Hi,

I had XP on a HD and one day I lost the icons on the green grass page. I could only get them back with Task manager/Run/explorer.exe.

I also got an userinit.exe panel twice when logging on and Rundll32.exe and rundll32.exe panels.

I could not connect a usb drive, or load many programs and it was just unstable and got bloated and slow. I was using FF2 and it crashed quite a lot as I tried to get answers.

I decided to reinstall XP pro on another drive which I di and the only program I used from the problem HD was FF and its profile (more than lilely the original culprit??)

Anyway I am now on the new HD with the sam type of problems.

I have completed the PRE post stuff and now post what tyhe text files say.

I hope I can get this back on the rails as I am losing incone as this is computer my pay packet and I have been trying for 2 days now.

Thanks

oz

MAIL FILE
Deckard's System Scanner v20071014.68
Run by Administrator on 2008-06-04 12:49:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-06-04 02:49:11 UTC - RP25 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:50:27 PM, on 4/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\MMTray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\JGsoft\EditPadPro6\EditPadPro.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Administrator.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {68239631-0785-4357-B913-997A72078D59} - C:\WINDOWS\system32\fccdcYPf.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [BM4f7c948b] Rundll32.exe "C:\WINDOWS\system32\chfibdre.dll",s
O4 - HKLM\..\Run: [4c4fa717] rundll32.exe "C:\WINDOWS\system32\ileuqqaj.dll",b
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\RunOnce: [getPlusUninstall_dll] rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSd.INF, DefaultUninstall
O4 - HKLM\..\RunOnce: [getPlusUninstall_ocx] rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Free WebSite Tools.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save Web Page to askSam... - C:\Program Files\askSam\askSam6\ASAdd.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: asksam6 - {72A9B8AD-6895-422C-A3F7-F2A7A88B88DA} - C:\Program Files\askSam\askSam6\AS6_AIPP.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

--
End of file - 4790 bytes

-- File Associations -----------------------------------------------------------

.js - jsfile - DefaultIcon - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe",7
.js - jsfile - shell\open\command - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
.txt - txtfile - shell\open\command - "C:\Program Files\JGsoft\EditPadPro6\EditPadPro.exe" "%1"


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>

S0 pnp680 - c:\windows\system32\drivers\pnp680.sys <Not Verified; Silicon Image, Inc.; PnP680>
S2 AMON - c:\windows\system32\drivers\amon.sys <Not Verified; Eset; NOD32 Antivirus System>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller (VGA Compatible)
Device ID: PCI\VEN_10DE&DEV_02E1&SUBSYS_2093107D&REV_A2\4&DDE 4802&0&0008
Manufacturer:
Name: Video Controller (VGA Compatible)
PNP Device ID: PCI\VEN_10DE&DEV_02E1&SUBSYS_2093107D&REV_A2\4&DDE 4802&0&0008
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Audio Controller
Device ID: PCI\VEN_13F6&DEV_0111&SUBSYS_80E21043&REV_10\4&252 96D99&0&18F0
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_13F6&DEV_0111&SUBSYS_80E21043&REV_10\4&252 96D99&0&18F0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: USB camera
Device ID: USB\VID_0C45&PID_600D\6&4F4397E&0&2
Manufacturer:
Name: USB camera
PNP Device ID: USB\VID_0C45&PID_600D\6&4F4397E&0&2
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Microsoft® Fingerprint Reader
Device ID: USB\VID_045E&PID_00BD\{AA4F9E0F-A001-C747-89DD-E3CF9B749CAC}
Manufacturer:
Name: Microsoft® Fingerprint Reader
PNP Device ID: USB\VID_045E&PID_00BD\{AA4F9E0F-A001-C747-89DD-E3CF9B749CAC}
Service:


