 
                 
                InterviewSolution
| 1. | Solve : System Idle Process CPU won't go down? | 
| Answer» Okay, So I am quite stuck with this issue. I know that the System Idle Process is used when there's nothing to do and it will always be 99 around that. But the problem is that when I run a busy program or games which normally would instantly replace the CPU usage from System Idle Process. It doesn't now or it does only 50%, which makes my games lag and barely unplayable.  
 Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8021 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 10/26/2011 5:47:37 PM mbam-log-2011-10-26 (17-47-37).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 373381 Time elapsed: 1 hour(s), 12 minute(s), 32 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 11 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\documents and settings\Nookia\my documents\cdkeybuddy v1.04\cdkeybuddy.dll (Trojan.Downloader) -> Quarantined and deleted successfully. d:\downloads\guitar pro 6.0.8 r9626 multilingual\Keymaker\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. d:\downloads\CS5\adobe photoshop cs5 extended\adobe cs5 all products keygens + individual product keygen\adobe creative suite 5 master collection keymaker\adobe_keygen_mc_cs5.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. d:\downloads\CS5\adobe photoshop cs5 extended\adobe cs5 all products keygens + individual product keygen\adobe dreamweaver cs5 v11.0.4909 keygen\adobe_dw_cs5_keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. d:\downloads\CS5\adobe photoshop cs5 extended\adobe cs5 all products keygens + individual product keygen\adobe flash professional cs5 v11.0.0.485 keygen\adobe_fp_cs5_keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. d:\downloads\CS5\adobe photoshop cs5 extended\adobe cs5 all products keygens + individual product keygen\adobe illustrator cs5 v15.0 keygen\adobe_il_cs5_keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. d:\downloads\CS5\adobe photoshop cs5 extended\adobe cs5 all products keygens + individual product keygen\adobe indesign cs5 premium v7.0 keygen\adobe_idp_cs5_keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. d:\downloads\CS5\adobe photoshop cs5 extended\adobe cs5 all products keygens + individual product keygen\adobe photoshop cs5 extended v12.0 keygen\adobe_ps_cs5_keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. d:\downloads\CS5\adobe photoshop cs5 extended\adobe cs5 all products keygens + individual product keygen\core adobe master collection cs5\adobe_keygen_mc_cs5.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. d:\Games\rhythm zone\uninstall.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully. d:\system volume information\_restore{65cd1720-a71e-43e1-a698-25902bb3649f}\RP11\A0014272.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. DDS Log [Both] DDS . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_27 Run by Nookia at 20:34:10 on 2011-10-26 Microsoft Windows XP Professional 5.1.2600.3.874.66.1033.18.3327.2663 [GMT 7:00] . . ============== Running Processes =============== . C:\WINXP\system32\nvsvc32.exe C:\WINXP\system32\svchost -k DcomLaunch svchost.exe C:\WINXP\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINXP\system32\spoolsv.exe C:\WINXP\Explorer.EXE C:\WINXP\system32\RUNDLL32.EXE C:\WINXP\RTHDCPL.EXE C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe svchost.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINXP\system32\ctfmon.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\SddSUpdate\SddSUpdate.exe C:\WINXP\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINXP\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.co.th/ uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\documents and settings\nookia\application data\flashgetbho\FlashGetBHO3.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [CTFMON.EXE] c:\winxp\system32\ctfmon.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [FlashGet 3] "c:\program files\flashget network\flashget 3\FlashGet3.exe" -minimize uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [NvMediaCenter] RUNDLL32.EXE c:\winxp\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\winxp\system32\NvCpl.dll,NvStartup mRun: [IMJPMIG8.1] "c:\winxp\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [PHIME2002ASync] c:\winxp\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\winxp\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [SIX Engine] "c:\program files\asus\epu-4 engine\FourEngine.exe" -r mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe" mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe" mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [NeroFilterCheck] c:\winxp\system32\NeroCheck.exe mRun: [PlusService] c:\program files\yuna software\messenger plus!\PlusService.exe mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray dRun: [CTFMON.EXE] c:\winxp\system32\CTFMON.EXE IE: Download all by FlashGet3 - c:\documents and settings\nookia\application data\flashgetbho\GetAllUrl.htm IE: Download by FlashGet3 - c:\documents and settings\nookia\application data\flashgetbho\GetUrl.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL Trusted Zone: com.cn\*.cga Trusted Zone: kuaiche.com\software Trusted Zone: ogdev.net Trusted Zone: sdo.com DPF: {2B6F3D45-8258-4A13-85B8-58C62DFDB4EA} - hxxps://secure1.playfps.com/play/ava/ax/WebLauncher.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{74B61D8C-FD92-4099-9703-D4AD44B5EB4C} : NameServer = 192.168.1.2,192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winxp\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\nookia\application data\mozilla\firefox\profiles\msprhzcg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.th/ FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll . ============= SERVICES / DRIVERS =============== . R0 mv61xx;mv61xx;c:\winxp\system32\drivers\mv61xx.sys [2011-3-2 159024] R0 mv61xxmm;mv61xxmm;c:\winxp\system32\drivers\mv61xxmm.sys [2011-3-2 13616] R0 mv64xxmm;mv64xxmm;c:\winxp\system32\drivers\mv64xxmm.sys [2011-3-2 5632] R0 mvxxmm;mvxxmm;c:\winxp\system32\drivers\mvxxmm.sys [2011-3-2 13616] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\winxp\system32\drivers\dtsoftbus01.sys [2011-5-16 218688] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-26 366152] R2 SddSUpdate;SddSUpdate;c:\program files\sddsupdate\SddSUpdate.exe [2011-9-27 466440] R3 MBAMProtector;MBAMProtector;c:\winxp\system32\drivers\mbam.sys [2011-10-26 22216] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\winxp\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-30 136176] S3 1394hub;1394 Enabled Hub;c:\winxp\system32\svchost.exe -k netsvcs [2008-4-14 14336] S3 Ambfilt;Ambfilt;c:\winxp\system32\drivers\Ambfilt.sys [2011-5-16 1684736] S3 dump_wmimmc;dump_wmimmc;\??\d:\games\ea sports\fifa online 2\gameguard\dump_wmimmc.sys --> d:\games\ea sports\fifa online 2\gameguard\dump_wmimmc.sys [?] S3 EagleXNt;EagleXNt;\??\c:\winxp\system32\drivers\eaglexnt.sys --> c:\winxp\system32\drivers\EagleXNt.sys [?] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena classic\safedrv.sys --> c:\program files\garena classic\safedrv.sys [?] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-30 136176] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\winxp\system32\drivers\mbamswissarmy.sys --> c:\winxp\system32\drivers\mbamswissarmy.sys [?] S3 npggsvc;nProtect GameGuard Service;c:\winxp\system32\gamemon.des -service --> c:\winxp\system32\GameMon.des -service [?] S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\winxp\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 XDva385;XDva385;\??\c:\winxp\system32\xdva385.sys --> c:\winxp\system32\XDva385.sys [?] S3 XDva387;XDva387;\??\c:\winxp\system32\xdva387.sys --> c:\winxp\system32\XDva387.sys [?] . =============== Created Last 30 ================ . 