Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


ProcessUsage.exe stopped running and CPU 100% since I open my computer

  • This topic is locked This topic is locked
3 replies to this topic

#1 veronMC


  • Members
  • 8 posts
  • Local time:07:12 PM

Posted 12 April 2014 - 11:04 PM

Hello, I'm a Win7 64 bit user from Hong Kong. When I open my computer, ProcessUsage.exe stopped running and CPU reached 100% immediately. I ran the DDS and the two logs are shown below. Thanks for your help! 




DDS (Ver_2012-11-20.01)
Microsoft Windows 7 家用進階版 
Boot Device: \Device\HarddiskVolume1
Install Date: 9/11/2013 18:01:37
System Uptime: 13/4/2014 9:59:30 (2 hours ago)
Motherboard: LENOVO |  | To be filled by O.E.M.
Processor: Intel® Core™ i3-2120 CPU @ 3.30GHz | SOCKET 0 | 3300/100mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 98 GiB total, 20.395 GiB free.
D: is FIXED (NTFS) - 343 GiB total, 230.193 GiB free.
F: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
Class GUID: 
Description: Touchscreen
Device ID: USB\VID_1926&PID_0DC2&MI_00\7&22592E7A&0&0000
Name: Touchscreen
PNP Device ID: USB\VID_1926&PID_0DC2&MI_00\7&22592E7A&0&0000
==== System Restore Points ===================
RP108: 8/4/2014 17:12:32 - Windows Update
RP109: 10/4/2014 1:19:37 - Windows Update
==== Installed Programs ======================
Adobe AIR
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06) - Chinese Traditional
Angry Birds
Apple Mobile Device Support
Apple Software Update
Apple 應用程式支援
ArcSoft PhotoStudio Paint
ATI Catalyst Install Manager
Borderlands 2
Catalyst Control Center
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cheat Engine 6.3
Driver & Application Installation
ESET Online Scanner v3
Free YouTube to MP3 Converter version
Google Chrome
Google Drive
Google Update Helper
Happy Hit
HP LaserJet Professional P1100-P1560-P1600 Series
Idea Touch 3.0
Intel® Management Engine Components
ITE Infrared Transceiver
iTools 2.0
Java 7 Update 45
Java 7 Update 51 (64-bit)
Java Auto Updater
Junk Mail filter update
JW_Weblauncher Uninstall
Left 4 Dead 2
Lenovo Blacksilk USB Keyboard Driver
Lenovo BrgVolOSD
Lenovo Camera Fun Zone
Lenovo Dynamic Brightness System
Lenovo EBook&QuickNotes
Lenovo Eye Distance System
Lenovo Power2Go
Lenovo Rescue System
Lenovo USB2.0 UVC Camera
Lenovo VeriTouch 
Lenovo VeriTouch2.0
Lenovo YouCam
LenovoUtility version 1.0
LogMeIn Hamachi
McAfee SiteAdvisor
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (CHT)
Microsoft .NET Framework 4.5.1 (繁體中文)
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Excel 2007 Help 更新程式 (KB963678)
Microsoft Office Excel MUI (Chinese (Traditional)) 2007
Microsoft Office Home and Student 2007
Microsoft Office IME (Chinese (Traditional)) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (Chinese (Traditional)) 2007
Microsoft Office Powerpoint 2007 Help 更新程式 (KB963669)
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
Microsoft Office Proof (Chinese (Traditional)) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proofing (Chinese (Traditional)) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007
Microsoft Office Shared MUI (Chinese (Traditional)) 2007
Microsoft Office Starter 2010 - 中文 (繁體)
Microsoft Office Word 2007 Help 更新程式 (KB963665)
Microsoft Office Word MUI (Chinese (Traditional)) 2007
Microsoft Office 隨選即用 2010
Microsoft PowerPoint Viewer
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Mumble 1.2.5
Music Star
NBA2K Online
Papers, Please
PC Data App
RadeonPro 1.0 (Build
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
Saints Row IV
Saints Row: The Third
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition 
SRS Premium Sound Control Panel
Team Fortress 2
TeamSpeak 3 Client
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Windows Live ?件包
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Live 程式集
Windows Live 照片?
Windows Live 影像中心
WinRAR 5.01 測試版 1 (64 位元)
WMV9/VC-1 Video Playback
用于?程?接的 Windows Live Mesh ActiveX 控件(?体中文)
==== End Of File ===========================

Edited by veronMC, 12 April 2014 - 11:08 PM.