-- Files created between 2008-05-04 and 2008-06-04 -----------------------------

2008-06-04 12:09:31 0 d-------- C:\Program Files\Lavasoft
2008-06-04 12:09:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-04 12:08:58 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-04 10:46:38 270336 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2008-06-04 10:46:38 502368 --a------ C:\WINDOWS\system32\drivers\amon.sys <Not Verified; Eset; NOD32 Antivirus System>
2008-06-04 09:17:42 1648 --a------ C:\WINDOWS\mozver.dat
2008-06-03 22:45:00 0 d-------- C:\Program Files\SpywareBlaster
2008-06-03 21:31:03 115200 --a------ C:\WINDOWS\system32\ileuqqaj.dll
2008-06-03 21:30:43 51200 --a------ C:\WINDOWS\system32\matnjmxi.dll
2008-06-03 21:30:30 125952 --a------ C:\WINDOWS\system32\chfibdre.dll
2008-06-03 21:23:27 0 d-------- C:\Program Files\Trend Micro
2008-06-02 21:46:32 51200 --a------ C:\WINDOWS\system32\__c0012448.dat
2008-06-02 21:46:31 51200 --a------ C:\WINDOWS\system32\acchspkk.dll
2008-06-02 21:46:10 51200 --a------ C:\WINDOWS\system32\eoeghbrs.dll
2008-06-02 21:43:10 51200 --a------ C:\WINDOWS\system32\pxhreewj.dll
2008-06-02 21:37:10 51200 --a------ C:\WINDOWS\system32\xmshjops.dll
2008-06-02 21:34:11 51200 --a------ C:\WINDOWS\system32\gebygprg.dll
2008-06-02 18:04:06 0 d-------- C:\Documents and Settings\Administrator\Application Data\Ulead Systems
2008-06-02 17:59:52 0 d-------- C:\Program Files\Common Files\Ulead Systems
2008-06-02 17:59:20 0 d-------- C:\Program Files\Corel
2008-06-02 17:59:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-06-02 16:16:07 0 d-------- C:\Documents and Settings\Administrator\Application Data\GlobalSCAPE
2008-06-02 15:50:16 0 d-------- C:\Program Files\GlobalSCAPE
2008-06-02 15:45:39 0 d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-06-02 15:25:28 0 d-------- C:\Documents and Settings\Administrator\Application Data\BitTorrent
2008-06-02 15:25:05 0 d-------- C:\Program Files\BitTorrent
2008-06-02 10:41:14 0 d-------- C:\6200ps2k
2008-06-02 10:21:14 0 d-------- C:\WINDOWS\Sun
2008-06-02 10:21:14 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-06-02 10:20:09 0 d-------- C:\Program Files\Java
2008-06-02 10:19:51 0 d-------- C:\Program Files\Common Files\Java
2008-06-01 21:30:36 51200 --a------ C:\WINDOWS\system32\__c0022964.dat
2008-06-01 21:30:31 51200 --a------ C:\WINDOWS\system32\ukjliyse.dll
2008-06-01 20:00:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-06-01 20:00:21 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-01 19:56:03 0 d-------- C:\5pc17ed6.default
2008-06-01 17:38:35 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-01 17:12:17 0 d-------- C:\Thunderbird Signatures
2008-06-01 15:41:25 0 d-------- C:\Documents and Settings\Administrator\Application Data\Thunderbird
2008-06-01 11:45:09 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-01 11:44:58 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-06-01 10:05:48 0 d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-06-01 09:49:12 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-06-01 09:44:40 0 d-------- C:\Documents and Settings\All Users\Application Data\PY_Software
2008-06-01 09:44:29 0 d-------- C:\Program Files\Active WebCam
2008-06-01 09:40:37 53248 --a------ C:\WINDOWS\system32\MMTray.exe <Not Verified; Morgan Multimedia; Morgan Multimedia MMTray>
2008-06-01 09:40:36 224256 --a------ C:\WINDOWS\system32\MMIJG32.dll <Not Verified; Morgan Multimedia; Morgan Multimedia MMIJG32>
2008-06-01 09:40:29 0 d-------- C:\Program Files\Morgan
2008-06-01 09:30:10 0 d-------- C:\Program Files\PowerISO
2008-06-01 09:26:05 451969 --ahs---- C:\WINDOWS\system32\fPYcdccf.ini2
2008-06-01 09:25:36 373248 --a------ C:\WINDOWS\system32\fccdcYPf.dll
2008-06-01 09:22:42 0 d-------- C:\Program Files\Common Files\Acronis
2008-06-01 09:22:42 0 d-------- C:\Program Files\Acronis
2008-06-01 09:14:29 0 d-------- C:\Program Files\Common Files\SourceTec
2008-06-01 09:14:26 0 d-------- C:\Program Files\SourceTec
2008-06-01 09:08:47 0 d-------- C:\Program Files\Audio Maker Pro
2008-06-01 09:04:56 35328 --a------ C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2008-06-01 09:04:55 532480 --a------ C:\WINDOWS\system32\imagx5.dll <Not Verified; Pegasus Software, LLC; ImagXpress>
2008-06-01 09:04:55 503808 --a------ C:\WINDOWS\system32\imagr5.dll <Not Verified; Pegasus Software,LLC; ImagXpress>
2008-06-01 09:01:06 297472 --a------ C:\WINDOWS\system32\OpenClass.exe <Not Verified; CoffeeCup Software, Inc.; >
2008-06-01 09:01:06 0 d-------- C:\Program Files\Applet Headline Factory
2008-06-01 08:58:37 53248 --a------ C:\WINDOWS\system32\vbalIcoM6.dll <Not Verified; vbAccelerator; vbAccelerator IconMenu DLL - Add Icons to VB Menus>
2008-06-01 08:58:37 40960 --a------ C:\WINDOWS\system32\SSubTmr6.dll <Not Verified; <none>; SSubTmr>
2008-06-01 08:58:36 0 d-------- C:\Program Files\Free Icon Studio
2008-06-01 08:56:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Help
2008-06-01 08:51:43 48640 --a------ C:\WINDOWS\system32\INETWH32.dll <Not Verified; Blue Sky Software; Blue Sky Software - INETWH32>
2008-06-01 08:51:43 0 d-------- C:\Program Files\Applet Marquee Wizard
2008-06-01 08:50:07 0 d-------- C:\Program Files\Applet Navigation Factory 2.0
2008-06-01 08:39:51 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-01 08:39:39 0 d-------- C:\Program Files\askSam
2008-06-01 08:39:35 422 --a------ C:\WINDOWS\system32\MSST42.DLL
2008-06-01 08:38:09 0 d-------- C:\WINDOWS\Downloaded Installations
2008-06-01 08:38:08 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-01 05:04:25 0 d--hs---- C:\WINDOWS\Installer
2008-06-01 05:04:24 0 d-------- C:\Program Files\Common Files\ODBC
2008-06-01 05:04:21 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-06-01 05:04:20 0 dr------- C:\Program Files