2011-10-26 11:35:40 -------- d-----w- c:\winxp\pss 2011-10-26 09:33:00 -------- d-----w- c:\documents and settings\nookia\application data\Malwarebytes 2011-10-26 09:32:54 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2011-10-26 09:32:51 22216 ----a-w- c:\winxp\system32\drivers\mbam.sys 2011-10-26 09:32:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-25 12:30:45 -------- d-----w- C:\Log 2011-10-25 10:19:29 -------- d-----w- c:\winxp\EA Sports FIFA Online 2 2011-10-25 10:19:29 -------- d-----w- C:\Joy2Key 2011-10-24 11:10:25 -------- d-----w- c:\program files\KONAMI 2011-10-18 02:29:14 39424 ----a-w- c:\winxp\LZService.exe 2011-10-18 02:28:45 132880 ----a-w- c:\winxp\system32\MSINET.OCX 2011-10-16 17:06:49 74072 ----a-w- c:\winxp\system32\XAPOFX1_5.dll 2011-10-16 17:06:49 527192 ----a-w- c:\winxp\system32\XAudio2_7.dll 2011-10-16 17:06:49 239960 ----a-w- c:\winxp\system32\xactengine3_7.dll 2011-10-16 17:06:49 2106216 ----a-w- c:\winxp\system32\D3DCompiler_43.dll 2011-10-16 17:06:48 470880 ----a-w- c:\winxp\system32\d3dx10_43.dll 2011-10-16 17:06:48 248672 ----a-w- c:\winxp\system32\d3dx11_43.dll 2011-10-16 17:06:48 1868128 ----a-w- c:\winxp\system32\d3dcsx_43.dll 2011-10-16 17:06:47 1998168 ----a-w- c:\winxp\system32\D3DX9_43.dll 2011-10-16 16:40:09 -------- d-----w- c:\documents and settings\nookia\application data\NVIDIA 2011-10-11 15:47:15 74072 ----a-w- c:\winxp\system32\XAPOFX1_4.dll 2011-10-11 15:47:15 528216 ----a-w- c:\winxp\system32\XAudio2_6.dll 2011-10-11 15:47:15 238936 ----a-w- c:\winxp\system32\xactengine3_6.dll 2011-10-11 15:47:14 22360 ----a-w- c:\winxp\system32\X3DAudio1_7.dll 2011-10-10 04:09:40 4550304 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll 2011-10-07 05:33:50 -------- d-----w- c:\program files\HHD Software 2011-10-06 03:54:14 -------- d-----w- c:\documents and settings\nookia\application data\fretsonfire 2011-10-06 03:53:56 -------- d-----w- c:\program files\Frets on Fire 2011-10-04 03:14:25 -------- d-----w- c:\program files\Activision 2011-10-04 02:58:01 -------- d-----w- c:\documents and settings\nookia\local settings\application data\Activision 2011-10-04 02:41:11 -------- d-sh--w- c:\winxp\ftpcache 2011-10-02 08:56:03 -------- d-----w- c:\documents and settings\all users\application data\NexonUS 2011-10-02 04:17:27 -------- d-----w- c:\program files\Acoustica Shared Effects 2011-10-02 04:08:09 -------- d-----w- c:\documents and settings\all users\application data\Acoustica 2011-10-02 04:07:33 -------- d-----w- c:\program files\Acoustica Mixcraft 5 2011-10-01 15:51:06 -------- d-----w- c:\program files\ASIO4ALL v2 2011-10-01 15:50:50 225280 ----a-w- c:\winxp\system32\rewire.dll 2011-10-01 15:50:50 -------- d-----w- c:\program files\VstPlugins 2011-10-01 15:50:43 1554944 ----a-w- c:\winxp\system32\vorbis.acm 2011-10-01 15:50:39 -------- d-----w- c:\program files\Outsim 2011-10-01 15:47:09 -------- d-----w- c:\program files\Image-Line 2011-10-01 15:47:04 1700352 ----a-w- c:\winxp\system32\gdiplus.dll 2011-10-01 15:44:42 -------- d-----w- c:\program files\FL Studio 2011-09-30 13:34:35 -------- d-----w- c:\documents and settings\all users\application data\Electronic Arts 2011-09-30 13:34:35 -------- d-----w- c:\documents and settings\all users\application data\EA Core 2011-09-30 13:32:51 447752 ----a-r- c:\winxp\system32\vp6vfw.dll 2011-09-30 13:32:50 -------- d-----w- c:\program files\Microsoft WSE 2011-09-29 10:46:57 -------- d-----w- c:\documents and settings\nookia\local settings\application data\Firaxis Games 2011-09-29 09:39:02 -------- d-----w- c:\winxp\system32\XPSViewer 2011-09-29 01:58:32 89088 ----a-w- c:\winxp\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll 2011-09-29 01:58:10 89088 -c----w- c:\winxp\system32\dllcache\filterpipelineprintproc.dll 2011-09-29 01:58:10 117760 ------w- c:\winxp\system32\prntvpt.dll 2011-09-29 01:58:09 597504 -c----w- c:\winxp\system32\dllcache\printfilterpipelinesvc.exe 2011-09-29 01:58:09 597504 ------w- c:\winxp\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2011-09-29 01:58:09 575488 -c----w- c:\winxp\system32\dllcache\xpsshhdr.dll 2011-09-29 01:58:09 575488 ------w- c:\winxp\system32\xpsshhdr.dll 2011-09-29 01:58:09 1676288 -c----w- c:\winxp\system32\dllcache\xpssvcs.dll 2011-09-29 01:58:09 1676288 ------w- c:\winxp\system32\xpssvcs.dll 2011-09-29 01:58:09 -------- d-----w- C:\3f9d14be43711397db9ffd31043f28bc 2011-09-29 01:54:54 -------- d-----w- C:\cc6b51d250c0cea3656f1fb210 2011-09-29 01:54:37 -------- d-----w- C:\02798d8739b357d4a4b0e2 2011-09-28 17:31:03 -------- d-----w- C:\7beff02027e3d28540fca470 2011-09-26 16:11:53 -------- d-----w- c:\program files\common files\Steam . ==================== Find3M ==================== . 2011-10-23 02:12:11 414368 ----a-w- c:\winxp\system32\FlashPlayerCPLApp.cpl 2011-10-16 18:20:04 444952 ----a-w- c:\winxp\system32\wrap_oal.dll 2011-10-16 18:20:04 109080 ----a-w- c:\winxp\system32\OpenAL32.dll 2011-09-10 02:42:04 73728 ----a-w- c:\winxp\system32\javacpl.cpl 2011-09-10 02:42:03 472808 ----a-w- c:\winxp\system32\deployJava1.dll . ============= FINISH: 20:34:17.51 =============== DDS Log [Both] Attach . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_27 Run by Nookia at 20:34:10 on 2011-10-26 Microsoft Windows XP Professional 5.1.2600.3.874.66.1033.18.3327.2663 [GMT 7:00] . . ============== Running Processes =============== . C:\WINXP\system32\nvsvc32.exe C:\WINXP\system32\svchost -k DcomLaunch svchost.exe C:\WINXP\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINXP\system32\spoolsv.exe C:\WINXP\Explorer.EXE C:\WINXP\system32\RUNDLL32.EXE C:\WINXP\RTHDCPL.EXE C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe svchost.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINXP\system32\ctfmon.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\SddSUpdate\SddSUpdate.exe C:\WINXP\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINXP\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.co.th/ uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\documents and settings\nookia\application data\flashgetbho\FlashGetBHO3.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [CTFMON.EXE] c:\winxp\system32\ctfmon.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [FlashGet 3] "c:\program files\flashget network\flashget 3\FlashGet3.exe" -minimize uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [NvMediaCenter] RUNDLL32.EXE c:\winxp\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\winxp\system32\NvCpl.dll,NvStartup mRun: [IMJPMIG8.1] "c:\winxp\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [PHIME2002ASync] c:\winxp\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\winxp\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [Six Engine] "c:\program files\asus\epu-4 engine\FourEngine.exe" -r mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe" mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe" mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [NeroFilterCheck] c:\winxp\system32\NeroCheck.exe mRun: [PlusService] c:\program files\yuna software\messenger plus!\PlusService.exe mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray dRun: [CTFMON.EXE] c:\winxp\system32\CTFMON.EXE IE: Download all by FlashGet3 - c:\documents and settings\nookia\application data\flashgetbho\GetAllUrl.htm IE: Download by FlashGet3 - c:\documents and settings\nookia\application data\flashgetbho\GetUrl.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL Trusted Zone: com.cn\*.cga Trusted Zone: kuaiche.com\software Trusted Zone: ogdev.net Trusted Zone: sdo.com DPF: {2B6F3D45-8258-4A13-85B8-58C62DFDB4EA} - hxxps://secure1.playfps.com/play/ava/ax/WebLauncher.