CPU rins at 100%

MrEnigma · 08-15-2008

Every so often often my CPU will run at 100%, and then after a couple of minutes will just hang, so I have to hit the power button, then retsart, then everything is ok. I have several images created with acronis disk, and now I am using my first good known state which was taken in February 2008, but I still get the cpu problem, so maybe its a hardware fault? I have an HUAWEI E220 external USB modem, (which vista keeps tellinbg me to update, but I cannot as I think its locked to tmobile), and I installed 1 gig of ram about 4 months ago.

So here are my two log files, from dss, thanks in advance
------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English

CPU 0: Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz
Percentage of Memory in Use: 46%
Physical Memory (total/avail): 1525.56 MiB / 822.14 MiB
Pagefile Memory (total/avail): 3289.7 MiB / 2437.89 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1900.38 MiB

C: is Fixed (NTFS) - 52.8 GiB total, 29.11 GiB free.
D: is Fixed (NTFS) - 25.33 GiB total, 4.12 GiB free.
E: is Fixed (NTFS) - 70.92 GiB total, 6.16 GiB free.
F: is CDROM (UDF)
G: is CDROM (CDFS)
L: is CDROM (No Media)
M: is CDROM (No Media)
N: is CDROM (No Media)
O: is CDROM (No Media)
P: is CDROM (No Media)
Q: is CDROM (No Media)
R: is CDROM (No Media)
S: is CDROM (No Media)
T: is CDROM (No Media)
U: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Hitachi HTS541616J9SA00 ATA Device - 149.05 GiB - 3 partitions
\PARTITION0 (bootable) - Installable File System - 52.8 GiB - C:
\PARTITION1 - Installable File System - 25.33 GiB - D:
\PARTITION2 - Installable File System - 70.92 GiB - E:

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: Bitdefender Firewall v8.0 (BitDefender)
AV: Bitdefender Antivirus v8.0 (BitDefender)
AS: BitDefender Antispyware v8.0 (BitDefender)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Micky\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MICKY-FUJITSU
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Micky
LOCALAPPDATA=C:\Users\Micky\AppData\Local
LOGONSERVER=\\MICKY-FUJITSU
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Window s\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Micky\AppData\Local\Temp
TMP=C:\Users\Micky\AppData\Local\Temp
USERDOMAIN=Micky-Fujitsu
USERNAME=Micky
USERPROFILE=C:\Users\Micky
windir=C:\Windows

-- User Profiles ---------------------------------------------------------------

Micky

-- Add/Remove Programs ---------------------------------------------------------

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
Acronis True Image Home --> MsiExec.exe /X{633A06C3-B709-479A-AAB3-5EE94AD9EE4B}
Adobe Acrobat 8.1.0 Professional --> msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugi n.exe
AMTECH Common --> MsiExec.exe /I{56B30A8B-0BD0-4B58-899D-9F9C2257FEBA}
AMTECH FastTest --> MsiExec.exe /I{336DA6EE-BC02-496E-AC02-F42995942C4E}
AMTECH Power Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1CA27668-53D0-443B-BAF3-D4AC874593C4}\SETUP.EXE" -l0x9 -uninstall
BitDefender Total Security 2008 --> MsiExec.exe /I{E404EFD4-6110-413C-AD1A-D6D0F261960E}
CHESSBASE 9 (Modfied by ElGindy) --> C:\Program Files\CHESSBASE\CB9\Uninstal.exe
eWallet 6.0 Professional Edition (Windows Mobile) --> "C:\Program Files\Ilium Software\eWallet\unins000.exe"
GetDiz 3.0 --> C:\PROGRA~1\GetDiz\UNINST~1\UNWISE.EXE C:\PROGRA~1\GetDiz\UNINST~1\install.log
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MyPersonalDiet --> C:\Windows\WindowsMobile\MyPersonalDiet\Uninstall. exe MyPersonalDiet
MySportTraining --> C:\Windows\WindowsMobile\MySportTraining\Uninstall .exe MySportTraining
Nokia Connectivity Cable Driver --> MsiExec.exe /X{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}
Nokia Flashing Cable Driver --> MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943}
Nokia PC Suite --> C:\ProgramData\Installations\{9C05FA75-0337-4523-AA57-9D3511018887}\Nokia_PC_Suite_rel_6_86_9_3_eng.exe
Nokia PC Suite --> MsiExec.exe /I{9C05FA75-0337-4523-AA57-9D3511018887}
Nokia Software Updater --> MsiExec.exe /X{48110A46-A3A4-481E-8230-7873B7F4C696}
PC Connectivity Solution --> MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
pdfFactory (2.x) --> C:\Windows\system32\spool\DRIVERS\W32X86\3\fppinst 2.exe /uninstall
pdfFactory Pro --> C:\Windows\system32\spool\DRIVERS\W32X86\3\fppinst 3.exe /uninstall
Security Update for 2007 Microsoft Office System (KB951596) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for Microsoft Office Excel 2007 (KB951546) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office PowerPoint 2007 (KB951338) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Update for Microsoft Office Outlook 2007 (KB952142) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb955433) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D9806966-6AA1-4B55-9528-6748E37CEE86}
VidaOne Diet and Fitness --> MsiExec.exe /I{4ED42A03-79B7-4304-B61F-3A64CE922684}
web'n'walk USB manager --> C:\Program Files\T-Mobile\web'n'walk USB manager\uninst.exe
Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nok btmdm.inf_7837a5db\nokbtmdm.inf
Windows Driver Package - Nokia Modem (10/12/2007 3.6) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nok ia_bluetooth.inf_ee12375f\nokia_bluetooth.inf
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_4A1E30386F4D 0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
Windows Mobile Device Center --> MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
Windows Mobile Device Center Driver Update --> MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type2655 / Success
Event Submitted/Written: 08/15/2008 11:40:15 AM
Event ID/Source: 5617 / WinMgmt
Event Description:

Event Record #/Type2654 / Success
Event Submitted/Written: 08/15/2008 11:40:15 AM
Event ID/Source: 5615 / WinMgmt
Event Description:

Event Record #/Type2653 / Success
Event Submitted/Written: 08/15/2008 11:39:27 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.

Event Record #/Type2643 / Success
Event Submitted/Written: 08/15/2008 11:38:10 AM
Event ID/Source: 903 / Software Licensing Service
Event Description:
The Software Licensing service has stopped.

Event Record #/Type2619 / Success
Event Submitted/Written: 08/15/2008 10:48:27 AM
Event ID/Source: 5617 / WinMgmt
Event Description:

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type20382 / Warning
Event Submitted/Written: 08/15/2008 11:43:12 AM
Event ID/Source: 4 / Microsoft-Windows-FilterManager
Event Description:
0xc0000013608bdfsfltr2007-12-31T09:12:12.000Z15\Device\CdRom10

Event Record #/Type20381 / Warning
Event Submitted/Written: 08/15/2008 11:43:12 AM
Event ID/Source: 4 / Microsoft-Windows-FilterManager
Event Description:
0xc0000013608bdfsfltr2007-12-31T09:12:12.000Z14\Device\CdRom9

Event Record #/Type20380 / Warning
Event Submitted/Written: 08/15/2008 11:43:12 AM
Event ID/Source: 4 / Microsoft-Windows-FilterManager
Event Description:
0xc0000013608bdfsfltr2007-12-31T09:12:12.000Z14\Device\CdRom8

Event Record #/Type20379 / Warning
Event Submitted/Written: 08/15/2008 11:43:12 AM
Event ID/Source: 4 / Microsoft-Windows-FilterManager
Event Description:
0xc0000013608bdfsfltr2007-12-31T09:12:12.000Z14\Device\CdRom7

Event Record #/Type20378 / Warning
Event Submitted/Written: 08/15/2008 11:43:12 AM
Event ID/Source: 4 / Microsoft-Windows-FilterManager
Event Description:
0xc0000013608bdfsfltr2007-12-31T09:12:12.000Z14\Device\CdRom6

-- End of Deckard's System Scanner: finished at 2008-08-15 11:44:02 ------------
Deckard's System Scanner v20071014.68
Run by Micky on 2008-08-15 11:41:08
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Micky.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:42:59, on 15/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Windows\System32\spool\drivers\w32x86\3\fppdis2 a.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Users\Micky\Desktop\dss.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Micky\Desktop\Micky.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [pdfFactory Dispatcher v2] "C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis 2a.exe" /source=HKLM
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis 3a.exe" /source=HKLM
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 8970 bytes

-- File Associations -----------------------------------------------------------

.ini - GetDiz.Document - DefaultIcon - unable to read value
.ini - GetDiz.Document - shell\open\command - "C:\Program Files\GetDiz\GetDiz.exe" "%1"