2008-06-01 05:04:20 0 d-------- C:\Program Files\Common Files
2008-06-01 05:04:02 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-06-01 05:04:02 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-06-01 05:04:02 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-06-01 05:04:02 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-06-01 05:04:02 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-06-01 05:04:02 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-06-01 05:04:02 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-06-01 05:04:02 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-06-01 05:04:02 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-06-01 05:04:02 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-06-01 05:04:02 0 d--h----- C:\Documents and Settings\Default User\Cookies
2008-06-01 05:04:02 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-06-01 05:04:02 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-06-01 05:04:02 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-06-01 05:04:02 0 dr------- C:\Documents and Settings\All Users\Documents
2008-06-01 05:04:02 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-06-01 05:03:48 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-06-01 05:03:48 0 d-------- C:\WINDOWS\system32\CatRoot
2008-06-01 05:03:43 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-06-01 05:03:43 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-06-01 05:03:42 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-06-01 05:03:42 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-06-01 05:00:59 0 d-------- C:\Documents and Settings
2008-06-01 04:59:13 0 d--hs---- C:\System Volume Information
2008-06-01 04:26:54 0 d-------- C:\WINDOWS
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\WinSxS
2008-06-01 04:26:54 0 dr------- C:\WINDOWS\Web
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\twain_32
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\wins
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\wbem
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\usmt
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\spool
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\ShellExt
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\Setup
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\ras
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\oobe
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\npp
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\mui
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\inetsrv
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\IME
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\icsxml
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\ias
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\export
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\drivers
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\dhcp
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\config
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\3076
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\2052
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\1054
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\1042
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\1041
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\1037
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\1033
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\1031
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\1028
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system32\1025
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\system
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\security
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\Resources
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\repair
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\Provisioning
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\PeerNet
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\pchealth
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\mui
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\msapps
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\msagent
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\Media
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\java
2008-06-01 04:26:54 0 d--h----- C:\WINDOWS\inf
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\ime
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\Help
2008-06-01 04:26:54 0 dr--s---- C:\WINDOWS\Fonts
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\ehome
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\Driver Cache
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\Debug
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\Cursors
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\Connection Wizard
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\Config
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\AppPatch
2008-06-01 04:26:54 0 d-------- C:\WINDOWS\addins
2008-05-31 21:15:13 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2008-05-31 21:09:40 0 d-------- C:\Program Files\QuickTime
2008-05-31 21:00:12 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-05-31 20:49:52 0 d-------- C:\Program Files\CoffeeCup Software
2008-05-31 20:45:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-05-31 20:44:46 0 d-------- C:\Program Files\Bonjour
2008-05-31 20:44:24 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-05-31 20:35:36 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-05-31 20:34:05 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-31 20:32:29 0 d-------- C:\Documents and Settings\Administrator\Application Data\JGsoft