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{74B61D8C-FD92-4099-9703-D4AD44B5EB4C} : NameServer = 192.168.1.2,192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winxp\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\nookia\application data\mozilla\firefox\profiles\msprhzcg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.th/ FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll . ============= SERVICES / DRIVERS =============== . R0 mv61xx;mv61xx;c:\winxp\system32\drivers\mv61xx.sys [2011-3-2 159024] R0 mv61xxmm;mv61xxmm;c:\winxp\system32\drivers\mv61xxmm.sys [2011-3-2 13616] R0 mv64xxmm;mv64xxmm;c:\winxp\system32\drivers\mv64xxmm.sys [2011-3-2 5632] R0 mvxxmm;mvxxmm;c:\winxp\system32\drivers\mvxxmm.sys [2011-3-2 13616] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\winxp\system32\drivers\dtsoftbus01.sys [2011-5-16 218688] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-26 366152] R2 SddSUpdate;SddSUpdate;c:\program files\sddsupdate\SddSUpdate.exe [2011-9-27 466440] R3 MBAMProtector;MBAMProtector;c:\winxp\system32\drivers\mbam.sys [2011-10-26 22216] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\winxp\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-30 136176] S3 1394hub;1394 Enabled Hub;c:\winxp\system32\svchost.exe -k netsvcs [2008-4-14 14336] S3 Ambfilt;Ambfilt;c:\winxp\system32\drivers\Ambfilt.sys [2011-5-16 1684736] S3 dump_wmimmc;dump_wmimmc;\??\d:\games\ea sports\fifa online 2\gameguard\dump_wmimmc.sys --> d:\games\ea sports\fifa online 2\gameguard\dump_wmimmc.sys [?] S3 EagleXNt;EagleXNt;\??\c:\winxp\system32\drivers\eaglexnt.sys --> c:\winxp\system32\drivers\EagleXNt.sys [?] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena classic\safedrv.sys --> c:\program files\garena classic\safedrv.sys [?] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-30 136176] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\winxp\system32\drivers\mbamswissarmy.sys --> c:\winxp\system32\drivers\mbamswissarmy.sys [?] S3 npggsvc;nProtect GameGuard Service;c:\winxp\system32\gamemon.des -service --> c:\winxp\system32\GameMon.des -service [?] S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\winxp\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 XDva385;XDva385;\??\c:\winxp\system32\xdva385.sys --> c:\winxp\system32\XDva385.sys [?] S3 XDva387;XDva387;\??\c:\winxp\system32\xdva387.sys --> c:\winxp\system32\XDva387.sys [?] . =============== Created Last 30 ================ . 2011-10-26 11:35:40 -------- d-----w- c:\winxp\pss 2011-10-26 09:33:00 -------- d-----w- c:\documents and settings\nookia\application data\Malwarebytes 2011-10-26 09:32:54 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2011-10-26 09:32:51 22216 ----a-w- c:\winxp\system32\drivers\mbam.sys 2011-10-26 09:32:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-25 12:30:45 -------- d-----w- C:\Log 2011-10-25 10:19:29 -------- d-----w- c:\winxp\EA Sports FIFA Online 2 2011-10-25 10:19:29 -------- d-----w- C:\Joy2Key 2011-10-24 11:10:25 -------- d-----w- c:\program files\KONAMI 2011-10-18 02:29:14 39424 ----a-w- c:\winxp\LZService.exe 2011-10-18 02:28:45 132880 ----a-w- c:\winxp\system32\MSINET.OCX 2011-10-16 17:06:49 74072 ----a-w- c:\winxp\system32\XAPOFX1_5.dll 2011-10-16 17:06:49 527192 ----a-w- c:\winxp\system32\XAudio2_7.dll 2011-10-16 17:06:49 239960 ----a-w- c:\winxp\system32\xactengine3_7.dll 2011-10-16 17:06:49 2106216 ----a-w- c:\winxp\system32\D3DCompiler_43.dll 2011-10-16 17:06:48 470880 ----a-w- c:\winxp\system32\d3dx10_43.dll 2011-10-16 17:06:48 248672 ----a-w- c:\winxp\system32\d3dx11_43.dll 2011-10-16 17:06:48 1868128 ----a-w- c:\winxp\system32\d3dcsx_43.dll 2011-10-16 17:06:47 1998168 ----a-w- c:\winxp\system32\D3DX9_43.dll 2011-10-16 16:40:09 -------- d-----w- c:\documents and settings\nookia\application data\NVIDIA 2011-10-11 15:47:15 74072 ----a-w- c:\winxp\system32\XAPOFX1_4.dll 2011-10-11 15:47:15 528216 ----a-w- c:\winxp\system32\XAudio2_6.dll 2011-10-11 15:47:15 238936 ----a-w- c:\winxp\system32\xactengine3_6.dll 2011-10-11 15:47:14 22360 ----a-w- c:\winxp\system32\X3DAudio1_7.dll 2011-10-10 04:09:40 4550304 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll 2011-10-07 05:33:50 -------- d-----w- c:\program files\HHD Software 2011-10-06 03:54:14 -------- d-----w- c:\documents and settings\nookia\application data\fretsonfire 2011-10-06 03:53:56 -------- d-----w- c:\program files\Frets on Fire 2011-10-04 03:14:25 -------- d-----w- c:\program files\Activision 2011-10-04 02:58:01 -------- d-----w- c:\documents and settings\nookia\local settings\application data\Activision 2011-10-04 02:41:11 -------- d-sh--w- c:\winxp\ftpcache 2011-10-02 08:56:03 -------- d-----w- c:\documents and settings\all users\application data\NexonUS 2011-10-02 04:17:27 -------- d-----w- c:\program files\Acoustica Shared Effects 2011-10-02 04:08:09 -------- d-----w- c:\documents and settings\all users\application data\Acoustica 2011-10-02 04:07:33 -------- d-----w- c:\program files\Acoustica Mixcraft 5 2011-10-01 15:51:06 -------- d-----w- c:\program files\ASIO4ALL v2 2011-10-01 15:50:50 225280 ----a-w- c:\winxp\system32\rewire.dll 2011-10-01 15:50:50 -------- d-----w- c:\program files\VstPlugins 2011-10-01 15:50:43 1554944 ----a-w- c:\winxp\system32\vorbis.acm 2011-10-01 15:50:39 -------- d-----w- c:\program files\Outsim 2011-10-01 15:47:09 -------- d-----w- c:\program files\Image-Line 2011-10-01 15:47:04 1700352 ----a-w- c:\winxp\system32\gdiplus.dll 2011-10-01 15:44:42 -------- d-----w- c:\program files\FL Studio 2011-09-30 13:34:35 -------- d-----w- c:\documents and settings\all users\application data\Electronic Arts 2011-09-30 13:34:35 -------- d-----w- c:\documents and settings\all users\application data\EA Core 2011-09-30 13:32:51 447752 ----a-r- c:\winxp\system32\vp6vfw.dll 2011-09-30 13:32:50 -------- d-----w- c:\program files\Microsoft WSE 2011-09-29 10:46:57 -------- d-----w- c:\documents and settings\nookia\local settings\application data\Firaxis Games 2011-09-29 09:39:02 -------- d-----w- c:\winxp\system32\XPSViewer 2011-09-29 01:58:32 89088 ----a-w- c:\winxp\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll 2011-09-29 01:58:10 89088 -c----w- c:\winxp\system32\dllcache\filterpipelineprintproc.dll 2011-09-29 01:58:10 117760 ------w- c:\winxp\system32\prntvpt.dll 2011-09-29 01:58:09 597504 -c----w- c:\winxp\system32\dllcache\printfilterpipelinesvc.exe 2011-09-29 01:58:09 597504 ------w- c:\winxp\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2011-09-29 01:58:09 575488 -c----w- c:\winxp\system32\dllcache\xpsshhdr.dll 2011-09-29 01:58:09 575488 ------w- c:\winxp\system32\xpsshhdr.dll 2011-09-29 01:58:09 1676288 -c----w- c:\winxp\system32\dllcache\xpssvcs.dll 2011-09-29 01:58:09 1676288 ------w- c:\winxp\system32\xpssvcs.dll 2011-09-29 01:58:09 -------- d-----w- C:\3f9d14be43711397db9ffd31043f28bc 2011-09-29 01:54:54 -------- d-----w- C:\cc6b51d250c0cea3656f1fb210 2011-09-29 01:54:37 -------- d-----w- C:\02798d8739b357d4a4b0e2 2011-09-28 17:31:03 -------- d-----w- C:\7beff02027e3d28540fca470 2011-09-26 16:11:53 -------- d-----w- c:\program files\common files\Steam . ==================== Find3M ==================== . 2011-10-23 02:12:11 414368 ----a-w- c:\winxp\system32\FlashPlayerCPLApp.cpl 2011-10-16 18:20:04 444952 ----a-w- c:\winxp\system32\wrap_oal.dll 2011-10-16 18:20:04 109080 ----a-w- c:\winxp\system32\OpenAL32.dll 2011-09-10 02:42:04 73728 ----a-w- c:\winxp\system32\javacpl.cpl 2011-09-10 02:42:03 472808 ----a-w- c:\winxp\system32\deployJava1.dll . ============= FINISH: 20:34:17.51 =============== Your computer has keygens, which are a form of software piracy. What is so bad about Cracks, Hacks, Pirated software, warez, or Keygens? Most popular cracks or keygens I see, are for Adobe CS3, a lot of different games, Nero, Kaspersky antivirus, and much more. All of these cracks and keygens have what is called "cloaked malware," which is a form of spyware or viruses or trojans that hide themselves inside the keygen or crack files. Most hacks for games that come in the form of a program or installer, will also be infected. It is the opportunity for attackers to present a seemingly safe situation where the opportunity to steal something is in play, while the malware infects your system in the process. Yes, it will install what you were looking for, but also allow malware to potentially take control of your computer. Lastly, it is illegal. I will counsel you that we do not report such incidents. However, it is not good practice to pirate software. Please visit this webpage for a tutorial on downloading and running ComboFix: http://www.bleepingcomputer.com/combofix/how-to-use-combofix See the area: Using ComboFix, and when done, post the log back here. Quote from: DragonMaster Jay on October 26, 2011, 09:37:41 AM Your computer has keygens, which are a form of software piracy. What is so bad about Cracks, Hacks, Pirated software, warez, or Keygens?Thank You for your effort in replying my issue. I can see now that the cracks and keygen could have malware hidden in them. I will try not to pirate anymore software from now. But I still don't know how does that involves with the System Idle Process eating all the CPU ? Have you ever experienced these kinds of issue before ? I mean issue about the System Idle Process things because I mostly see it goes with svchost.exe instead. And here are the combofix log ComboFix 11-10-26.03 - Nookia 10/26/2011 23:07:22.