BC AdBot (Login to Remove)


#2 veronMC

  • Topic Starter

  • Members
  • 8 posts
  • Local time:07:12 PM

Posted 12 April 2014 - 11:09 PM



DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16521  BrowserJavaVersion: 10.45.2
Run by Veron at 11:54:59 on 2014-04-13
Microsoft Windows 7 家用進階版   6.1.7601.1.950.852.3076.18.4076.1500 [GMT 8:00]
AV: McAfee  Anti-Virus 與 Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee  Anti-Virus 與 Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee  防火牆 *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\PCData\dgen.exe
C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ThinkSky\iTools 2.0\iToolsDaemon.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Lenovo\Lenovo BrgVolOSD\BrgVolOSD.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mWinlogon: Userinit = userinit.exe
BHO: 3812119D-8101-DEC4-0C84-B6CE4AA8B446 Class: {3812119D-8101-DEC4-0C84-B6CE4AA8B446} - 
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Surftastic: {c6673938-a52b-4dc6-af05-783e7e2c8b65} - 
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: BHOImpl Class: {E1499FE7-129D-4B6E-B681-DDF21E14172C} - C:\Program Files (x86)\ThinkSky\iTools 2.0\Extensions\iToolsBHO.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uRun: [LightShot] C:\Users\Veron\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [OSD Utility] C:\Program Files (x86)\Lenovo\Lenovo BrgVolOSD\BrgVolOSD.exe
mRun: [jmekey] C:\Windows\jmesoft\hotkey.exe
mRun: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
mRun: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [TMCMonitor] "C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\RunLDBS.exe 1
mRun: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: &妏蚚&捃濘燭盄狟婥 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\OfflineDownload.htm
IE: &妏蚚&捃濘狟婥 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\geturl.htm
IE: &妏蚚&捃濘狟婥窒蟈諉 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\GetAllUrl.htm
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: 匯出至 Microsoft Excel(&X) - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: Interfaces\{2CD3898A-FE43-46B7-BF55-BD9352F16D02} : DHCPNameServer =
TCP: Interfaces\{71BEE705-87C7-43F8-8C93-5004416F3582} : DHCPNameServer =
TCP: Interfaces\{8FA4075A-94FB-453E-8871-12E6355B5A98} : DHCPNameServer =
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} - <orphaned>
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: BHOImpl Class: {E1499FE7-129D-4B6E-B681-DDF21E14172C} - C:\Program Files (x86)\ThinkSky\iTools 2.0\Extensions\iToolsBHO64.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
============= SERVICES / DRIVERS ===============
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-14 782360]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-14 343696]
R0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;C:\Windows\System32\drivers\ddcdrv.sys [2012-2-12 20832]
R1 wStLibG64;wStLibG64;C:\Windows\System32\drivers\wStLibG64.sys [2014-3-30 61120]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-10-27 203776]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-1-23 2221904]
R2 HPSIService;HP SI Service;C:\Windows\System32\HPSIsvc.exe [2014-4-6 126880]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-2-12 2419816]
R2 JME Keyboard;JME Keyboard Driver;C:\Windows\jmesoft\Service.exe [2012-2-12 32768]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-28 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-2-12 199304]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-2-12 219272]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-2-12 182752]
R2 RadeonPro Support Service;RadeonPro Support Service;C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2014-3-22 20608]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-2-12 2656280]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-10-27 231440]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-10-13 31216]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-14 311120]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-14 519576]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-2-12 338536]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-12 533096]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-2-12 1101928]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 VMC412;Vimicro Camera Service VMC412;C:\Windows\System32\drivers\vmc412.sys [2012-2-12 243328]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-12-13 377104]
S2 ProtectMonitor;Protect Monitor;C:\Program Files (x86)\PCData\StartHelp.exe --> C:\Program Files (x86)\PCData\StartHelp.exe [?]
S2 Update Surftastic;Update Surftastic;"C:\Program Files (x86)\Surftastic\updateSurftastic.exe" --> C:\Program Files (x86)\Surftastic\updateSurftastic.exe [?]
S2 Util Surftastic;Util Surftastic;"C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe" --> C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe [?]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-14 70112]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-12 111616]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-14 100912]