2008-05-31 20:32:05 0 d-------- C:\Program Files\JGsoft
2008-05-31 19:43:40 0 d-------- C:\WINDOWS\system32\NtmsData
2008-05-31 19:43:17 0 d-------- C:\WINDOWS\AiOTemp
2008-05-31 19:37:46 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-05-31 19:37:17 0 d-------- C:\WINDOWS\ShellNew
2008-05-31 19:34:32 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-05-31 19:22:38 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-05-31 19:19:57 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-05-31 19:19:02 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-05-31 19:19:02 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-05-31 19:19:02 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-05-31 19:19:02 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-05-31 19:19:02 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-05-31 19:19:02 2621440 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-05-31 19:19:02 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-05-31 19:19:02 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-05-31 19:19:02 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-05-31 19:19:02 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-05-31 19:19:02 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-05-31 19:19:02 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-05-31 19:19:02 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-05-31 19:18:42 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-05-31 19:18:40 0 d-------- C:\WINDOWS\IIS Temporary Compressed Files
2008-05-31 19:18:27 0 d-------- C:\WINDOWS\Prefetch
2008-05-31 19:18:25 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-05-31 19:18:23 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-05-31 19:18:23 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-05-31 19:18:23 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-05-31 19:18:22 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-05-31 19:18:22 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-05-31 19:18:22 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-05-31 19:18:21 237568 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-05-31 19:16:59 237568 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-05-31 19:16:51 0 -rahs---- C:\MSDOS.SYS
2008-05-31 19:16:51 0 -rahs---- C:\IO.SYS
2008-05-31 19:16:51 0 --a------ C:\CONFIG.SYS
2008-05-31 19:16:51 0 --a------ C:\AUTOEXEC.BAT
2008-05-31 19:15:22 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-05-31 19:15:09 0 dr------- C:\WINDOWS\Offline Web Pages
2008-05-31 19:15:09 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-05-31 19:14:52 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-31 19:14:34 0 d-------- C:\WINDOWS\system32\DirectX
2008-05-31 19:14:18 0 d---s---- C:\WINDOWS\Tasks
2008-05-31 19:14:17 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-31 19:14:15 0 d-------- C:\WINDOWS\system32\Macromed
2008-05-31 19:14:07 171008 --a------ C:\WINDOWS\system32\srsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-31 19:14:07 239104 --a------ C:\WINDOWS\system32\srrstr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-31 19:14:07 0 d-------- C:\WINDOWS\system32\Restore
2008-05-31 19:14:02 679424 --a------ C:\WINDOWS\system32\inetcomm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-31 19:14:01 190976 --a------ C:\WINDOWS\system32\schedsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-31 19:12:59 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-31 19:12:41 0 d-------- C:\WINDOWS\Registration
2008-05-31 19:12:32 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-05-31 19:12:32 0 d-------- C:\WINDOWS\system32\Cache
2008-05-31 19:12:25 0 d-------- C:\Program Files\Online Services
2008-05-31 19:12:17 286720 --a------ C:\WINDOWS\system32\TTFExtNT.dll <Not Verified; Microsoft Corporation; TTFExt TrueType Shell Extension>
2008-05-31 19:12:17 147456 --a------ C:\WINDOWS\system32\psshutdown.exe <Not Verified; Sysinternals - www.sysinternals.com; Sysinternals PsShutdown>
2008-05-31 19:12:17 84480 --a------ C:\WINDOWS\system32\msxml5r.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 5.0>
2008-05-31 19:12:17 1289216 --a------ C:\WINDOWS\system32\msxml5.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 5.0>
2008-05-31 19:12:16 82432 --a------ C:\WINDOWS\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
2008-05-31 19:12:16 1233920 --a------ C:\WINDOWS\system32\msxml4.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP 2>
2008-05-31 19:12:16 8636 --a------ C:\WINDOWS\system32\modifyPE.exe
2008-05-31 19:12:15 394240 --a------ C:\WINDOWS\system32\HMTCD.dll <Not Verified; ; HighMAT CD Writing Wizard>
2008-05-31 19:12:15 61440 --a------ C:\WINDOWS\system32\ContextMenuExt.dll
2008-05-31 19:12:15 114688 --a------ C:\WINDOWS\system32\cabarc.exe
2008-05-31 19:12:15 31232 --a------ C:\WINDOWS\cmdow.exe <Not Verified; ; CMDOW>
2008-05-31 19:12:13 0 d-------- C:\Program Files\Messenger
2008-05-31 19:12:00 946448 --a------ C:\WINDOWS\system32\calc.exe <Not Verified; Microsoft Corporation; Microsoft® Calculator Plus>
2008-05-31 19:11:41 347136 --a------ C:\WINDOWS\system32\hypertrm.dll <Not Verified; Hilgraeve, Inc.; Microsoft® Windows® Operating System>
2008-05-31 19:11:40 0 d-------- C:\Program Files\Windows NT
2008-05-31 19:11:39 681472 --a------ C:\WINDOWS\system32\mstscax.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-31 19:11:39 399872 --a------ C:\WINDOWS\system32\mstsc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-31 19:11:38 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-31 19:11:38 0 d-------- C:\WINDOWS\system32\MsDtc
2008-05-31 19:11:37 0 d-------- C:\WINDOWS\system32\Com
2008-05-31 19:11:20 0 d-------- C:\WINDOWS\system32\Logfiles
2008-05-31 19:11:20 0 d-------- C:\Inetpub


-- Find3M Report ---------------------------------------------------------------

2008-06-01 05:04:02 62 --ahs---- C:\Documents and Settings\Administrator\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{68239631-0785-4357-B913-997A72078D59}]
01/06/2008 09:26 AM 373248 --a------ C:\WINDOWS\system32\fccdcYPf.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"OSSelectorReinstall"="C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [22/02/2007 07:53 PM]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [07/08/2007 10:05 AM]
"MMTray"="MMTray.exe" [09/11/2001 10:19 AM C:\WINDOWS\system32\MMTray.exe]
"BM4f7c948b"="C:\WINDOWS\system32\chfibdre.dll " [03/06/2008 09:30 PM]
"4c4fa717"="C:\WINDOWS\system32\ileuqqaj.dll" [03/06/2008 09:31 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [25/03/2008 04:28 AM]
"Ulead AutoDetector v2"="C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [02/08/2007 09:08 PM]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [04/06/2008 10:45 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 12:56 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [23/03/2005 09:07 AM]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [08/09/2007 09:01 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runonce]
"getPlusUninstall_dll"=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSd.INF, DefaultUninstall
"getPlusUninstall_ocx"=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Free WebSite Tools.lnk - C:\Program Files\CoffeeCup Software\CoffeeCup Free Image Slicer\ThirtyDayTimer.exe [1/06/2008 8:59:04 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 1:01:04 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"ForceClassicControlPanel"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoSMMyDocs"=1 (0x1)
"NoSMConfigurePrograms"=1 (0x1)
"NoInternetIcon"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer]
"NoSMMyDocs"=1 (0x1)
"NoSMConfigurePrograms"=1 (0x1)
"NoInternetIcon"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\fccdcYPf

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\aawservice]
@="Service"

*Newly Created Service* - AAWSERVICE
*Newly Created Service* - WS2IFSL



-- End of Deckard's System Scanner: finished at 2008-06-04 12:51:48 ------------




EXTRA FILE

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 1.80GHz
Percentage of Memory in Use: 23%
Physical Memory (total/avail): 2047.47 MiB / 1576.48 MiB
Pagefile Memory (total/avail): 3433.7 MiB / 3091.09 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1922.8 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 74.51 GiB total, 64.7 GiB free.
D: is Fixed (NTFS) - 0.02 GiB total, 0.01 GiB free.
E: is Fixed (FAT32) - 14 GiB total, 7.73 GiB free.
F: is Fixed (FAT32) - 23.23 GiB total, 12.97 GiB free.
G: is Fixed (NTFS) - 146.48 GiB total, 99.98 GiB free.
H: is Fixed (NTFS) - 151.6 GiB total, 55.78 GiB free.
I: is CDROM (No Media)
J: is Fixed (NTFS) - 37.28 GiB total, 31.65 GiB free.
K: is Fixed (NTFS) - 37.25 GiB total, 30.08 GiB free.
L: is CDROM (No Media)

\\.\PHYSICALDRIVE3 - ST3320620A - 298.09 GiB - 2 partitions
\PARTITION0 - Extended w/Extended Int 13 - 298.08 GiB - G: - H:

\\.\PHYSICALDRIVE2 - ST340016A - 37.27 GiB - 2 partitions
\PARTITION0 - Extended w/Extended Int 13 - 37.26 GiB - E: - F:

\\.\PHYSICALDRIVE1 - ST380021A - 74.53 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 74.51 GiB - C:
\PARTITION1 - Extended Partition - 15.69 MiB - D:

\\.\PHYSICALDRIVE0 - - 74.53 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 37.28 GiB - J:
\PARTITION1 - Extended w/Extended Int 13 - 37.25 GiB - K:



-- Security Center -------------------------------------------------------------

Windows Internal Firewall is enabled.

FirstRunDisabled is set.


[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjou r"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTor rent"
"C:\\Program Files\\GlobalSCAPE\\CuteFTP 8 Professional\\ftpte.exe"="C:\\Program Files\\GlobalSCAPE\\CuteFTP 8 Professional\\ftpte.exe:*isabled:FTP Transfer Engine"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=WEB-SERVER
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\WEB-SERVER
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0204
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=WEB-SERVER
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acronis Disk Director Suite --> MsiExec.exe /X{2300EE96-0A41-4FAB-BD03-989EC44577A0}
Active WebCam --> "C:\Program Files\Active WebCam\PY_UNINSTAL.EXE" SOFTWARE\PySoft\Act_WebCam
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3 --> C:\Program Files\Common Files\Adobe\Installers\435a6af7459cb02a9c1138113a2 6e93\Setup.exe
Adobe Dreamweaver CS3 --> MsiExec.exe /I{F01D5ED5-D53A-4468-B428-149DC2CB3110}
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Extension Manager CS3 --> MsiExec.exe /I{2A539CD9-0F75-4875-9A32-E06DD93C4114}
Adobe Flash CS3 --> MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash CS3 Professional --> C:\Program Files\Common Files\Adobe\Installers\c3c7fe8b09d497ab2b3fd91c935 3390\Setup.exe
Adobe Flash Player 9 ActiveX --> MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Player 9 Plugin --> MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
Adobe Flash Video Encoder --> MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb91 9b58\Setup.exe
Adobe Photoshop CS3 --> MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Setup --> MsiExec.exe /I{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}
Adobe Setup --> MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Setup --> MsiExec.exe /I{FFC1ADE3-944B-4231-894E-3903C37271D2}
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Applet Headline Factory --> C:\PROGRA~1\APPLET~2\UNWISE.EXE C:\PROGRA~1\APPLET~2\INSTALL.LOG
Applet Marquee Wizard --> C:\PROGRA~1\APPLET~1\UNWISE.EXE C:\PROGRA~1\APPLET~1\INSTALL.LOG
Applet Navigation Factory --> C:\PROGRA~1\APPLET~1.0\UNWISE.EXE C:\PROGRA~1\APPLET~1.0\INSTALL.LOG
askSam 6.1 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\ID river.exe /M{6CC87081-0B48-4F5D-93DC-9890CC0D1613}
Audio Maker Pro 1.0 (remove only) --> "C:\Program Files\Audio Maker Pro\uninstall.exe"
BitTorrent 5.0.9 --> "C:\Program Files\BitTorrent\uninstall.exe"
CoffeeCup Button Factory --> C:\PROGRA~1\COFFEE~1\COFFEE~2\UNWISE.EXE C:\PROGRA~1\COFFEE~1\COFFEE~2\INSTALL.LOG
CoffeeCup Flash Photo Gallery - Registered --> C:\PROGRA~1\COFFEE~1\CO7278~1\UNWISE.EXE C:\PROGRA~1\COFFEE~1\CO7278~1\INSTALL.LOG
CoffeeCup Free DHTML Menu Builder --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED2FF555-B651-43C1-AAE7-D4B138D98B95}\Setup.exe" -l0x9
CoffeeCup Free Image Slicer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{184E20B0-6D20-4621-8CFC-37973EB1F93C}\Setup.exe" -l0x9
CoffeeCup GIF Animator --> C:\PROGRA~1\COFFEE~1\GIFANI~1\UNWISE.EXE C:\PROGRA~1\COFFEE~1\GIFANI~1\GAinst.LOG
CoffeeCup StyleSheet Maker --> C:\PROGRA~1\COFFEE~1\STYLES~1\UNWISE.EXE C:\PROGRA~1\COFFEE~1\STYLES~1\INSTALL.LOG
CoffeeCup Web Calendar --> C:\PROGRA~1\COFFEE~1\COFFEE~1\UNWISE.EXE C:\PROGRA~1\COFFEE~1\COFFEE~1\INSTALL.LOG
CoffeeCup WebCam 3.5 Shareware --> C:\PROGRA~1\COFFEE~1\WEBCAM~1.5\UNWISE.EXE C:\PROGRA~1\COFFEE~1\WEBCAM~1.5\INSTALL.LOG
CuteFTP 8 Professional --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91F34319-08DE-457A-99C0-0BCDFAC145B9}\Setup.exe" -l0x9
Free Icon Studio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FB115E8-9621-4117-AF66-A393FFAABB9A}\Setup.exe" -l0x9
getPlus(R)_dll --> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSd.INF, DefaultUninstall
getPlus(R)_ocx --> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Huffyuv AVI lossless video codec (Remove Only) --> rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\HUFFYUV.INF
Intel(R) PRO Network Connections Drivers --> Prounstl.exe
Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
JGsoft EditPad Pro 6 DEMO 6.3.2 --> C:\WINDOWS\UnDeploy.exe "C:\Program Files\JGsoft\EditPadPro6\Deploy.log"
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Morgan M-JPEG codec V3 --> "C:\Program Files\Morgan\m3jpegV3\uninst.exe"
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.14) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
NOD32 antivirus system --> C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX v1.9 --> "C:\Program Files\Eset\unins000.exe"
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PhotoImpact X3 --> C:\Program Files\InstallShield Installation Information\{15803703-25FA-4C01-A062-3F4A59937E87}\setup.exe -runfromtemp -l0x0409
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
Sothink SWF Decompiler --> "C:\Program Files\SourceTec\Sothink SWF Decompiler\unins000.exe"
SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}


-- Application Event Log -------------------------------------------------------

Event Record #/Type260 / Error
Event Submitted/Written: 06/03/2008 09:41:12 AM
Event ID/Source: 11335 / MsiInstaller
Event Description:
Product: ESET Smart Security -- Error 1335. The cabinet file 'lang.cab' required for this installation is corrupt and cannot be used. This could indicate a network error, an error reading from the CD-ROM, or a problem with this package.

Event Record #/Type259 / Error
Event Submitted/Written: 06/03/2008 09:41:12 AM
Event ID/Source: 11335 / MsiInstaller
Event Description:
Product: ESET Smart Security -- Error 1335. The cabinet file 'lang.cab' required for this installation is corrupt and cannot be used. This could indicate a network error, an error reading from the CD-ROM, or a problem with this package.

Event Record #/Type258 / Error
Event Submitted/Written: 06/03/2008 09:41:12 AM
Event ID/Source: 11335 / MsiInstaller
Event Description:
Product: ESET Smart Security -- Error 1335. The cabinet file 'lang.cab' required for this installation is corrupt and cannot be used. This could indicate a network error, an error reading from the CD-ROM, or a problem with this package.