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.874.66.1033.18.3327.2604 [GMT 7:00] Running from: c:\documents and settings\Nookia\Desktop\ComboFix.exe . . ((((((((((((((((((((((((( Files Created from 2011-09-26 to 2011-10-26 ))))))))))))))))))))))))))))))) . . 2011-10-26 14:01 . 2011-10-26 14:01 -------- d-----w- c:\program files\Defraggler 2011-10-26 09:33 . 2011-10-26 09:33 -------- d-----w- c:\documents and settings\Nookia\Application Data\Malwarebytes 2011-10-26 09:32 . 2011-10-26 09:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-10-26 09:32 . 2011-10-26 09:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-26 09:32 . 2011-08-31 10:00 22216 ----a-w- c:\winxp\system32\drivers\mbam.sys 2011-10-26 09:09 . 2011-10-26 09:09 -------- d-----w- c:\documents and settings\Guest\Local Settings\Application Data\Activision 2011-10-26 08:59 . 2011-10-26 08:59 -------- d-----w- c:\documents and settings\Guest\Local Settings\Application Data\SKIDROW 2011-10-26 08:57 . 2011-10-26 08:57 -------- d-----w- c:\documents and settings\Guest\Local Settings\Application Data\My Games 2011-10-25 12:30 . 2011-10-25 12:30 -------- d-----w- C:\Log 2011-10-25 10:19 . 2011-10-25 10:19 -------- d-----w- c:\winxp\EA Sports FIFA Online 2 2011-10-25 10:19 . 2011-10-25 10:19 -------- d-----w- C:\Joy2Key 2011-10-24 11:10 . 2011-10-25 08:18 -------- d-----w- c:\program files\KONAMI 2011-10-18 02:29 . 2011-10-18 02:29 39424 ----a-w- c:\winxp\LZService.exe 2011-10-18 02:28 . 2009-10-05 19:47 132880 ----a-w- c:\winxp\system32\MSINET.OCX 2011-10-16 17:06 . 2010-06-01 21:55 74072 ----a-w- c:\winxp\system32\XAPOFX1_5.dll 2011-10-16 17:06 . 2010-06-01 21:55 527192 ----a-w- c:\winxp\system32\XAudio2_7.dll 2011-10-16 17:06 . 2010-06-01 21:55 239960 ----a-w- c:\winxp\system32\xactengine3_7.dll 2011-10-16 17:06 . 2010-05-26 04:41 2106216 ----a-w- c:\winxp\system32\D3DCompiler_43.dll 2011-10-16 17:06 . 2010-05-26 04:41 470880 ----a-w- c:\winxp\system32\d3dx10_43.dll 2011-10-16 17:06 . 2010-05-26 04:41 248672 ----a-w- c:\winxp\system32\d3dx11_43.dll 2011-10-16 17:06 . 2010-05-26 04:41 1868128 ----a-w- c:\winxp\system32\d3dcsx_43.dll 2011-10-16 17:06 . 2010-05-26 04:41 1998168 ----a-w- c:\winxp\system32\D3DX9_43.dll 2011-10-16 16:40 . 2011-10-16 16:40 -------- d-----w- c:\documents and settings\Nookia\Application Data\NVIDIA 2011-10-11 15:47 . 2010-02-04 03:01 74072 ----a-w- c:\winxp\system32\XAPOFX1_4.dll 2011-10-11 15:47 . 2010-02-04 03:01 528216 ----a-w- c:\winxp\system32\XAudio2_6.dll 2011-10-11 15:47 . 2010-02-04 03:01 238936 ----a-w- c:\winxp\system32\xactengine3_6.dll 2011-10-11 15:47 . 2010-02-04 03:01 22360 ----a-w- c:\winxp\system32\X3DAudio1_7.dll 2011-10-10 04:09 . 2011-10-10 04:09 4550304 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2011-10-07 05:33 . 2011-10-07 05:33 -------- d-----w- c:\program files\HHD Software 2011-10-06 03:54 . 2011-10-06 03:56 -------- d-----w- c:\documents and settings\Nookia\Application Data\fretsonfire 2011-10-06 03:53 . 2011-10-06 03:54 -------- d-----w- c:\program files\Frets on Fire 2011-10-04 03:14 . 2011-10-04 03:14 -------- d-----w- c:\program files\Activision 2011-10-04 02:58 . 2011-10-06 00:35 -------- d-----w- c:\documents and settings\Nookia\Local Settings\Application Data\Activision 2011-10-04 02:41 . 2011-10-04 02:41 -------- d-sh--w- c:\winxp\ftpcache 2011-10-02 08:56 . 2011-10-02 08:56 -------- d-----w- c:\documents and settings\All Users\Application Data\NexonUS 2011-10-02 04:17 . 2011-10-02 04:17 -------- d-----w- c:\program files\Acoustica Shared Effects 2011-10-02 04:08 . 2011-10-02 04:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Acoustica 2011-10-02 04:07 . 2011-10-02 04:22 -------- d-----w- c:\program files\Acoustica Mixcraft 5 2011-10-01 15:51 . 2011-10-01 15:51 -------- d-----w- c:\program files\ASIO4ALL v2 2011-10-01 15:50 . 2011-10-01 15:50 -------- d-----w- c:\program files\VstPlugins 2011-10-01 15:50 . 2006-06-20 08:56 225280 ----a-w- c:\winxp\system32\rewire.dll 2011-10-01 15:50 . 2009-09-15 09:14 1554944 ----a-w- c:\winxp\system32\vorbis.acm 2011-10-01 15:50 . 2011-10-01 15:50 -------- d-----w- c:\program files\Outsim 2011-10-01 15:47 . 2011-10-01 15:50 -------- d-----w- c:\program files\Image-Line 2011-10-01 15:47 . 2011-10-01 15:47 1700352 ----a-w- c:\winxp\system32\gdiplus.dll 2011-10-01 15:44 . 2011-10-01 15:45 -------- d-----w- c:\program files\FL Studio 2011-09-30 13:34 . 2011-09-30 13:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts 2011-09-30 13:34 . 2011-09-30 13:34 -------- d-----w- c:\documents and settings\All Users\Application Data\EA Core 2011-09-30 13:32 . 2010-11-23 00:09 447752 ----a-r- c:\winxp\system32\vp6vfw.dll 2011-09-30 13:32 . 2011-09-30 13:32 -------- d-----w- c:\program files\Microsoft WSE 2011-09-29 10:46 . 2011-09-29 10:46 -------- d-----w- c:\documents and settings\Nookia\Local Settings\Application Data\Firaxis Games 2011-09-29 09:39 . 2011-09-29 09:39 -------- d-----w- c:\winxp\system32\XPSViewer 2011-09-29 01:58 . 2011-09-29 01:58 -------- d-----w- c:\program files\Reference Assemblies 2011-09-29 01:58 . 2008-07-06 12:06 89088 ----a-w- c:\winxp\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll 2011-09-29 01:58 . 2008-07-06 12:06 89088 -c----w- c:\winxp\system32\dllcache\filterpipelineprintproc.dll 2011-09-29 01:58 . 2008-07-06 12:06 117760 ------w- c:\winxp\system32\prntvpt.dll 2011-09-29 01:58 . 2011-09-29 01:58 -------- d-----w- C:\3f9d14be43711397db9ffd31043f28bc 2011-09-29 01:58 . 2008-07-06 12:06 575488 -c----w- c:\winxp\system32\dllcache\xpsshhdr.dll 2011-09-29 01:58 . 2008-07-06 12:06 575488 ------w- c:\winxp\system32\xpsshhdr.dll 2011-09-29 01:58 . 2008-07-06 12:06 1676288 -c----w- c:\winxp\system32\dllcache\xpssvcs.dll 2011-09-29 01:58 . 2008-07-06 12:06 1676288 ------w- c:\winxp\system32\xpssvcs.dll 2011-09-29 01:58 . 2008-07-06 10:50 597504 -c----w- c:\winxp\system32\dllcache\printfilterpipelinesvc.exe 2011-09-29 01:58 . 2008-07-06 10:50 597504 ------w- c:\winxp\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2011-09-29 01:54 . 2011-09-29 01:54 -------- d-----w- C:\cc6b51d250c0cea3656f1fb210 2011-09-29 01:54 . 2011-09-29 04:17 -------- d-----w- C:\02798d8739b357d4a4b0e2 2011-09-28 17:31 . 2011-09-28 17:53 -------- d-----w- C:\7beff02027e3d28540fca470 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-23 02:12 . 2011-09-10 01:59 414368 ----a-w- c:\winxp\system32\FlashPlayerCPLApp.cpl 2011-10-16 18:20 . 2011-06-24 13:11 444952 ----a-w- c:\winxp\system32\wrap_oal.dll 2011-10-16 18:20 . 2011-06-24 13:11 109080 ----a-w- c:\winxp\system32\OpenAL32.dll 2011-09-10 02:42 . 2011-09-10 02:42 73728 ----a-w- c:\winxp\system32\javacpl.cpl 2011-09-10 02:42 . 2011-09-10 02:42 472808 ----a-w- c:\winxp\system32\deployJava1.dll 2011-10-02 23:36 . 2011-05-16 09:54 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2010-09-16 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\winxp\system32\dllcache\tcpip.sys [-] 2010-09-16 . A5BC817BB84DCB9E71719FF868144124 . 