Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

High Usage winrscmde!!! help me please


  • Please log in to reply
27 replies to this topic

#1 blesmewiturbuty

blesmewiturbuty

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 09 March 2013 - 05:25 PM

I am not very good with computers at all..I mostly use it for gaming. About a week or two ago I noticed the pop up saying high performance winrscmde i thought it was strange so i ran a scan and nothing came of it so i left it alone. Yesterday i decided to search the web to see if anyone else was having this issue and low and behold. I now realize what a problem i have on my hands. If anyone can help....please keep in mind I don't drift often into the inner workings of my PC. But I follow directions well!

 

 

 

64 bit operating system------windows 7 home premium



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:25 PM

Posted 09 March 2013 - 05:25 PM

    

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 blesmewiturbuty

blesmewiturbuty
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 09 March 2013 - 06:51 PM

.


Edited by blesmewiturbuty, 09 March 2013 - 06:58 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:25 PM

Posted 09 March 2013 - 06:52 PM

You may have issues posting TDSSkiller log.Post the last few lines of log alone.



#5 blesmewiturbuty

blesmewiturbuty
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 09 March 2013 - 06:52 PM

.


Edited by blesmewiturbuty, 09 March 2013 - 06:59 PM.


#6 blesmewiturbuty

blesmewiturbuty
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 09 March 2013 - 06:53 PM

yes you're right OK....

 


17:30:57.0096 5900  Scan finished
17:30:57.0096 5900  ============================================================
17:30:57.0107 5968  Detected object count: 2
17:30:57.0107 5968  Actual detected object count: 2
17:37:18.0941 5968  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
17:37:18.0941 5968  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
17:37:18.0941 5968  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:37:18.0941 5968  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
17:37:52.0285 5400  Deinitialize success



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:25 PM

Posted 09 March 2013 - 06:57 PM

17:37:18.0941 5968  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user

 

Cure it

 

Skip TDSSfile system

 

Restart the PC and run TDSSkiller again and if it detects

 

17:37:18.0941 5968  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

 

Delete it now.Post the new log



#8 blesmewiturbuty

blesmewiturbuty
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 09 March 2013 - 08:11 PM

TDSSKiller

 


19:03:58.0585 4804  Scan finished
19:03:58.0585 4804  ============================================================
19:03:58.0600 3984  Detected object count: 1
19:03:58.0600 3984  Actual detected object count: 1
19:05:37.0502 3984  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
19:05:37.0502 3984  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
19:05:37.0548 3984  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
19:05:37.0564 3984  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
19:05:37.0564 3984  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
19:05:37.0564 3984  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
19:05:37.0564 3984  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
19:05:37.0564 3984  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
19:05:37.0595 3984  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
19:05:37.0595 3984  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
19:05:37.0595 3984  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
19:05:37.0595 3984  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
19:05:37.0595 3984  \Device\Harddisk0\DR0\TDLFS - deleted
19:05:37.0595 3984  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
19:05:42.0743 3520  Deinitialize success

 

 

should i redo aswMBR?



aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-09 18:39:15
-----------------------------
18:39:15.570    OS Version: Windows x64 6.1.7601 Service Pack 1
18:39:15.570    Number of processors: 2 586 0x603
18:39:15.570    ComputerName: ANGEL-PC  UserName: Angel
18:39:18.939    Initialize success
18:39:34.555    AVAST engine defs: 13030901
18:39:43.884    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
18:39:43.884    Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 3
18:39:43.915    Disk 0 MBR read error 0
18:39:43.915    Disk 0 MBR scan
18:39:43.915    Disk 0 unknown MBR code
18:39:43.915    MBR BIOS signature not found 0
18:39:43.946    Disk 0 scanning C:\Windows\system32\drivers
18:39:52.292    Service scanning
18:40:16.215    Modules scanning
18:40:16.215    Disk 0 trace - called modules:
18:40:16.246    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
18:40:16.261    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003307790]
18:40:16.277    3 CLASSPNP.SYS[fffff88001bba43f] -> nt!IofCallDriver -> [0xfffffa8002dde430]
18:40:16.792    5 ACPI.sys[fffff88000ee97a1] -> nt!IofCallDriver -> \Device\00000065[0xfffffa80030ce7b0]
18:40:18.804    AVAST engine scan C:\Windows
18:40:23.203    AVAST engine scan C:\Windows\system32
18:43:35.008    AVAST engine scan C:\Windows\system32\drivers
18:43:58.158    AVAST engine scan C:\Users\Angel
18:49:13.107    File: C:\Users\Angel\AppData\Local\{AE6EE2A7-A45A-4B08-973A-AA1421BF9B51}\{E6CCF086-4DC6-4A7B-AB02-E7ECF687672A}\twwgyzduu.dll  **INFECTED** Win32:Malware-gen
18:57:35.104    AVAST engine scan C:\ProgramData
19:01:33.129    Scan finished successfully
19:02:41.145    Disk 0 MBR has been saved successfully to "C:\Users\Angel\Desktop\MBR.dat"
19:02:41.161    The log file has been saved successfully to "C:\Users\Angel\Desktop\aswMBR.txt"


 



#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:25 PM

Posted 09 March 2013 - 08:16 PM

Please do aswmbr and ESET online scanner and post the logs



#10 blesmewiturbuty

blesmewiturbuty
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 10 March 2013 - 09:15 AM

C:\TDSSKiller_Quarantine\09.03.2013_18.27.40\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan 
C:\TDSSKiller_Quarantine\09.03.2013_18.27.40\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan 
C:\TDSSKiller_Quarantine\09.03.2013_18.27.40\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan 
C:\OEM\Preload\Autorun\APP\Nero 10 Essentials eMachines Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Cheat Engine 6.2\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF application cleaned by deleting - quarantined
C:\Program Files (x86)\WildTangent Games\Games\SoldiervsAliens\Win32Project.exe a variant of Win32/Kryptik.AEN trojan cleaned by deleting - quarantined
C:\Program Files (x86)\WildTangent Games\Games\TimetoHurryNicolesStory\TownShops.exe a variant of Win32/Kryptik.BCY trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.03.2013_18.27.40\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.03.2013_18.27.40\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.03.2013_19.02.56\tdlfs0000\tsk0001.dta Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.03.2013_19.02.56\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Default\Default\aadfgcdfdfgbgddggbgfdcgfdedgdjdb\background.js Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\Angel\AppData\Local\Temp\0.830717856293681 a variant of Win32/Kryptik.AWGK trojan cleaned by deleting - quarantined
C:\Users\Angel\AppData\Local\{AE6EE2A7-A45A-4B08-973A-AA1421BF9B51}\{E6CCF086-4DC6-4A7B-AB02-E7ECF687672A}\twwgyzduu.dll Win32/Kryptik.AVHW.Gen trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Angel\Downloads\MyFunCards.exe Win32/AdInstaller application cleaned by deleting - quarantined
 



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:25 PM

Posted 10 March 2013 - 09:43 AM

ASWMBR log?

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 


Edited by narenxp, 10 March 2013 - 09:45 AM.


#12 blesmewiturbuty

blesmewiturbuty
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 10 March 2013 - 10:36 AM

Malwarebyte anti malware started out fine and is now not responding



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:25 PM

Posted 10 March 2013 - 11:37 AM

Reboot and try once again.Make sure to disable your antivirus



#14 blesmewiturbuty

blesmewiturbuty
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 10 March 2013 - 06:56 PM

Malwarebytes-

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Angel :: ANGEL-PC [administrator]

3/10/2013 6:20:30 PM
mbam-log-2013-03-10 (18-20-30).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 239616
Time elapsed: 22 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)



how much of the minitool box am i to paste here?



it's kind of long



#15 blesmewiturbuty

blesmewiturbuty
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:25 PM

Posted 10 March 2013 - 07:00 PM

MiniToolBox by Farbar  Version:05-03-2013
Ran by Angel (administrator) on 10-03-2013 at 18:54:46
Running from "C:\Users\Angel\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Angel-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.il.comcast.net.