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 BDSelfPr - \??\c:\program files\bitdefender\bitdefender 2008\bdselfpr.sys

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0003
Manufacturer: Microsoft
Name: isatap.{0B330313-D18C-4ED6-8AC5-E248906CBF85}
PNP Device ID: ROOT\*ISATAP\0003
Service: tunnel

-- Scheduled Tasks -------------------------------------------------------------

2008-08-15 11:41:49 418 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{F444BEF9-EF5F-4BA7-8E19-BF975B127075}.job

-- Files created between 2008-07-15 and 2008-08-15 -----------------------------

2008-08-14 17:47:16 0 d-------- C:\Drivers
2008-08-14 10:02:49 0 d-------- C:\Program Files\MSXML 4.0
2008-08-13 22:06:22 0 d-------- C:\Users\All Users\Ilium Software
2008-08-13 22:06:09 0 d-------- C:\Program Files\Ilium Software
2008-08-13 17:45:44 0 d-------- C:\Users\All Users\Nokia
2008-08-13 17:37:22 0 d-------- C:\Users\Micky\{197d8974-9f06-480c-b27b-7174ae8bcb63}
2008-08-13 17:36:34 0 d-------- C:\Program Files\Common Files\PCSuite
2008-08-13 17:36:33 0 d-------- C:\Program Files\Common Files\Nokia
2008-08-13 17:35:12 0 d------c- C:\Windows\system32\DRVSTORE
2008-08-13 17:35:02 0 d-------- C:\Program Files\PC Connectivity Solution
2008-08-13 17:25:11 0 d-------- C:\Program Files\DIFX
2008-08-13 17:24:50 0 d-------- C:\Users\All Users\PC Suite
2008-08-13 17:20:44 0 d-------- C:\Program Files\Nokia
2008-08-13 17:18:59 0 d-------- C:\Users\All Users\Installations
2008-08-12 20:08:35 126976 -----n--- C:\Windows\system32\fppr332.dll <Not Verified; FinePrint Software, LLC; pdfFactory>
2008-08-12 20:08:35 315392 -----n--- C:\Windows\system32\fppmon3.dll <Not Verified; FinePrint Software, LLC; pdfFactory>
2008-08-12 17:03:33 81984 --a------ C:\Windows\system32\bdod.bin
2008-08-12 06:55:08 0 d-------- C:\Users\All Users\HP
2008-08-11 20:29:13 0 d-------- C:\Users\All Users\BitDefender
2008-08-11 20:29:13 0 d-------- C:\Program Files\BitDefender
2008-08-11 20:27:39 0 d-------- C:\Program Files\Common Files\BitDefender
2008-08-11 20:14:27 0 d-------- C:\Local Settings
2008-08-11 20:03:58 0 d-------- C:\Windows\BDOSCAN8

-- Find3M Report ---------------------------------------------------------------

2008-08-15 11:38:09 12 --a------ C:\Windows\bthservsdp.dat
2008-08-14 07:15:00 0 d-------- C:\Program Files\Windows Mail
2008-08-13 22:06:09 0 d-------- C:\Users\Micky\AppData\Roaming\Ilium Software
2008-08-13 20:54:59 0 d-------- C:\Users\Micky\AppData\Roaming\Nokia Multimedia Player
2008-08-13 17:36:34 0 d-------- C:\Program Files\Common Files
2008-08-13 17:27:07 0 d-------- C:\Users\Micky\AppData\Roaming\PC Suite
2008-08-13 17:26:52 0 d-------- C:\Users\Micky\AppData\Roaming\Nokia
2008-08-11 20:30:56 0 d-------- C:\Users\Micky\AppData\Roaming\BitDefender
2008-08-11 20:18:44 174 --ahs---- C:\Program Files\desktop.ini

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [01/03/2008 20:09]
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" []
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [10/05/2007 23:46]
"@"="" []
"pdfFactory Dispatcher v2"="C:\Windows\system32\spool\DRIVERS\W32X86\3\fp pdis2a.exe" [19/09/2005 23:50]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [24/08/2007 08:00]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [30/10/2007 21:06]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [30/10/2007 21:11]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [30/10/2007 21:07]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [09/10/2007 16:46]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [23/05/2008 19:16]
"pdfFactory Pro Dispatcher v3"="C:\Windows\system32\spool\DRIVERS\W32X86\3\fp pdis3a.exe" [25/09/2007 17:32]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/03/2008 19:53]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [22/12/2007 08:23]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [16/04/2008 12:53]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [26/03/2008 18:41]