361600 . . [5.1.2600.5625] . . c:\winxp\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KzShlobj] ="{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2}" [HKEY_CLASSES_ROOT\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2}] 2011-08-31 02:21 224288 ----a-w- c:\program files\ฟ์ัน\KZipShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "FlashGet 3"="c:\program files\FlashGet Network\FlashGet 3\FlashGet3.exe" [2009-12-22 2127408] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\winxp\system32\NvMcTray.dll" [2010-10-16 110696] "NvCplDaemon"="c:\winxp\system32\NvCpl.dll" [2010-10-16 13851752] "IMJPMIG8.1"="c:\winxp\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] "PHIME2002ASync"="c:\winxp\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "PHIME2002A"="c:\winxp\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "RTHDCPL"="RTHDCPL.EXE" [2008-11-17 17676288] "Six Engine"="c:\program files\ASUS\EPU-4 Engine\FourEngine.exe" [2008-07-23 5625344] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "NeroFilterCheck"="c:\winxp\system32\NeroCheck.exe" [2001-07-09 155648] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-09-20 801792] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-21 406992] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\winxp\system32\CTFMON.EXE" [2008-04-14 15360] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Documents and Settings\\Nookia\\My Documents\\Downloads\\Software\\Setup-MsgPlus-501.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "d:\\Starcraft\\StarCraft.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "d:\\Warcraft III\\Warcraft III.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2012\\pes2012.exe"= "d:\\Games\\EA Sports\\FIFA Online 2\\FF2Client.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6112:TCP"= 6112:TCP:Thaicybergames . R0 mv61xx;mv61xx;c:\winxp\system32\drivers\mv61xx.sys [3/2/2011 3:45 PM 159024] R0 mv61xxmm;mv61xxmm;c:\winxp\system32\drivers\mv61xxmm.sys [3/2/2011 3:45 PM 13616] R0 mv64xxmm;mv64xxmm;c:\winxp\system32\drivers\mv64xxmm.sys [3/2/2011 3:45 PM 5632] R0 mvxxmm;mvxxmm;c:\winxp\system32\drivers\mvxxmm.sys [3/2/2011 3:45 PM 13616] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\winxp\system32\drivers\dtsoftbus01.sys [5/16/2011 5:19 PM 218688] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [10/26/2011 4:32 PM 366152] R2 SddSUpdate;SddSUpdate;c:\program files\SddSUpdate\SddSUpdate.exe [9/27/2011 9:47 AM 466440] R3 MBAMProtector;MBAMProtector;c:\winxp\system32\drivers\mbam.sys [10/26/2011 4:32 PM 22216] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\winxp\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/30/2011 1:18 PM 136176] S3 1394hub;1394 Enabled Hub;c:\winxp\system32\svchost.exe -k netsvcs [4/14/2008 5:00 PM 14336] S3 Ambfilt;Ambfilt;c:\winxp\system32\drivers\Ambfilt.sys [5/16/2011 10:45 PM 1684736] S3 dump_wmimmc;dump_wmimmc;\??\d:\games\EA Sports\FIFA Online 2\GameGuard\dump_wmimmc.sys --> d:\games\EA Sports\FIFA Online 2\GameGuard\dump_wmimmc.sys [?] S3 EagleXNt;EagleXNt;\??\c:\winxp\system32\drivers\EagleXNt.sys --> c:\winxp\system32\drivers\EagleXNt.sys [?] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena Classic\safedrv.sys --> c:\program files\Garena Classic\safedrv.sys [?] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/30/2011 1:18 PM 136176] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\winxp\system32\drivers\mbamswissarmy.sys --> c:\winxp\system32\drivers\mbamswissarmy.sys [?] S3 npggsvc;nProtect GameGuard Service;c:\winxp\system32\GameMon.des -service --> c:\winxp\system32\GameMon.des -service [?] S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\winxp\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504] S3 XDva385;XDva385;\??\c:\winxp\system32\XDva385.sys --> c:\winxp\system32\XDva385.sys [?] S3 XDva387;XDva387;\??\c:\winxp\system32\XDva387.sys --> c:\winxp\system32\XDva387.sys [?] . Contents of the 'Scheduled Tasks' folder . 2011-10-01 c:\winxp\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:57] . 2011-10-26 c:\winxp\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-30 06:18] . 2011-10-26 c:\winxp\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-30 06:18] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.co.th/ uInternet Settings,ProxyOverride = *.local IE: Download all by FlashGet3 - c:\documents and settings\Nookia\Application Data\FlashGetBHO\GetAllUrl.htm IE: Download by FlashGet3 - c:\documents and settings\Nookia\Application Data\FlashGetBHO\GetUrl.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: com.cn\*.cga Trusted Zone: kuaiche.com\software Trusted Zone: ogdev.net Trusted Zone: sdo.com TCP: Interfaces\{74B61D8C-FD92-4099-9703-D4AD44B5EB4C}: NameServer = 192.168.1.2,192.168.1.1 DPF: {2B6F3D45-8258-4A13-85B8-58C62DFDB4EA} - hxxps://secure1.playfps.com/play/ava/ax/WebLauncher.cab FF - ProfilePath - c:\documents and settings\Nookia\Application Data\Mozilla\Firefox\Profiles\msprhzcg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.th/ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-10-26 23:13 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\winxp\system32\GameMon.des -service" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(1092) c:\winxp\system32\WININET.dll c:\winxp\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll c:\program files\ฟ์ัน\KZipShell.dll c:\winxp\system32\ieframe.dll c:\winxp\system32\webcheck.dll c:\winxp\system32\WPDShServiceObj.dll c:\winxp\system32\PortableDeviceTypes.dll c:\winxp\system32\PortableDeviceApi.dll . Completion time: 2011-10-26 23:14:49 ComboFix-quarantined-files.txt 2011-10-26 16:14 . Pre-Run: 37,932,589,056 bytes free Post-Run: 38,512,857,088 bytes free . - - End Of File - - 5ACDDA9150E00B7F4D5779A0A3F8259B As you can see there's this Chinese threat "KZipShell.dll" which I can't delete it, working under explorer.exe. I'm not sure if it is the reason which effecting my System Idle Process. But I'm quite sure it is some kind of threat to my computer. :/ Here is where I got information from http://www.threatexpert.com/report.aspx?md5=d1975c00385cb9c9d11d17289ae34d0e I have detected various IPs from Malwarebytes protection log too. 77.78.224.33 89.28.85.132 208.91.207.10 91.197.237.17 109.235.55.11 194.54.80.150 62.45.3.198 222.65.184.25 212.117.164.209 There are MANY more but I'm tired of copying and paste them. D: Thank You so far by the way, appreciated 'cheers' The System Idle Process indicates there are no more runnable threads for the CPU. It sticks up at highest usage, because it is considered "ready". It goes down automatically when new threads are created. It does not matter how high or low the System Idle Process runs, because all that shows is that your system is at an idle state. Let's check one more thing... Please download TDSSKiller from here and save it to your Desktop. 
 And here are the logs no threat found 00:16:16.0687 1280 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21 00:16:17.0500 1280 ============================================================ 00:16:17.0500 1280 Current date / time: 2011/10/27 00:16:17.0500 00:16:17.0500 1280 SystemInfo: 00:16:17.0500 1280 00:16:17.0500 1280 OS Version: 5.1.2600 ServicePack: 3.0 00:16:17.0500 1280 Product type: Workstation 00:16:17.0500 1280 ComputerName: LARCTH 00:16:17.0500 1280 UserName: Nookia 00:16:17.0500 1280 Windows directory: C:\WINXP 00:16:17.0500 1280 System windows directory: C:\WINXP 00:16:17.0500 1280 Processor architecture: Intel x86 00:16:17.0500 1280 Number of processors: 2 00:16:17.0500 1280 Page size: 0x1000 00:16:17.0500 1280 Boot type: Normal boot 00:16:17.0500 1280 ============================================================ 00:16:18.0484 1280 Initialize success 00:16:33.0609 0852 ============================================================ 00:16:33.0609 0852 Scan started 00:16:33.0609 0852 Mode: Manual; 00:16:33.0609 0852 ============================================================ 00:16:34.0671 0852 1394hub - ok 00:16:34.0687 0852 Abiosdsk - ok 00:16:34.0687 0852 abp480n5 - ok 00:16:34.0718 0852 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINXP\system32\DRIVERS\ACPI.sys 00:16:34.0718 0852 ACPI - ok 00:16:34.0750 0852 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINXP\system32\drivers\ACPIEC.sys 00:16:34.0765 0852 ACPIEC - ok 00:16:34.0765 0852 adpu160m - ok 00:16:34.0796 0852 aec (8bed39e3c35d6a489438b8141717a557) C:\WINXP\system32\drivers\aec.sys 00:16:34.0796 0852 aec - ok 00:16:34.0812 0852 AFD (4d43e74f2a1239d53929b82600f1971c) C:\WINXP\System32\drivers\afd.sys 