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : hsd1.il.comcast.net.
   Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
   Physical Address. . . . . . . . . : F8-0F-41-2E-7A-C2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:558:6033:16a:257e:a2e0:1f07:bd3(Preferred)
   Lease Obtained. . . . . . . . . . : Sunday, March 10, 2013 6:48:30 PM
   Lease Expires . . . . . . . . . . : Wednesday, March 13, 2013 10:00:42 AM
   Link-local IPv6 Address . . . . . : fe80::35cb:9b97:cabe:4083%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 50.148.70.223(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Lease Obtained. . . . . . . . . . : Sunday, March 10, 2013 6:48:29 PM
   Lease Expires . . . . . . . . . . : Wednesday, March 13, 2013 7:45:52 AM
   Default Gateway . . . . . . . . . : fe80::201:5cff:fe22:841%11
                                       50.148.68.1
   DHCP Server . . . . . . . . . . . : 69.252.202.4
   DHCPv6 IAID . . . . . . . . . . . : 251137857
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-E4-B3-11-F8-0F-41-2E-7A-C2
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.il.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.il.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:14db:3ae8:cd6b:b920(Preferred)
   Link-local IPv6 Address . . . . . : fe80::14db:3ae8:cd6b:b920%12(Preferred)
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Name:    google.com
Addresses:  2607:f8b0:4009:803::1006
   74.125.225.41
   74.125.225.38
   74.125.225.37
   74.125.225.46
   74.125.225.40
   74.125.225.35
   74.125.225.36
   74.125.225.34
   74.125.225.32
   74.125.225.33
   74.125.225.39


Pinging google.com [2607:f8b0:4009:800::1005] with 32 bytes of data:
Reply from 2607:f8b0:4009:800::1005: time=11ms
Reply from 2607:f8b0:4009:800::1005: time=12ms

Ping statistics for 2607:f8b0:4009:800::1005:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 11ms, Maximum = 12ms, Average = 11ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  2001:558:feed::1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Request timed out.
Reply from 98.139.183.24: bytes=32 time=330ms TTL=50

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 330ms, Maximum = 330ms, Average = 330ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...f8 0f 41 2e 7a c2 ......NVIDIA nForce 10/100/1000 Mbps Ethernet
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      50.148.68.1    50.148.70.223     10
      50.148.68.0    255.255.252.0         On-link     50.148.70.223    266
    50.148.70.223  255.255.255.255         On-link     50.148.70.223    266
    50.148.71.255  255.255.255.255         On-link     50.148.70.223    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     50.148.70.223    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     50.148.70.223    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    266 ::/0                     fe80::201:5cff:fe22:841
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:4137:9e76:14db:3ae8:cd6b:b920/128
                                    On-link
 11    266 2001:558:6033:16a:257e:a2e0:1f07:bd3/128
                                    On-link
 11    266 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::14db:3ae8:cd6b:b920/128
                                    On-link
 11    266 fe80::35cb:9b97:cabe:4083/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/10/2013 06:50:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 06:19:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 06:13:19 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.70.0.9 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6c0

Start Time: 01ce1de1ffd82308

Termination Time: 16

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id: 2ca04c89-89d7-11e2-b3c9-f80f412e7ac2

Error: (03/10/2013 05:30:36 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.70.0.9 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e00

Start Time: 01ce1ddc137d7210

Termination Time: 31

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id: 1c09dc91-89d2-11e2-b3c9-f80f412e7ac2

Error: (03/10/2013 05:10:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 08:50:50 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/09/2013 07:34:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 06:38:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: Flash32_11_3_300_257.ocx, version: 11.3.300.257, time stamp: 0x4fc82759
Exception code: 0xc0000005
Fault offset: 0x00497314
Faulting process id: 0x1298
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/09/2013 06:31:20 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000028
Fault offset: 0x00013ce2
Faulting process id: 0x1354
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/09/2013 06:28:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/10/2013 06:50:55 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (03/10/2013 06:50:55 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (03/10/2013 06:20:49 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (03/10/2013 06:20:49 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (03/10/2013 05:11:22 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (03/10/2013 05:11:22 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (03/10/2013 05:09:12 PM) (Source: Service Control Manager) (User: )
Description: The CGPS Service service failed to start due to the following error:
%%1053

Error: (03/10/2013 05:09:12 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the CGPS Service service to connect.