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog

C:\Users\Micky\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [24/08/2007 05:45:42]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
WindowsMobile wcescomm rapimgr
LocalServiceRestricted WcesComm RapiMgr
bthsvcs BthServ
bdx scan

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{1a9595ed-e7b4-11dc-998b-806e6f6e6963}]
AutoRun\command- F:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{1bfdc4a5-6a25-11dd-9d66-806e6f6e6963}]
AutoRun\command- G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{1bfdc5aa-6a25-11dd-9d66-00030d58ad42}]
AutoRun\command- G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{4a77a291-6a1d-11dd-93e6-00030d58ad42}]
AutoRun\command- G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{4a77a292-6a1d-11dd-93e6-00030d58ad42}]
AutoRun\command- G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a8a78411-6a23-11dd-a57c-00030d58ad42}]
AutoRun\command- G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a8a78412-6a23-11dd-a57c-00030d58ad42}]
AutoRun\command- G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b6810b0f-e7c5-11dc-9c0f-806e6f6e6963}]
AutoRun\command- G:\AutoRun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

-- End of Deckard's System Scanner: finished at 2008-08-15 11:44:02 ------------

Pancake · 08-15-2008

I see no malware in your logs.They are fine.

08-15-2008	#1
MrEnigma New Poster Join Date: Aug 2008 Posts: 2 PC Experience: PC Illiterate	CPU rins at 100% Every so often often my CPU will run at 100%, and then after a couple of minutes will just hang, so I have to hit the power button, then retsart, then everything is ok. I have several images created with acronis disk, and now I am using my first good known state which was taken in February 2008, but I still get the cpu problem, so maybe its a hardware fault? I have an HUAWEI E220 external USB modem, (which vista keeps tellinbg me to update, but I cannot as I think its locked to tmobile), and I installed 1 gig of ram about 4 months ago. So here are my two log files, from dss, thanks in advance ------------ Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Home Premium (build 6000) Architecture: X86; Language: English CPU 0: Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz Percentage of Memory in Use: 46% Physical Memory (total/avail): 1525.56 MiB / 822.14 MiB Pagefile Memory (total/avail): 3289.7 MiB / 2437.89 MiB Virtual Memory (total/avail): 2047.88 MiB / 1900.38 MiB C: is Fixed (NTFS) - 52.8 GiB total, 29.11 GiB free. D: is Fixed (NTFS) - 25.33 GiB total, 4.12 GiB free. E: is Fixed (NTFS) - 70.92 GiB total, 6.16 GiB free. F: is CDROM (UDF) G: is CDROM (CDFS) L: is CDROM (No Media) M: is CDROM (No Media) N: is CDROM (No Media) O: is CDROM (No Media) P: is CDROM (No Media) Q: is CDROM (No Media) R: is CDROM (No Media) S: is CDROM (No Media) T: is CDROM (No Media) U: is CDROM (No Media) \\.\PHYSICALDRIVE0 - Hitachi HTS541616J9SA00 ATA Device - 149.05 GiB - 3 partitions \PARTITION0 (bootable) - Installable File System - 52.8 GiB - C: \PARTITION1 - Installable File System - 25.33 GiB - D: \PARTITION2 - Installable File System - 70.92 GiB - E: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. FW: Bitdefender Firewall v8.0 (BitDefender) AV: Bitdefender Antivirus v8.0 (BitDefender) AS: BitDefender Antispyware v8.0 (BitDefender) AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) [HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\Micky\AppData\Roaming CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=MICKY-FUJITSU ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\Micky LOCALAPPDATA=C:\Users\Micky\AppData\Local LOGONSERVER=\\MICKY-FUJITSU NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Window s\System32\Wbem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f06 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\Micky\AppData\Local\Temp TMP=C:\Users\Micky\AppData\Local\Temp USERDOMAIN=Micky-Fujitsu USERNAME=Micky USERPROFILE=C:\Users\Micky windir=C:\Windows -- User Profiles --------------------------------------------------------------- Micky -- Add/Remove Programs --------------------------------------------------------- 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} Acronis True Image Home --> MsiExec.exe /X{633A06C3-B709-479A-AAB3-5EE94AD9EE4B} Adobe Acrobat 8.1.0 Professional --> msiexec /I {AC76BA86-1033-F400-7760-000000000003} Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugi n.exe AMTECH Common --> MsiExec.exe /I{56B30A8B-0BD0-4B58-899D-9F9C2257FEBA} AMTECH FastTest --> MsiExec.exe /I{336DA6EE-BC02-496E-AC02-F42995942C4E} AMTECH Power Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1CA27668-53D0-443B-BAF3-D4AC874593C4}\SETUP.EXE" -l0x9 -uninstall BitDefender Total Security 2008 --> MsiExec.exe /I{E404EFD4-6110-413C-AD1A-D6D0F261960E} CHESSBASE 9 (Modfied by ElGindy) --> C:\Program Files\CHESSBASE\CB9\Uninstal.exe eWallet 6.0 Professional Edition (Windows Mobile) --> "C:\Program Files\Ilium Software\eWallet\unins000.exe" GetDiz 3.0 --> C:\PROGRA~1\GetDiz\UNINST~1\UNWISE.EXE C:\PROGRA~1\GetDiz\UNINST~1\install.log Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE} Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE} Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE} Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MyPersonalDiet --> C:\Windows\WindowsMobile\MyPersonalDiet\Uninstall. exe MyPersonalDiet MySportTraining --> C:\Windows\WindowsMobile\MySportTraining\Uninstall .exe MySportTraining Nokia Connectivity Cable Driver --> MsiExec.exe /X{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48} Nokia Flashing Cable Driver --> MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943} Nokia PC Suite --> C:\ProgramData\Installations\{9C05FA75-0337-4523-AA57-9D3511018887}\Nokia_PC_Suite_rel_6_86_9_3_eng.exe Nokia PC Suite --> MsiExec.exe /I{9C05FA75-0337-4523-AA57-9D3511018887} Nokia Software Updater --> MsiExec.exe /X{48110A46-A3A4-481E-8230-7873B7F4C696} PC Connectivity Solution --> MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930} pdfFactory (2.x) --> C:\Windows\system32\spool\DRIVERS\W32X86\3\fppinst 2.exe /uninstall pdfFactory Pro --> C:\Windows\system32\spool\DRIVERS\W32X86\3\fppinst 3.exe /uninstall Security Update for 2007 Microsoft Office System (KB951596) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E} Security Update for Microsoft Office Excel 2007 (KB951546) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26} Security Update for Microsoft Office PowerPoint 2007 (KB951338) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00} Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9} Update for Microsoft Office Outlook 2007 (KB952142) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb955433) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D9806966-6AA1-4B55-9528-6748E37CEE86} VidaOne Diet and Fitness --> MsiExec.exe /I{4ED42A03-79B7-4304-B61F-3A64CE922684} web'n'walk USB manager --> C:\Program Files\T-Mobile\web'n'walk USB manager\uninst.exe Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nok btmdm.inf_7837a5db\nokbtmdm.inf Windows Driver Package - Nokia Modem (10/12/2007 3.6) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nok ia_bluetooth.inf_ee12375f\nokia_bluetooth.inf Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_4A1E30386F4D 0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf Windows Mobile Device Center --> MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917} Windows Mobile Device Center Driver Update --> MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E} WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type2655 / Success Event Submitted/Written: 08/15/2008 11:40:15 AM Event ID/Source: 5617 / WinMgmt Event Description: Event Record #/Type2654 / Success Event Submitted/Written: 08/15/2008 11:40:15 AM Event ID/Source: 5615 / WinMgmt Event Description: Event Record #/Type2653 / Success Event Submitted/Written: 08/15/2008 11:39:27 AM Event ID/Source: 902 / Software Licensing Service Event Description: The Software Licensing service has started. Event Record #/Type2643 / Success Event Submitted/Written: 08/15/2008 11:38:10 AM Event ID/Source: 903 / Software Licensing Service Event Description: The Software Licensing service has stopped. Event Record #/Type2619 / Success Event Submitted/Written: 08/15/2008 10:48:27 AM Event ID/Source: 5617 / WinMgmt Event Description: -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type20382 / Warning Event Submitted/Written: 08/15/2008 11:43:12 AM Event ID/Source: 4 / Microsoft-Windows-FilterManager Event Description: 