00:16:34.0812 0852 AFD - ok 00:16:34.0828 0852 Aha154x - ok 00:16:34.0828 0852 aic78u2 - ok 00:16:34.0843 0852 aic78xx - ok 00:16:34.0843 0852 AliIde - ok 00:16:34.0906 0852 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINXP\system32\drivers\Ambfilt.sys 00:16:34.0906 0852 Ambfilt - ok 00:16:34.0921 0852 amsint - ok 00:16:34.0921 0852 asc - ok 00:16:34.0937 0852 asc3350p - ok 00:16:34.0937 0852 asc3550 - ok 00:16:34.0953 0852 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\WINXP\system32\drivers\AsIO.sys 00:16:34.0953 0852 AsIO - ok 00:16:35.0000 0852 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINXP\system32\DRIVERS\asyncmac.sys 00:16:35.0000 0852 AsyncMac - ok 00:16:35.0015 0852 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINXP\system32\DRIVERS\atapi.sys 00:16:35.0015 0852 atapi - ok 00:16:35.0015 0852 Atdisk - ok 00:16:35.0046 0852 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINXP\system32\DRIVERS\atmarpc.sys 00:16:35.0046 0852 Atmarpc - ok 00:16:35.0078 0852 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINXP\system32\DRIVERS\audstub.sys 00:16:35.0078 0852 audstub - ok 00:16:35.0109 0852 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINXP\system32\drivers\Beep.sys 00:16:35.0109 0852 Beep - ok 00:16:35.0140 0852 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINXP\system32\DRIVERS\BrScnUsb.sys 00:16:35.0140 0852 BrScnUsb - ok 00:16:35.0218 0852 catchme - ok 00:16:35.0250 0852 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINXP\system32\drivers\cbidf2k.sys 00:16:35.0250 0852 cbidf2k - ok 00:16:35.0265 0852 cd20xrnt - ok 00:16:35.0265 0852 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINXP\system32\drivers\Cdaudio.sys 00:16:35.0265 0852 Cdaudio - ok 00:16:35.0312 0852 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINXP\system32\drivers\Cdfs.sys 00:16:35.0312 0852 Cdfs - ok 00:16:35.0359 0852 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINXP\system32\DRIVERS\cdrom.sys 00:16:35.0359 0852 Cdrom - ok 00:16:35.0390 0852 Changer - ok 00:16:35.0390 0852 CmdIde - ok 00:16:35.0406 0852 Cpqarray - ok 00:16:35.0437 0852 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\WINXP\system32\drivers\cpuz135_x32.sys 00:16:35.0437 0852 cpuz135 - ok 00:16:35.0437 0852 dac2w2k - ok 00:16:35.0453 0852 dac960nt - ok 00:16:35.0453 0852 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINXP\system32\DRIVERS\disk.sys 00:16:35.0453 0852 Disk - ok 00:16:35.0515 0852 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINXP\system32\drivers\dmboot.sys 00:16:35.0515 0852 dmboot - ok 00:16:35.0515 0852 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINXP\system32\drivers\dmio.sys 00:16:35.0515 0852 dmio - ok 00:16:35.0546 0852 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINXP\system32\drivers\dmload.sys 00:16:35.0546 0852 dmload - ok 00:16:35.0578 0852 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINXP\system32\drivers\DMusic.sys 00:16:35.0578 0852 DMusic - ok 00:16:35.0593 0852 dpti2o - ok 00:16:35.0593 0852 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINXP\system32\drivers\drmkaud.sys 00:16:35.0593 0852 drmkaud - ok 00:16:35.0640 0852 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINXP\system32\DRIVERS\dtsoftbus01.sys 00:16:35.0640 0852 dtsoftbus01 - ok 00:16:35.0781 0852 dump_wmimmc - ok 00:16:35.0781 0852 EagleXNt - ok 00:16:35.0843 0852 Fastfat (38d332a6d56af32635675f132548343e) C:\WINXP\system32\drivers\Fastfat.sys 00:16:35.0843 0852 Fastfat - ok 00:16:35.0859 0852 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINXP\system32\drivers\Fdc.sys 00:16:35.0859 0852 Fdc - ok 00:16:35.0875 0852 FIPS (d45926117eb9fa946a6af572fbe1caa3) C:\WINXP\system32\drivers\Fips.sys 00:16:35.0890 0852 Fips - ok 00:16:35.0890 0852 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINXP\system32\drivers\Flpydisk.sys 00:16:35.0890 0852 Flpydisk - ok 00:16:35.0921 0852 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINXP\system32\DRIVERS\fltMgr.sys 00:16:35.0921 0852 FltMgr - ok 00:16:35.0953 0852 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINXP\system32\drivers\Fs_Rec.sys 00:16:35.0953 0852 Fs_Rec - ok 00:16:35.0953 0852 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINXP\system32\DRIVERS\ftdisk.sys 00:16:35.0953 0852 Ftdisk - ok 00:16:35.0984 0852 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINXP\system32\DRIVERS\GEARAspiWDM.sys 00:16:35.0984 0852 GEARAspiWDM - ok 00:16:36.0015 0852 GGSAFERDriver - ok 00:16:36.0062 0852 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINXP\system32\DRIVERS\msgpc.sys 00:16:36.0062 0852 Gpc - ok 00:16:36.0093 0852 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINXP\system32\DRIVERS\HDAudBus.sys 00:16:36.0093 0852 HDAudBus - ok 00:16:36.0140 0852 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINXP\system32\DRIVERS\hidusb.sys 00:16:36.0140 0852 hidusb - ok 00:16:36.0156 0852 hpn - ok 00:16:36.0187 0852 HTTP (937031c085718c1c04a9c0864625ec6b) C:\WINXP\system32\Drivers\HTTP.sys 00:16:36.0187 0852 HTTP - ok 00:16:36.0187 0852 i2omgmt - ok 00:16:36.0203 0852 i2omp - ok 00:16:36.0218 0852 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINXP\system32\DRIVERS\i8042prt.sys 00:16:36.0218 0852 i8042prt - ok 00:16:36.0234 0852 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINXP\system32\DRIVERS\imapi.sys 00:16:36.0234 0852 Imapi - ok 00:16:36.0234 0852 ini910u - ok 00:16:36.0328 0852 IntcAzAudAddService (fb4293b1eab313c28d4a1b8db61aca72) C:\WINXP\system32\drivers\RtkHDAud.sys 00:16:36.0359 0852 IntcAzAudAddService - ok 00:16:36.0437 0852 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINXP\system32\DRIVERS\intelide.sys 00:16:36.0437 0852 IntelIde - ok 00:16:36.0453 0852 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINXP\system32\DRIVERS\intelppm.sys 00:16:36.0453 0852 intelppm - ok 00:16:36.0468 0852 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINXP\system32\DRIVERS\Ip6Fw.sys 00:16:36.0468 0852 Ip6Fw - ok 00:16:36.0500 0852 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINXP\system32\DRIVERS\ipfltdrv.sys 00:16:36.0500 0852 IpFilterDriver - ok 00:16:36.0500 0852 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINXP\system32\DRIVERS\ipinip.sys 00:16:36.0500 0852 IpInIp - ok 00:16:36.0515 0852 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINXP\system32\DRIVERS\ipnat.sys 00:16:36.0515 0852 IpNat - ok 00:16:36.0531 0852 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINXP\system32\DRIVERS\ipsec.sys 00:16:36.0531 0852 IPSec - ok 00:16:36.0546 0852 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINXP\system32\DRIVERS\irenum.sys 00:16:36.0546 0852 IRENUM - ok 00:16:36.0562 0852 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINXP\system32\DRIVERS\isapnp.sys 00:16:36.0562 0852 isapnp - ok 00:16:36.0593 0852 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINXP\system32\DRIVERS\kbdclass.sys 00:16:36.0593 0852 Kbdclass - ok 00:16:36.0625 0852 kmixer (692bcf44383d056aed41b045a323d378) C:\WINXP\system32\drivers\kmixer.sys 00:16:36.0625 0852 kmixer - ok 00:16:36.0640 0852 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINXP\system32\drivers\KSecDD.sys 00:16:36.0640 0852 KSecDD - ok 00:16:36.0656 0852 L1e (fa46f5d09edf93e0c71fe6500fe3f4ae) C:\WINXP\system32\DRIVERS\l1e51x86.sys 00:16:36.0656 0852 L1e - ok 00:16:36.0656 0852 lbrtfdc - ok 00:16:36.0671 0852 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINXP\system32\drivers\mbam.sys 00:16:36.0671 0852 MBAMProtector - ok 00:16:36.0687 0852 MBAMSwissArmy - ok 00:16:36.0703 0852 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINXP\system32\drivers\mnmdd.sys 00:16:36.0703 0852 mnmdd - ok 00:16:36.0718 0852 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINXP\system32\drivers\Modem.sys 00:16:36.0718 0852 Modem - ok 00:16:36.0750 0852 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINXP\system32\drivers\Monfilt.sys 00:16:36.0765 0852 Monfilt - ok 00:16:36.0796 0852 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINXP\system32\DRIVERS\mouclass.sys 00:16:36.0796 0852 Mouclass - ok 00:16:36.0828 0852 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINXP\system32\DRIVERS\mouhid.sys 00:16:36.0828 0852 mouhid - ok 00:16:36.0843 0852 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINXP\system32\drivers\MountMgr.sys 00:16:36.0843 0852 MountMgr - ok 00:16:36.0859 0852 mraid35x - ok 00:16:36.0859 0852 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINXP\system32\DRIVERS\mrxdav.sys 00:16:36.0859 0852 MRxDAV - ok 00:16:36.0875 0852 MRxSmb (d09b9f0b9960dd41e73127b7814c115f) C:\WINXP\system32\DRIVERS\mrxsmb.sys 00:16:36.0875 0852 MRxSmb - ok 00:16:36.0890 0852 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINXP\system32\drivers\Msfs.sys 00:16:36.0890 0852 Msfs - ok 00:16:36.0921 0852 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINXP\system32\drivers\MSKSSRV.sys 00:16:36.0921 0852 MSKSSRV - ok 00:16:36.0953 0852 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINXP\system32\drivers\MSPCLOCK.sys 00:16:36.0953 0852 MSPCLOCK - ok 00:16:36.0968 0852 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINXP\system32\drivers\MSPQM.sys 00:16:36.0968 0852 MSPQM - ok 00:16:37.0015 0852 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINXP\system32\DRIVERS\mssmbios.sys 00:16:37.0015 0852 mssmbios - ok 00:16:37.0031 0852 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINXP\system32\DRIVERS\ASACPI.sys 00:16:37.0031 0852 MTsensor - ok 00:16:37.0046 0852 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINXP\system32\drivers\Mup.sys 00:16:37.0046 0852 Mup - ok 00:16:37.0046 0852 mv61xx (a4a61d30097c8adaad648ebe204d61ef) C:\WINXP\system32\DRIVERS\mv61xx.sys 00:16:37.0046 0852 mv61xx - ok 00:16:37.0078 0852 mv61xxmm (4578f2d91309bc360b4f67c8a513bc77) C:\WINXP\system32\drivers\mv61xxmm.sys 00:16:37.0078 0852 mv61xxmm - ok 00:16:37.0078 0852 mv64xxmm (6090786daa545a3ec7d34a46a8cd1661) C:\WINXP\system32\drivers\mv64xxmm.sys 00:16:37.0078 0852 mv64xxmm - ok 00:16:37.0093 0852 mvxxmm (f3376efec7d3fd00f577067ad2a0b194) C:\WINXP\system32\drivers\mvxxmm.sys 00:16:37.0093 0852 mvxxmm - ok 00:16:37.0093 0852 NDIS (1df7f42665c94b825322fae71721130d) C:\WINXP\system32\drivers\NDIS.sys 00:16:37.0109 0852 NDIS - ok 00:16:37.0109 0852 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINXP\system32\DRIVERS\ndistapi.sys 00:16:37.0109 0852 NdisTapi - ok 00:16:37.0125 0852 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINXP\system32\DRIVERS\ndisuio.sys 00:16:37.0125 0852 Ndisuio - ok 00:16:37.0140 0852 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINXP\system32\DRIVERS\ndiswan.sys 00:16:37.0140 0852 NdisWan - ok 00:16:37.0140 0852 NDProxy (816460bd4b4acd27937d1d0813e2e9e9) C:\WINXP\system32\drivers\NDProxy.sys 00:16:37.0140 0852 NDProxy - ok 00:16:37.0156 0852 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINXP\system32\DRIVERS\netbios.sys 00:16:37.0156 0852 NetBIOS - ok 00:16:37.0171 0852 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINXP\system32\DRIVERS\netbt.sys 00:16:37.0171 0852 NetBT - ok 00:16:37.0187 0852 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINXP\system32\drivers\Npfs.sys 00:16:37.0187 0852 Npfs - ok 00:16:37.0218 0852 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINXP\system32\npptNT2.sys 00:16:37.0234 0852 NPPTNT2 - ok 00:16:37.0250 0852 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINXP\system32\drivers\Ntfs.sys 00:16:37.0265 0852 Ntfs - ok 00:16:37.0296 0852 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINXP\system32\drivers\Null.sys 00:16:37.0296 0852 Null - ok 00:16:37.0484 0852 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINXP\system32\DRIVERS\nv4_mini.sys 00:16:37.0531 0852 nv - ok 00:16:37.0546 0852 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINXP\system32\DRIVERS\nwlnkflt.sys 00:16:37.0546 0852 NwlnkFlt - ok 00:16:37.0562 0852 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINXP\system32\DRIVERS\nwlnkfwd.sys 00:16:37.0562 0852 NwlnkFwd - ok 00:16:37.0578 0852 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINXP\system32\drivers\Parport.sys 00:16:37.0578 0852 Parport - ok 00:16:37.0609 0852 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINXP\system32\drivers\PartMgr.sys 00:16:37.0609 0852 PartMgr - ok 00:16:37.0640 0852 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINXP\system32\drivers\ParVdm.sys 00:16:37.0640 0852 ParVdm - ok 00:16:37.0656 0852 PCI (a219903ccf74233761d92bef471a07b1) C:\WINXP\system32\DRIVERS\pci.sys 00:16:37.0656 0852 PCI - ok 00:16:37.0656 0852 PCIDump - ok 00:16:37.0671 0852 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINXP\system32\drivers\PCIIde.sys 00:16:37.0671 0852 PCIIde - ok 00:16:37.0687 0852 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINXP\system32\drivers\Pcmcia.sys 00:16:37.0687 0852 Pcmcia - ok 00:16:37.0703 0852 PDCOMP - ok 00:16:37.0703 0852 PDFRAME - ok 00:16:37.0703 0852 PDRELI - ok 00:16:37.0718 0852 PDRFRAME - ok 00:16:37.0718 0852 perc2 - ok 00:16:37.0734 0852 perc2hib - ok 00:16:37.0750 0852 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINXP\system32\DRIVERS\raspptp.sys 00:16:37.0750 0852 PptpMiniport - ok 00:16:37.0765 0852 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINXP\system32\DRIVERS\psched.sys 00:16:37.0765 0852 PSched - ok 00:16:37.0765 0852 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINXP\system32\DRIVERS\ptilink.sys 00:16:37.0765 0852 Ptilink - ok 00:16:37.0796 0852 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\WINXP\system32\Drivers\PxHelp20.sys 00:16:37.0796 0852 PxHelp20 - ok 00:16:37.0796 0852 ql1080 - ok 00:16:37.0812 0852 Ql10wnt - ok 00:16:37.0812 0852 ql12160 - ok 00:16:37.0812 0852 ql1240 - ok 00:16:37.0828 0852 ql1280 - ok 00:16:37.0843 0852 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINXP\system32\DRIVERS\rasacd.sys 00:16:37.0843 0852 RasAcd - ok 00:16:37.0859 0852 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINXP\system32\DRIVERS\rasl2tp.sys 00:16:37.0859 0852 Rasl2tp - ok 00:16:37.0875 0852 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINXP\system32\DRIVERS\raspppoe.sys 00:16:37.0875 0852 RasPppoe - ok 00:16:37.0875 0852 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINXP\system32\DRIVERS\raspti.sys 00:16:37.0875 0852 Raspti - ok 00:16:37.0890 0852 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINXP\system32\DRIVERS\rdbss.sys 00:16:37.0890 0852 Rdbss - ok 00:16:37.0906 0852 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINXP\system32\DRIVERS\RDPCDD.sys 00:16:37.0906 0852 RDPCDD - ok 00:16:37.0937 0852 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINXP\system32\DRIVERS\rdpdr.sys 00:16:37.0937 0852 rdpdr - ok 00:16:37.0968 0852 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINXP\system32\drivers\RDPWD.sys 00:16:37.0968 0852 RDPWD - ok 00:16:38.0000 0852 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINXP\system32\DRIVERS\redbook.sys 00:16:38.0000 0852 redbook - ok 00:16:38.0046 0852 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINXP\system32\DRIVERS\secdrv.sys 00:16:38.0046 0852 Secdrv - ok 00:16:38.0046 0852 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINXP\system32\DRIVERS\serenum.sys 00:16:38.0046 0852 serenum - ok 00:16:38.0062 0852 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINXP\system32\DRIVERS\serial.sys 00:16:38.0062 0852 Serial - ok 00:16:38.0093 0852 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINXP\system32\drivers\Sfloppy.sys 00:16:38.0093 0852 Sfloppy - ok 00:16:38.0093 0852 Simbad - ok 00:16:38.0125 0852 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINXP\system32\DRIVERS\SONYPVU1.SYS 00:16:38.0125 0852 SONYPVU1 - ok 00:16:38.0125 0852 Sparrow - ok 00:16:38.0156 0852 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINXP\system32\drivers\splitter.sys 00:16:38.0156 0852 splitter - ok 00:16:38.0203 0852 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINXP\system32\DRIVERS\sr.sys 00:16:38.0203 0852 sr - ok 00:16:38.0218 0852 Srv (70cd8b8dd2a680b128617c19eb0ab94f) C:\WINXP\system32\DRIVERS\srv.sys 00:16:38.0218 0852 Srv - ok 00:16:38.0250 0852 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINXP\system32\DRIVERS\swenum.sys 