Error: (03/09/2013 11:20:57 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (03/09/2013 10:50:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.


Microsoft Office Sessions:
=========================
Error: (03/10/2013 06:50:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 06:19:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 06:13:19 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.70.0.96c001ce1de1ffd8230816C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe2ca04c89-89d7-11e2-b3c9-f80f412e7ac2

Error: (03/10/2013 05:30:36 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.70.0.9e0001ce1ddc137d721031C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe1c09dc91-89d2-11e2-b3c9-f80f412e7ac2

Error: (03/10/2013 05:10:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 08:50:50 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/09/2013 07:34:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 06:38:38 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5Flash32_11_3_300_257.ocx11.3.300.2574fc82759c000000500497314129801ce1d1e3a7ef7f8\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\Macromed\Flash\Flash32_11_3_300_257.ocx76f320f0-8912-11e2-b4a1-f80f412e7ac2

Error: (03/09/2013 06:31:20 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5unknown0.0.0.000000000c000002800013ce2135401ce1d1dc06bd300\\.\globalroot\systemroot\svchost.exeunknown71c09118-8911-11e2-b4a1-f80f412e7ac2

Error: (03/09/2013 06:28:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2012-03-18 01:25:26.577
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-03-18 01:25:26.564
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-03-18 01:25:26.552
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-03-18 01:25:26.540
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-03-18 01:25:26.528
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-03-18 01:25:26.513
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-03-18 01:25:26.498
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-03-18 01:21:24.021
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-03-18 01:21:24.009
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-03-18 01:21:23.992
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Reader 9.5.3 MUI (Version: 9.5.3)
Ancient Hearts and Spades (Version: 2.2.0.97)
AntiLogger SDK version 1.4.6.637 (Version: 1.4.6.637)
Antique Road Trip 2: Homecoming (Version: 2.2.0.98)
Avenue Flo: Special Delivery (Version: 2.2.0.95)
Banana Bugs ™ (Version: 2.2.0.95)
Battleship (Version: 3.0.2.32)
Bejeweled 2 Deluxe
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bing Bar (Version: 7.1.391.0)
Birdies (Version: 2.2.0.95)
Bird's Town (Version: 2.2.0.98)
Boutique Boulevard (Version: 3.0.2.32)
Brink of Consciousness: Dorian Gray Syndrome Collector's Edtion (Version: 2.2.0.98)
Brother MFL-Pro Suite MFC-J835DW (Version: 1.0.8.0)
Build-a-lot 2 (Version: 2.2.0.95)
Burger Bustle (Version: 2.2.0.95)
Burger Shop 2 (Version: 2.2.0.95)
CA Pest Patrol Realtime Protection (Version: 001.001.0034)
Cajun Cop - The French Quarter Caper (Version: 2.2.0.110)
Chuzzle Deluxe (Version: 2.2.0.95)
Cinema Tycoon 2: Movie Mania
City of Fools (Version: 2.2.0.110)
Clue Classic (remove only)
Constant Guard Protection Suite (Version: 1.13.111.1)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Cooking Academy 3: Recipe for Success (Version: 2.2.0.110)
Criminal Minds (Version: 2.2.0.110)
Cut the Rope (Version: 3.0.2.32)