0xc0000013608bdfsfltr2007-12-31T09:12:12.000Z15\Device\CdRom10 Event Record #/Type20381 / Warning Event Submitted/Written: 08/15/2008 11:43:12 AM Event ID/Source: 4 / Microsoft-Windows-FilterManager Event Description: 0xc0000013608bdfsfltr2007-12-31T09:12:12.000Z14\Device\CdRom9 Event Record #/Type20380 / Warning Event Submitted/Written: 08/15/2008 11:43:12 AM Event ID/Source: 4 / Microsoft-Windows-FilterManager Event Description: 0xc0000013608bdfsfltr2007-12-31T09:12:12.000Z14\Device\CdRom8 Event Record #/Type20379 / Warning Event Submitted/Written: 08/15/2008 11:43:12 AM Event ID/Source: 4 / Microsoft-Windows-FilterManager Event Description: 0xc0000013608bdfsfltr2007-12-31T09:12:12.000Z14\Device\CdRom7 Event Record #/Type20378 / Warning Event Submitted/Written: 08/15/2008 11:43:12 AM Event ID/Source: 4 / Microsoft-Windows-FilterManager Event Description: 0xc0000013608bdfsfltr2007-12-31T09:12:12.000Z14\Device\CdRom6 -- End of Deckard's System Scanner: finished at 2008-08-15 11:44:02 ------------ Deckard's System Scanner v20071014.68 Run by Micky on 2008-08-15 11:41:08 Computer is in Normal Mode. -------------------------------------------------------------------------------- Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Micky.exe) ----------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:42:59, on 15/08/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16711) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Windows\System32\spool\drivers\w32x86\3\fppdis2 a.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe C:\Users\Micky\Desktop\dss.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Micky\Desktop\Micky.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [pdfFactory Dispatcher v2] "C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis 2a.exe" /source=HKLM O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis 3a.exe" /source=HKLM O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 8970 bytes -- File Associations ----------------------------------------------------------- .ini - GetDiz.Document - DefaultIcon - unable to read value .ini - GetDiz.Document - shell\open\command - "C:\Program Files\GetDiz\GetDiz.exe" "%1" -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 BDSelfPr - \??\c:\program files\bitdefender\bitdefender 2008\bdselfpr.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition> R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft ISATAP Adapter Device ID: ROOT\ISATAP\0003 Manufacturer: Microsoft Name: isatap.{0B330313-D18C-4ED6-8AC5-E248906CBF85} PNP Device ID: ROOT\ISATAP\0003 Service: tunnel -- Scheduled Tasks ------------------------------------------------------------- 2008-08-15 11:41:49 418 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{F444BEF9-EF5F-4BA7-8E19-BF975B127075}.job -- Files created between 2008-07-15 and 2008-08-15 ----------------------------- 2008-08-14 17:47:16 0 d-------- C:\Drivers 2008-08-14 10:02:49 0 d-------- C:\Program Files\MSXML 4.0 2008-08-13 22:06:22 0 d-------- C:\Users\All Users\Ilium Software 2008-08-13 22:06:09 0 d-------- C:\Program Files\Ilium Software 2008-08-13 17:45:44 0 d-------- C:\Users\All Users\Nokia 2008-08-13 17:37:22 0 d-------- C:\Users\Micky\{197d8974-9f06-480c-b27b-7174ae8bcb63} 2008-08-13 17:36:34 0 d-------- C:\Program Files\Common Files\PCSuite 2008-08-13 17:36:33 0 d-------- C:\Program Files\Common Files\Nokia 2008-08-13 17:35:12 0 d------c- C:\Windows\system32\DRVSTORE 2008-08-13 17:35:02 0 d-------- C:\Program Files\PC Connectivity Solution 2008-08-13 17:25:11 0 d-------- C:\Program Files\DIFX 2008-08-13 17:24:50 0 d-------- C:\Users\All Users\PC Suite 2008-08-13 17:20:44 0 d-------- C:\Program Files\Nokia 2008-08-13 17:18:59 0 d-------- C:\Users\All Users\Installations 2008-08-12 20:08:35 126976 -----n--- C:\Windows\system32\fppr332.dll <Not Verified; FinePrint Software, LLC; pdfFactory> 2008-08-12 20:08:35 315392 -----n--- C:\Windows\system32\fppmon3.dll <Not Verified; FinePrint Software, LLC; pdfFactory> 2008-08-12 17:03:33 81984 --a------ C:\Windows\system32\bdod.bin 2008-08-12 06:55:08 0 d-------- C:\Users\All Users\HP 2008-08-11 20:29:13 0 d-------- C:\Users\All Users\BitDefender 2008-08-11 20:29:13 0 d-------- C:\Program Files\BitDefender 2008-08-11 20:27:39 0 d-------- C:\Program Files\Common Files\BitDefender 2008-08-11 20:14:27 