00:16:38.0250 0852 swenum - ok 00:16:38.0265 0852 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINXP\system32\drivers\swmidi.sys 00:16:38.0265 0852 swmidi - ok 00:16:38.0265 0852 symc810 - ok 00:16:38.0281 0852 symc8xx - ok 00:16:38.0281 0852 sym_hi - ok 00:16:38.0281 0852 sym_u3 - ok 00:16:38.0312 0852 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINXP\system32\drivers\sysaudio.sys 00:16:38.0312 0852 sysaudio - ok 00:16:38.0375 0852 Tcpip (a5bc817bb84dcb9e71719ff868144124) C:\WINXP\system32\DRIVERS\tcpip.sys 00:16:38.0375 0852 Tcpip - ok 00:16:38.0390 0852 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINXP\system32\drivers\TDPIPE.sys 00:16:38.0390 0852 TDPIPE - ok 00:16:38.0437 0852 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINXP\system32\drivers\TDTCP.sys 00:16:38.0437 0852 TDTCP - ok 00:16:38.0453 0852 TermDD (88155247177638048422893737429d9e) C:\WINXP\system32\DRIVERS\termdd.sys 00:16:38.0453 0852 TermDD - ok 00:16:38.0468 0852 TosIde - ok 00:16:38.0500 0852 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINXP\system32\drivers\Udfs.sys 00:16:38.0500 0852 Udfs - ok 00:16:38.0500 0852 ultra - ok 00:16:38.0515 0852 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINXP\system32\DRIVERS\update.sys 00:16:38.0515 0852 Update - ok 00:16:38.0562 0852 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINXP\system32\Drivers\usbaapl.sys 00:16:38.0562 0852 USBAAPL - ok 00:16:38.0593 0852 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINXP\system32\DRIVERS\usbccgp.sys 00:16:38.0593 0852 usbccgp - ok 00:16:38.0609 0852 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINXP\system32\DRIVERS\usbehci.sys 00:16:38.0609 0852 usbehci - ok 00:16:38.0640 0852 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINXP\system32\DRIVERS\usbhub.sys 00:16:38.0640 0852 usbhub - ok 00:16:38.0640 0852 usbprint (a717c8721046828520c9edf31288fc00) C:\WINXP\system32\DRIVERS\usbprint.sys 00:16:38.0640 0852 usbprint - ok 00:16:38.0656 0852 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINXP\system32\DRIVERS\usbscan.sys 00:16:38.0656 0852 usbscan - ok 00:16:38.0671 0852 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINXP\system32\DRIVERS\USBSTOR.SYS 00:16:38.0671 0852 USBSTOR - ok 00:16:38.0671 0852 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINXP\system32\DRIVERS\usbuhci.sys 00:16:38.0671 0852 usbuhci - ok 00:16:38.0703 0852 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINXP\System32\drivers\vga.sys 00:16:38.0703 0852 VgaSave - ok 00:16:38.0703 0852 ViaIde - ok 00:16:38.0718 0852 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINXP\system32\drivers\VolSnap.sys 00:16:38.0718 0852 VolSnap - ok 00:16:38.0734 0852 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINXP\system32\DRIVERS\wanarp.sys 00:16:38.0734 0852 Wanarp - ok 00:16:38.0734 0852 WDICA - ok 00:16:38.0765 0852 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINXP\system32\drivers\wdmaud.sys 00:16:38.0765 0852 wdmaud - ok 00:16:38.0812 0852 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINXP\system32\DRIVERS\WudfPf.sys 00:16:38.0812 0852 WudfPf - ok 00:16:38.0828 0852 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINXP\system32\DRIVERS\wudfrd.sys 00:16:38.0828 0852 WudfRd - ok 00:16:38.0828 0852 XDva385 - ok 00:16:38.0843 0852 XDva387 - ok 00:16:38.0859 0852 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 00:16:38.0921 0852 \Device\Harddisk0\DR0 - ok 00:16:38.0921 0852 Boot (0x1200) (079d83d72b1c92bdb0051ab3dca0f6b6) \Device\Harddisk0\DR0\Partition0 00:16:38.0921 0852 \Device\Harddisk0\DR0\Partition0 - ok 00:16:38.0937 0852 Boot (0x1200) (1596dca7a70b9a6c10e78b2c1e299963) \Device\Harddisk0\DR0\Partition1 00:16:38.0937 0852 \Device\Harddisk0\DR0\Partition1 - ok 00:16:38.0937 0852 ============================================================ 00:16:38.0937 0852 Scan finished 00:16:38.0937 0852 ============================================================ 00:16:38.0953 1100 Detected object count: 0 00:16:38.0953 1100 Actual detected object count: 0 For example I'm currently running Civilization V The System idle Process hogs half of the CPU Usage, which shouldn't and never happened before. Img - http://upic.me/i/j2/cem51.jpg What strange is that the lag will come only when I'm actually playing the game, you know like when there are movements and graphic ? But when I'm on the main menu screen of the games, I just don't feel the lag. While the System Idle Process is hogging the CPU at the same amount in both situation. weird ehh ? :\ This problem goes to all of my game but strangely again it doesn't go with software like Photoshop CS5. It seems to work fine for me even though the System Idle is hogging over half of the CPU. Could this be some kind of graphic card problem instead ?In that screenshot, it clearly shows that 50% of the CPU is being used by Civilization V, and 50% is used by System Idle Process. The System Idle Process does not hog the CPU by any means. That is showing that 50% of the CPU is free to use. Start other programs that need to thread objects in the CPU and see if the Idle process goes down. It most likely will. That processor is lucky enough to even run Civilization V. IMO, that is not good enough. Civ. V needs either: A. Quad core processor at 1.8 GHz (required by the game makers) B. Dual core processor at 4.0 GHz (my own recommendation) The Minimum requirements on a game is specifically needed for the program to simply install and run at reduced functionality. However, the recommended requirements on a game is what the game is supposed to run at, in full functionality. If you're not running that game in a high-performance environment...expect trouble!FYI: I think you are seeing only 50% CPU usage because that program is not multithreaded (uses multiple cores).I have tried running Civilization V, Warcraft III, Starcraft all at the same time and during gameplay. The System Idle Process still keeps using 50-50 CPU when it should being used for either Starcraft or Warcraft III, but no luck. While War3 and Starcraft is running and uses some Memory, The CPU still goes for System Idle Process instead. http://upic.me/i/63/56wtf.jpg List by Memory Usage http://upic.me/i/7k/r0wth.jpg My Video settings of Civilization V (Default Setting) http://upic.me/i/m1/87omg.jpg I have used this setting since I installed the game and it worked just fine (smooth), until now its lag is killing me bad and if no solution could be find, I guess I will have to format my C and see if that works... If not the System Idle Process, what could be any other ? Because you see when game lags I just find out what's going on from Task Manager first and this is what I got. Could it be some kind of machine overheating ? I don't know now. ;/ Ps. It happens to Warcraft III also, not only the Civilization V, if you are trying to say my spec is too low for it. D: and is there anyway to force my computer to uses 99% of CPU on something and don't let it keep in idle state ? Thx alot though so far Did you notice in this screenshot that Warcraft 3 was not using the CPU: http://upic.me/i/63/56wtf.jpg ?? Explorer.exe is using 1%, System Idle at 49, and Civ V using 50. With 51% of the processor being used for Explorer and Civ V, the other 49% is free to use, occupied by the System Idle Process. You don't seem to understand this computing method. Either A: you don't believe my expertise, or B: you seriously think something is wrong with the Idle task in the Task Manager. Allow me to quote for you the explanation of the System Idle process so you kindly understand here: Quote ...the System Idle Process contains one or more kernel threads which run when no other runnable thread can be scheduled on a CPU. For example, there may be no runnable thread in the system, or all runnable threads are already running on a different CPU. In a multiprocessor system, there is one idle thread associated with each CPU. Read articles for backupo references, please: http://en.wikipedia.org/wiki/System_Idle_Process and http://en.wikipedia.org/wiki/Idle_task | |