D3DX10 (Version: 15.4.2368.0902)
Deadly Voltage: Rise of the Invincible (Version: 3.0.2.38)
Delicious - Emily's Taste of Fame (Version: 2.2.0.95)
Delicious - Emily's Tea Garden (Version: 2.2.0.95)
Delicious 2 Deluxe (Version: 2.2.0.95)
Delicious Emily's Holiday Season (Version: 2.2.0.95)
Delicious: Emily's Childhood Memories Premium Edition (Version: 3.0.2.32)
Delicious: Emily's True Love Premium Edition (Version: 2.2.0.98)
DinerTown Detective Agency (Version: 2.2.0.97)
Discovery! A Seek and Find Adventure (Version: 2.2.0.95)
DQ Tycoon
Dream Builder: Amusement Park (Version: 3.0.2.32)
Easter Eggztravaganza (Version: 2.2.0.98)
eBay Worldwide (Version: 2.1.0901)
Echoes Bundle (Version: 2.2.0.98)
eMachines Games (Version: 1.0.3.0)
eMachines Recovery Management (Version: 5.00.3002)
eMachines Registration (Version: 1.03.3003)
eMachines ScreenSaver (Version: 1.1.0221.2011)
eMachines Updater (Version: 1.02.3005)
Emerald City Confidential (Version: 2.2.0.95)
Entwined: Strings of Deception (Version: 3.0.2.32)
Escape The Emerald Star
ESET Online Scanner v3
Evolver (Version: 2.2.0.110)
Faerie Solitaire
Film Fatale: Lights, Camera, Madness (Version: 2.2.0.98)
Final Drive: Nitro (Version: 2.2.0.95)
Fix-it-up 80's: Meet Kate's Parents (Version: 2.2.0.97)
Fluttabyes (Version: 2.2.0.95)
Forbidden Secrets Alien Town (Version: 3.0.2.48)
FreeTorrentDownloader (Version: 1.0.0.1)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Garden Rescue (Version: 2.2.0.110)
Garden Rescue Christmas Edition (Version: 3.0.2.32)
Gardenscapes: Mansion Makeover (Version: 2.2.0.110)
Ghost Encounters: Deadwood (Version: 2.2.0.110)
Ghost Town Mysteries - Bodie (Version: 2.2.0.98)
Google Chrome (Version: 25.0.1364.152)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Gotcha - Celebrity Secrets (Version: 2.2.0.98)
Governor of Poker 2 Premium Edition (Version: 2.2.0.110)
Happy Chef (Version: 3.0.2.38)
Hostile Makeover (Version: 2.2.0.95)
Hot Dish 2 (Version: 2.2.0.95)
Hotkey Utility (Version: 2.05.3014)
House, MD (Version: 2.2.0.97)
Hoyle Card Games (Version: 1.0.0)
Hoyle Card Games 2012 (Version: 2.2.0.98)
Hoyle Puzzle and Board Games 2012 (Version: 1.00.0000)
Identity Card (Version: 1.00.3006)
Inception of Darkness: Exorcist 3 (Version: 3.0.2.38)
Inspector Magnusson - Murder on the Titanic (Version: 2.2.0.110)
Java 7 Update 10 (64-bit) (Version: 7.0.100)
Java 7 Update 13 (Version: 7.0.130)
Java Auto Updater (Version: 2.1.9.0)
Jo's Dream: Organic Coffee (Version: 3.0.2.32)
Junk Mail filter update (Version: 15.4.3502.0922)
Little Shop - Memories (Version: 2.2.0.95)
Little Shop - World Traveler (Version: 2.2.0.110)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mishap 2: An Intentional Haunting (Version: 2.2.0.97)
Monopoly (remove only)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Murder She Wrote (Version: 2.2.0.98)
My Farm Life 2 (Version: 2.2.0.98)
Mystery P.I. - Curious Case of Counterfeit Cove (Version: 2.2.0.98)
Mystery P.I. - Lost in Los Angeles (Version: 2.2.0.95)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
Mystery P.I. - The New York Fortune (Version: 2.2.0.97)
Mystery Solitaire - Secret Island (Version: 2.2.0.95)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
Nancy Drew: Alibi in Ashes (Version: 3.0.2.32)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
NOOK for PC (Version: 2.5.5.9347)
Norton Bootable Recovery Tool Wizard (Version: 4.5.0.34)
Norton Online Backup (Version: 2.1.17869)
Norton Security Suite (Version: 20.2.0.19)
Nuance PaperPort 12 (Version: 12.1.0000)
Nuance PDF Viewer Plus (Version: 5.30.3290)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7316)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
Once Upon a Farm (Version: 2.2.0.110)
Origin (Version: 8.5.0.4550)
PaperPort Image Printer 64-bit (Version: 1.00.0001)
Penguins! (Version: 2.2.0.95)
Pickers: Adventures in Rust (Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
PVSonyDll (Version: 1.00.0001)
Realtek High Definition Audio Driver (Version: 6.0.1.6045)
Robin's Quest (Version: 2.2.0.97)
RollerCoaster Tycoon 3: Platinum (Version: 2.2.0.98)
Runaway with the Circus (Version: 2.2.0.110)
Scansoft PDF Professional
Shopping Blocks (Version: 2.2.0.98)
Soldier vs. Aliens (Version: 3.0.2.38)
Solitaire Kingdom Supreme (Version: 2.2.0.98)
Suburban Mysteries: The Labyrinth of the Past (Version: 3.0.2.32)
The Fool (Version: 2.2.0.98)
The Hidden Object Game Show (Version: 2.2.0.97)
The Lost Cases of Sherlock Holmes 2 (Version: 2.2.0.110)
The Moron Test (Version: 3.0.2.32)
The Sims™ 3 (Version: 1.50.56)
The Sims™ 3 70s, 80s, & 90s Stuff (Version: 17.0.77)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Diesel Stuff (Version: 14.0.48)
The Sims™ 3 Generations (Version: 8.0.152)
The Sims™ 3 Late Night (Version: 6.0.81)
The Sims™ 3 Master Suite Stuff (Version: 11.0.84)
The Sims™ 3 Pets (Version: 10.0.96)
The Sims™ 3 Seasons (Version: 16.0.136)
The Sims™ 3 Showtime (Version: 12.0.273)
The Sims™ 3 Supernatural (Version: 15.0.135)
The Sims™ 3 World Adventures (Version: 2.0.86)
Time Riddles: The Mansion (Version: 2.2.0.97)
Time to Hurry: Nicole's Story (Version: 2.2.0.98)
Turbo Subs (Version: 2.2.0.98)
Unlikely Suspects (Version: 2.2.0.110)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Vampire Saga 3: Break Out (Version: 2.2.0.98)
Vampires vs. Zombies (Version: 2.2.0.98)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
War in a Box: Paper Tanks (Version: 3.0.2.32)
Weather Lord (Version: 2.2.0.110)
Wedding Dash ® 4-Ever (Version: 2.2.0.95)
Weird Park: Broken Tune (Version: 2.2.0.98)
Weird Park: Scary Tales (Version: 3.0.2.38)
Welcome Center (Version: 1.02.3102)
White Haven Mysteries Collector's Edition (Version: 2.2.0.98)
Wild West Quest (Version: 2.2.0.97)
WildTangent Games (Version: 1.0.4.0)
WildTangent Games App (Version: 4.0.10.5)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Women's Murder Club - Death in Scarlet (Version: 2.2.0.97)
Women's Murder Club - Twice in a Blue Moon (Version: 2.2.0.95)
Wonderland Solitaire (Version: 2.2.0.110)
XFINITY Toolbar (Version: 3.5.1.10)
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Youda Survivor 2 (Version: 2.2.0.98)
Youda Sushi Chef (Version: 2.2.0.110)
Zuma's Revenge (Version: 2.2.0.95)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 61%
Total physical RAM: 2815.37 MB
Available physical RAM: 1089.37 MB
Total Pagefile: 5628.92 MB
Available Pagefile: 3470.09 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.32 MB

========================= Partitions: =====================================

1 Drive c: (eMachines) (Fixed) (Total:911.88 GB) (Free:747.31 GB) NTFS

========================= Users: ========================================

User accounts for \\ANGEL-PC

Administrator            Angel                    Guest                   
UpdatusUser             


**** End of log ****






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users