0 d-------- C:\Local Settings 2008-08-11 20:03:58 0 d-------- C:\Windows\BDOSCAN8 -- Find3M Report --------------------------------------------------------------- 2008-08-15 11:38:09 12 --a------ C:\Windows\bthservsdp.dat 2008-08-14 07:15:00 0 d-------- C:\Program Files\Windows Mail 2008-08-13 22:06:09 0 d-------- C:\Users\Micky\AppData\Roaming\Ilium Software 2008-08-13 20:54:59 0 d-------- C:\Users\Micky\AppData\Roaming\Nokia Multimedia Player 2008-08-13 17:36:34 0 d-------- C:\Program Files\Common Files 2008-08-13 17:27:07 0 d-------- C:\Users\Micky\AppData\Roaming\PC Suite 2008-08-13 17:26:52 0 d-------- C:\Users\Micky\AppData\Roaming\Nokia 2008-08-11 20:30:56 0 d-------- C:\Users\Micky\AppData\Roaming\BitDefender 2008-08-11 20:18:44 174 --ahs---- C:\Program Files\desktop.ini -- Registry Dump --------------------------------------------------------------- Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [01/03/2008 20:09] "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [] "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [10/05/2007 23:46] "@"="" [] "pdfFactory Dispatcher v2"="C:\Windows\system32\spool\DRIVERS\W32X86\3\fp pdis2a.exe" [19/09/2005 23:50] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [24/08/2007 08:00] "TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [30/10/2007 21:06] "AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [30/10/2007 21:11] "Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [30/10/2007 21:07] "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [09/10/2007 16:46] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [23/05/2008 19:16] "pdfFactory Pro Dispatcher v3"="C:\Windows\system32\spool\DRIVERS\W32X86\3\fp pdis3a.exe" [25/09/2007 17:32] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/03/2008 19:53] "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [22/12/2007 08:23] "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [16/04/2008 12:53] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [26/03/2008 18:41] [HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog C:\Users\Micky\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [24/08/2007 05:45:42] [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa] "Authentication Packages"= msv1_0 relog_ap [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum WindowsMobile wcescomm rapimgr LocalServiceRestricted WcesComm RapiMgr bthsvcs BthServ bdx scan [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{1a9595ed-e7b4-11dc-998b-806e6f6e6963}] AutoRun\command- F:\SETUP.EXE [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{1bfdc4a5-6a25-11dd-9d66-806e6f6e6963}] AutoRun\command- G:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{1bfdc5aa-6a25-11dd-9d66-00030d58ad42}] AutoRun\command- G:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{4a77a291-6a1d-11dd-93e6-00030d58ad42}] AutoRun\command- G:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{4a77a292-6a1d-11dd-93e6-00030d58ad42}] AutoRun\command- G:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a8a78411-6a23-11dd-a57c-00030d58ad42}] AutoRun\command- G:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a8a78412-6a23-11dd-a57c-00030d58ad42}] AutoRun\command- G:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b6810b0f-e7c5-11dc-9c0f-806e6f6e6963}] AutoRun\command- G:\AutoRun.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-08-15 11:44:02 ------------ Last edited by MrEnigma; 08-15-2008 at 02:38 PM. Reason: correct spelling

08-15-2008	#2
Pancake Senior Security Analyst Join Date: Jun 2006 Location: Victoria, Australia Posts: 6,867 PC Experience: Elite PC Guru	Re: CPU rins at 100% I see no malware in your logs.They are fine. __________________ An Australian Member of and My real name is Eddy

Similar discussions...
Thread	Thread Starter	Forum	Replies	Last Post
[Answered] CPU not running at full... HELP	sportskin	Processor/CPU	3	03-29-2008 08:25 PM
[Resolved] Strange 50% cpu problem	mecorx	[Fixed] Hijackthis! Logs	12	10-14-2007 03:42 AM
Is my CPU heating up too quickly?	Waldo_II	Unfinished Threads	2	09-06-2007 08:17 AM
CPU Slowdown	WangHu	Unfinished Threads	1	02-05-2007 11:58 PM
[Pending] CPU burnt out and floppy caught fire, how do I fix it?	helenwest	Processor/CPU	9	08-11-2005 12:23 PM

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode