
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Include the log from JavaRA with the MBAM report

[barrel05]

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Mon Jan 25 17:34:21 2010

Found and removed: C:\Program Files\Java\j2re1.4.2_05

Found and removed: C:\Windows\System32\jpicpl32.cpl

Found and removed: C:\Windows\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142050}

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4

Found and removed: Software\JavaSoft\Java2D\1.5.0_08

Found and removed: Software\JavaSoft\Java2D\1.5.0_09

Found and removed: Software\JavaSoft\Java2D\1.5.0_10

Found and removed: SOFTWARE\Classes\JavaPlugin.150_09

Found and removed: SOFTWARE\Classes\JavaPlugin.150_10

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142050}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F841731866D117AB7000B0D410205

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410205

Found and removed: SOFTWARE\Classes\JavaPlugin.142_05

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_05

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.2_05

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.4.2_05

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\JavaPlugin.142_05

Found and removed: Software\Classes\JavaPlugin.160_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACB9B14518A96D117A58000B0D410205

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

------------------------------------

Finished reporting.





Malwarebytes' Anti-Malware 1.44
Database version: 3639
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

26/01/2010 10:26:23 PM
mbam-log-2010-01-26 (22-26-23).txt

Scan type: Quick Scan
Objects scanned: 112737
Time elapsed: 11 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 17
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\VAC.Video (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software (Trojan.Zlob) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c004dec2-2623-438e-9ca2-c9043ab28508} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\{79ddfa20-063b-1033-0413-05080220003d} (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[guestolo]

Double click on fix.reg again, allow to merge at the prompt
Reboot again

Any help?

[barrel05]

Tried fix.reg again worked once then stopped reading again. keeps saying D: not accessible

[guestolo]

I see quite a few codec packages installed, why so many?
That can cause problems
Are you trying to run the same DVD everytime you have problems?
Can you run it on another computer?

[barrel05]

The only codec pack i installed was klite the others must have already been on the laptop. Yeah the disks work on other computer

[guestolo]

Can you do the following
double click on Export.bat again on desktop and post the contents of export.txt

[barrel05]

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}]
"Class"="CDROM"
@="DVD/CD-ROM drives"
"EnumPropPages32"="MmSys.Cpl,MediaPropPageProvider"
"Installer32"="storprop.dll,DvdClassInstaller"
"SilentInstall"="1"
"NoInstallClass"="1"
"TroubleShooter-0"="hcp://help/tshoot/tsdrive.htm"
"Icon"="-51"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0001]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0001\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0002]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0002\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0012]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0012\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[guestolo]

Download ComboFix from the following link

[color=\"#0000FF\"]Link 1[/color]
Save it ONLY to your Desktop

      --------------------------------------------------------------------
[color=\"#2E8B57\"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

• Double click on ComboFix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

[color=\"#2e8b57\"]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
[/color]


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

[barrel05]

ComboFix 10-01-31.03 - knox 02/02/2010  10:38:08.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.502.201 [GMT 11:00]
Running from: c:\documents and settings\knox\Desktop\ComboFix.exe
AV: Trend Micro Internet Security Pro *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Trend Micro Personal Firewall *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
c:\progra~1\COMMON~1\{39DDF~1
c:\progra~1\COMMON~1\{79DDF~1
c:\recycler\S-1-5-21-299502267-1035525444-725345543-1003
c:\windows\system32\Thumbs.db

.
(((((((((((((((((((((((((   Files Created from 2010-01-01 to 2010-02-01  )))))))))))))))))))))))))))))))
.

2010-02-01 00:31 . 2010-01-21 06:09   52224   ----a-w-   c:\documents and settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
2010-02-01 00:31 . 2010-01-21 06:09   101376   ----a-w-   c:\documents and settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
2010-01-26 09:54 . 2010-01-26 09:54   --------   d-----w-   c:\documents and settings\knox\Application Data\Malwarebytes
2010-01-26 09:54 . 2010-01-07 05:07   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-26 09:54 . 2010-01-26 09:54   --------   d-----w-   c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-26 09:54 . 2010-01-07 05:07   19160   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-01-26 09:54 . 2010-01-26 09:54   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-01-26 09:45 . 2010-01-26 09:45   348160   ----a-w-   c:\documents and settings\knox\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-22e11406-n\msvcr71.dll
2010-01-26 09:45 . 2010-01-26 09:45   61440   ----a-w-   c:\documents and settings\knox\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-34eaf805-n\decora-sse.dll
2010-01-26 09:45 . 2010-01-26 09:45   503808   ----a-w-   c:\documents and settings\knox\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-22e11406-n\msvcp71.dll
2010-01-26 09:45 . 2010-01-26 09:45   499712   ----a-w-   c:\documents and settings\knox\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-22e11406-n\jmc.dll
2010-01-26 09:45 . 2010-01-26 09:45   12800   ----a-w-   c:\documents and settings\knox\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-34eaf805-n\decora-d3d.dll
2010-01-20 07:04 . 2010-01-20 07:04   --------   d-----w-   c:\windows\system32\wbem\Repository
2010-01-20 03:08 . 2010-01-20 03:12   --------   d-----w-   c:\documents and settings\knox\Local Settings\Application Data\Ahead
2010-01-20 02:52 . 2010-01-20 02:52   --------   d-----w-   c:\documents and settings\knox\Application Data\Ahead
2010-01-20 02:48 . 2010-01-20 07:47   --------   d-----w-   c:\program files\Common Files\Ahead
2010-01-13 02:35 . 2009-11-21 15:51   471552   -c----w-   c:\windows\system32\dllcache\aclayers.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-27 17:34 . 2009-11-14 00:33   --------   d-----w-   c:\program files\BitComet
2010-01-26 09:53 . 2004-12-28 01:17   --------   d-----w-   c:\program files\Common Files\Java
2010-01-26 09:42 . 2009-10-23 12:42   411368   ----a-w-   c:\windows\system32\deploytk.dll
2010-01-25 06:34 . 2004-12-28 01:17   --------   d-----w-   c:\program files\Java
2010-01-20 08:40 . 2009-11-13 16:30   --------   d-----w-   c:\program files\K-Lite Codec Pack
2009-12-30 08:58 . 2009-12-30 08:58   664   ----a-w-   c:\windows\system32\d3d9caps.dat
2009-12-21 19:14 . 2004-12-27 23:14   916480   ----a-w-   c:\windows\system32\wininet.dll
2009-12-09 04:29 . 2009-12-09 04:29   152576   ----a-w-   c:\documents and settings\knox\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-09 04:29 . 2009-11-12 11:46   79488   ----a-w-   c:\documents and settings\knox\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-21 15:51 . 2004-12-27 23:13   471552   ----a-w-   c:\windows\AppPatch\aclayers.dll
2009-11-14 00:33 . 2009-11-14 00:33   1032192   ----a-w-   c:\documents and settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
2009-11-09 18:00 . 2009-11-13 16:30   85504   ----a-w-   c:\windows\system32\ff_vfw.dll
2009-09-25 16:41 . 2009-09-25 16:41   1044480   ----a-w-   c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41   200704   ----a-w-   c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-05 65536]
"Google Update"="c:\documents and settings\knox\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-10-23 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-11-02 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-11-02 126976]
"CeEKEY"="c:\program files\TOSHIBA\E-KEY\CeEKey.exe" [2004-11-29 667648]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2004-03-23 196608]
"TPNF"="c:\program files\TOSHIBA\TouchPad\TPTray.exe" [2004-11-30 53248]
"TPSMain"="TPSMain.exe" [2004-08-27 278528]
"ZoomingHook"="ZoomingHook.exe" [2004-07-15 24576]
"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2004-09-15 135168]
"Tvs"="c:\program files\Toshiba\Tvs\TvsTray.exe" [2004-11-13 73728]
"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-06-30 1077326]
"SVPWUTIL"="c:\program files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-12-24 61440]
"AGRSMMSG"="AGRSMMSG.exe" [2004-12-06 88363]
"TCtryIOHook"="TCtrlIOHook.exe" [2005-01-24 28672]
"TFncKy"="TFncKy.exe" [BU]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-10-21 995528]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2004-12-28 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
2009-11-10 05:41   2788152   ----a-w-   c:\program files\BitComet\BitComet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-09-21 05:36   305440   ----a-w-   c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-04 14:54   417792   ----a-w-   c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8540:TCP"= 8540:TCP:BitComet 8540 TCP
"8540:UDP"= 8540:UDP:BitComet 8540 UDP

R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [6/04/2009 10:17 PM 50192]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [6/04/2009 9:43 PM 36368]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [6/04/2009 9:43 PM 335376]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/07/2007 7:33 PM 642560]
S2 Security Activity Dashboard Service;Security Activity Dashboard Service;c:\program files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe [6/04/2009 10:19 PM 181584]
S2 TmPfw;Trend Micro Personal Firewall;c:\program files\Trend Micro\Internet Security\TmPfw.exe [6/04/2009 10:17 PM 497008]
S2 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [6/04/2009 10:17 PM 677128]
.
Contents of the 'Scheduled Tasks' folder

2009-12-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 01:34]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2370085308-4065420486-4255011411-1006Core.job
- c:\documents and settings\knox\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-23 12:46]

2010-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2370085308-4065420486-4255011411-1006UA.job
- c:\documents and settings\knox\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-23 12:46]

2010-02-01 c:\windows\Tasks\User_Feed_Synchronization-{F17FA9A5-94A2-4393-8283-B524550BF09B}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 17:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Search -
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Marcia\Start Menu\Programs\IMVU\Run IMVU.lnk
FF - ProfilePath - c:\documents and settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\
FF - component: c:\documents and settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension\components\FFTMUFEHelper.dll
FF - component: c:\program files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension\components\FFToolbarComm.dll
FF - plugin: c:\documents and settings\knox\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

BHO-{1f6e533e-905c-484b-b5c0-c42f2b5c7c8b} - (no file)
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe
HKLM-Run-NWEReboot - (no file)
AddRemove-Total Annihilation - c:\cavedog\TOTALA\setup.exe
AddRemove-Total Annihilation Units Compilation Pack_is1 - c:\cavedog\TOTALA\taucpuninst\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-02 10:46
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ...

scanning hidden files ...  


c:\documents and settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\pluginreg.dat.bak 9905 bytes
c:\documents and settings\knox\Application Data\Mozilla\Firefox\Profiles\owxnpul6.default\prefs.js.BAK 81140 bytes

scan completed successfully
hidden files: 2

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(996)
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\hccutils.DLL
.
Completion time: 2010-02-02  10:49:34
ComboFix-quarantined-files.txt  2010-02-01 23:49

Pre-Run: 13,561,581,568 bytes free
Post-Run: 13,528,363,008 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 83EFC48928613AE5F828309CE6494A2E