S3 mvusbews;USB EWS Device;C:\Windows\System32\drivers\mvusbews.sys [2014-4-6 20480]
S3 NWVoltron;NextWindow Voltron Touch Screen;C:\Windows\System32\drivers\NWVoltron.sys [2011-6-24 28440]
S3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2013-11-9 18360]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows 啟用技術服務;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-12 1255736]
S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2009-7-22 121840]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
=============== File Associations ===============
ShellExec: BitComet.exe: open="C:\Program Files (x86)\BitComet\BitComet.exe"
=============== Created Last 30 ================
2014-04-13 03:38:43 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7427A8C6-7434-4BC2-AC24-2050D0BA8AA0}\offreg.dll
2014-04-12 17:47:52 -------- d-----w- C:\Program Files (x86)\ESET
2014-04-12 17:38:01 -------- d-----w- C:\AdwCleaner
2014-04-12 00:39:42 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7427A8C6-7434-4BC2-AC24-2050D0BA8AA0}\mpengine.dll
2014-04-09 08:47:55 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-04-06 05:24:09 126880 ----a-w- C:\Windows\System32\HPSIsvc.exe
2014-04-06 05:23:47 74240 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HP1100PP.dll
2014-04-06 05:22:28 288768 ----a-w- C:\Windows\System32\HP1100LM.DLL
2014-04-06 05:22:28 1696256 ----a-w- C:\Windows\System32\HP1100SM.EXE
2014-04-06 05:22:11 350720 ----a-w- C:\Windows\System32\mvhlewsi.dll
2014-04-06 05:22:09 -------- d-----w- C:\Program Files\HP
2014-04-06 05:22:08 82944 ----a-w- C:\Windows\System32\mvusbews.dll
2014-04-06 05:22:08 27648 ----a-w- C:\Windows\System32\HP1100SMs.dll
2014-04-06 05:22:08 20480 ----a-w- C:\Windows\System32\drivers\mvusbews.sys
2014-04-05 04:36:00 -------- d-----w- C:\Users\Veron\AppData\Roaming\ThinkSky
2014-04-05 04:35:55 -------- d-----w- C:\Program Files (x86)\ThinkSky
2014-04-04 10:21:56 -------- d-----w- C:\Users\Veron\AppData\Roaming\.minecraft
2014-04-03 10:40:24 -------- d-----w- C:\Users\Veron\AppData\Roaming\Mumble
2014-04-03 10:40:15 -------- d-----w- C:\Program Files (x86)\Mumble
2014-04-03 09:57:13 -------- d-----w- C:\ProgramData\Grisoft
2014-03-31 09:40:13 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-03-30 10:18:22 61120 ----a-w- C:\Windows\System32\drivers\wStLibG64.sys
2014-03-30 08:48:01 -------- d-----w- C:\Program Files (x86)\Surftastic
2014-03-30 08:40:55 -------- d-----w- C:\Program Files (x86)\DoubleOptMedia
2014-03-30 08:40:30 -------- d-----w- C:\Program Files (x86)\PCData
2014-03-28 13:51:50 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2014-03-28 13:51:50 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2014-03-24 11:19:23 -------- d-----w- C:\Users\Veron\AppData\Roaming\com.tigerhix.ebtrainer
2014-03-22 08:36:52 -------- d-----w- C:\Users\Veron\AppData\Roaming\RadeonPro
2014-03-22 08:36:32 -------- d-----w- C:\Program Files (x86)\RadeonPro
2014-03-21 11:17:26 -------- d-----w- C:\Users\Veron\AppData\Local\PAYDAY 2
==================== Find3M  ====================
2014-03-31 01:13:47 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-31 00:13:30 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-12 13:56:18 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-12 13:56:18 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-07 10:46:31 159032 ----a-w- C:\Windows\System32\atl90.dll
2014-03-07 10:46:29 655872 ----a-w- C:\Windows\System32\msvcr90.dll
2014-03-07 10:46:29 568832 ----a-w- C:\Windows\System32\msvcp90.dll
2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-02-04 02:35:56 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-02-04 02:35:49 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-02-04 02:35:35 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-02-04 02:32:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-02-04 02:32:12 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-02-04 02:28:36 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2014-02-04 02:04:22 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04:11 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-02-04 02:00:39 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
============= FINISH: 11:55:23.95 ===============

#3 HelpBot


    Bleepin' Binary Bot

  • Bots
  • 12,769 posts
  • Gender:Male
  • Local time:07:12 AM

Posted 17 April 2014 - 11:05 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:


step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/530880 <<< CLICK THIS LINK

If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.


step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.


We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 HelpBot


    Bleepin' Binary Bot

  • Bots
  • 12,769 posts
  • Gender:Male
  • Local time:07:12 AM

Posted 22 April 2014 - 11:10 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users