Event Record #/Type257 / Error
Event Submitted/Written: 06/03/2008 09:41:11 AM
Event ID/Source: 11335 / MsiInstaller
Event Description:
Product: ESET Smart Security -- Error 1335. The cabinet file 'lang.cab' required for this installation is corrupt and cannot be used. This could indicate a network error, an error reading from the CD-ROM, or a problem with this package.

Event Record #/Type256 / Error
Event Submitted/Written: 06/03/2008 09:41:11 AM
Event ID/Source: 11335 / MsiInstaller
Event Description:
Product: ESET Smart Security -- Error 1335. The cabinet file 'lang.cab' required for this installation is corrupt and cannot be used. This could indicate a network error, an error reading from the CD-ROM, or a problem with this package.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type780 / Error
Event Submitted/Written: 06/04/2008 00:50:23 PM
Event ID/Source: 1 / sr
Event Description:
The System Restore filter encountered the unexpected error '0xC000007F' while processing the file 'desktop.ini' on the volume 'HarddiskVolume4'. It has stopped monitoring the volume.

Event Record #/Type766 / Warning
Event Submitted/Written: 06/04/2008 11:42:36 AM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk0\D during a paging operation.

Event Record #/Type764 / Warning
Event Submitted/Written: 06/04/2008 10:44:19 AM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk0\D during a paging operation.

Event Record #/Type763 / Warning
Event Submitted/Written: 06/04/2008 10:44:19 AM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk0\D during a paging operation.

Event Record #/Type762 / Warning
Event Submitted/Written: 06/04/2008 10:44:18 AM / 06/04/2008 10:44:19 AM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk0\D during a paging operation.



-- End of Deckard's System Scanner: finished at 2008-06-04 12:51:48 ------------

Hi welcome to PCHF one of our security staff will look at your logs. I think this may be the main problem though it looks like it stuffed the desktop.ini because of possible hard disk failure. Do you know what brand of hard disk is in the PC?

System Event Log ------------------------------------------------------------

Event Record #/Type780 / Error
Event Submitted/Written: 06/04/2008 00:50:23 PM
Event ID/Source: 1 / sr
Event Description:
The System Restore filter encountered the unexpected error '0xC000007F' while processing the file 'desktop.ini' on the volume 'HarddiskVolume4'. It has stopped monitoring the volume.

Event Record #/Type766 / Warning
Event Submitted/Written: 06/04/2008 11:42:36 AM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk0\D during a paging operation.

Event Record #/Type764 / Warning
Event Submitted/Written: 06/04/2008 10:44:19 AM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk0\D during a paging operation.

Event Record #/Type763 / Warning
Event Submitted/Written: 06/04/2008 10:44:19 AM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk0\D during a paging operation.

Event Record #/Type762 / Warning
Event Submitted/Written: 06/04/2008 10:44:18 AM / 06/04/2008 10:44:19 AM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk0\D during a paging operation.

HI there beatiful downtown Shepparton from wet Sydney!

Believe me, it;s good to know someone is willing to help. It is greatly appreciated..

Most of my drives are in trays and are Seagate Barrucuda's although there may be a WD in there as well.

The C drive (I think it is disk 1) is definately a barra. I have also just noticed that one of the trays is not working so that could be the one it noriced. It is a data drive .. no progs or os.

My mobo is..

Asus P4B533-E..

From mobo I have..
2 drives on primary (1 is C drive)
2 drives on secondary ( 1 is CDRW)

From Controller PCI card I have 2 drives (1 is the one that appears not to be working)

Hope that helps..

oz

Sydney love it born there So do you have any desktop icons at all can you access the start menu? So we can try a few things we should be able to copy the desktop.ini from another profile off the PC to yours to get the desktop back

Hi again..

Yes I have all icons up now via Task Manager/run/expoere.exe so they are all there and I can access mots progs. I am using it now with FF and also TB running etc. It won't set up progs from web such as Adobe Reader which I just tried. The dload dies at 90%.

Anyway.. ready to go..

Ok run this on the PC it will tell us exactly what hard drives and other hardware are in the PC Belarc Advisor - Free Personal PC Audit then we can download the diagnostic for your hard drives and test them

Okay, done that. Do ytou want that info and if so how do i get it to you?

oz