Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Pc Keeps freezing


  • Please log in to reply

#1
N-R

N-R

    Member

  • Member
  • PipPip
  • 55 posts
HI the PC in question keeps freezing about every 5 mins or so. It just freezes still cant do a thing for about 2 seconds then zip its back to running OK.
I have run these programs and found nothing
Mbam-full scan and flash scan
combofix
hitman pro online
Trend Micro online
TDsskiller
Mbam rootkit scanner
Micorsoft security essentials
and Tigzys rouge killer
all of which found nothing
I will post the 2 otl logs below.
Thanks for your assistance :)

OTL logfile created on: 02/03/2013 23:54:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\GranGran\Desktop\sec
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.50 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 70.88% Memory free
7.20 Gb Paging File | 6.13 Gb Available in Paging File | 85.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 853.64 Gb Free Space | 91.64% Space Free | Partition Type: NTFS
Drive D: | 5.10 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: GRANGRAN-PC | User Name: GranGran | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/01 10:04:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GranGran\Desktop\sec\OTL.exe
PRC - [2013/02/28 14:34:22 | 001,821,384 | ---- | M] () -- C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
PRC - [2013/02/25 07:39:34 | 001,602,984 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe
PRC - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2013/02/10 03:20:39 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/02/10 00:35:07 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013/02/10 00:35:07 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/01/24 11:52:00 | 002,074,256 | ---- | M] () -- C:\Program Files\Comodo\Dragon\dragon_updater.exe
PRC - [2013/01/14 22:16:42 | 003,011,400 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Program Files\Privacyware\Privatefirewall 7.0\PFGUI.exe
PRC - [2013/01/14 22:16:42 | 000,374,600 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Program Files\Privacyware\Privatefirewall 7.0\pfsvc.exe
PRC - [2013/01/04 21:21:22 | 000,404,712 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/01/13 11:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/25 07:39:32 | 000,988,584 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2013/02/19 11:48:10 | 020,340,648 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2012/12/18 18:28:50 | 000,647,168 | ---- | M] () -- C:\Program Files\Steam\sdl.dll
MOD - [2012/12/11 09:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012/12/11 09:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012/12/11 09:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012/12/10 01:46:38 | 000,600,868 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll


========== Services (SafeList) ==========

SRV - [2013/02/28 14:34:22 | 001,821,384 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\IceDragon\icedragon_updater.exe -- (IceDragonUpdater)
SRV - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/02/10 03:20:39 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/24 11:52:00 | 002,074,256 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013/01/14 22:16:42 | 000,374,600 | ---- | M] (Privacyware/PWI, Inc.) [Auto | Running] -- C:\Program Files\Privacyware\Privatefirewall 7.0\pfsvc.exe -- (PFNet)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/01/13 11:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\GranGran\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/02/10 03:20:39 | 008,944,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/12/25 19:08:42 | 000,128,672 | ---- | M] (Privacyware/PWI, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\pwipf6.sys -- (pwipf6)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/07/13 08:18:20 | 000,050,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/08/13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4212920738-1328311711-4236198115-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4212920738-1328311711-4236198115-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-4212920738-1328311711-4236198115-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/03/01 09:21:02 | 000,000,000 | ---D | M]

[2013/03/01 08:24:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GranGran\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Users\GranGran\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\GranGran\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\GranGran\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Users\GranGran\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: AdBlock = C:\Users\GranGran\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: Ghostery = C:\Users\GranGran\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\
CHR - Extension: Gmail = C:\Users\GranGran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Privatefirewall] C:\Program Files\Privacyware\Privatefirewall 7.0\PFGUI.exe (Privacyware/PWI, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-4212920738-1328311711-4236198115-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4212920738-1328311711-4236198115-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4212920738-1328311711-4236198115-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4212920738-1328311711-4236198115-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.26.56.26 8.20.247.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1727B94F-1301-4C2A-BFBC-CD51D3AB5AA1}: DhcpNameServer = 8.26.56.26 8.20.247.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1727B94F-1301-4C2A-BFBC-CD51D3AB5AA1}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBEA1F2A-A7BE-46D4-9287-A9A5338F84F4}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/10/06 15:01:16 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/02 20:59:55 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Local\Skyrim
[2013/03/02 20:55:09 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Documents\My Games
[2013/03/01 16:50:31 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\wood textures
[2013/03/01 16:50:30 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\sound
[2013/03/01 16:50:30 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\sky
[2013/03/01 16:50:29 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\rusty metal textures
[2013/03/01 16:50:29 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\roof
[2013/03/01 16:50:28 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\rock
[2013/03/01 16:50:05 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Plants
[2013/03/01 16:50:03 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\os install
[2013/03/01 16:50:01 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\odd textures
[2013/03/01 16:50:01 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Moss and vines
[2013/03/01 16:49:58 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Metal Textures
[2013/03/01 16:49:57 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Ground textures
[2013/03/01 16:49:57 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Game pics
[2013/03/01 16:49:56 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Door Textures
[2013/03/01 16:49:55 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\concrete
[2013/03/01 16:49:42 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Concept art
[2013/03/01 16:49:41 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Computer textures
[2013/03/01 16:49:18 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Blender sculpts game
[2013/03/01 16:49:17 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\basket rope and material textures
[2013/03/01 16:48:47 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Bits
[2013/03/01 15:24:21 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/03/01 15:24:21 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Local\temp
[2013/03/01 15:23:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/01 15:16:24 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/03/01 15:16:10 | 000,000,000 | ---D | C] -- C:\Boot
[2013/03/01 14:54:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/03/01 14:54:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/03/01 14:54:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/03/01 14:54:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/03/01 14:52:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/03/01 14:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\VS
[2013/03/01 14:11:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/01 13:43:54 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\NVIDIA
[2013/03/01 13:43:53 | 000,000,000 | ---D | C] -- C:\Users\GranGran\.thumbnails
[2013/03/01 13:42:46 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\blender-2.66-windows32
[2013/03/01 13:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/01 13:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2013/03/01 13:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013/03/01 13:27:06 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Documents\Visual Studio 2010
[2013/03/01 13:26:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
[2013/03/01 13:25:27 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2013/03/01 13:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2013/03/01 13:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2013/03/01 13:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2013/03/01 13:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2013/03/01 12:17:35 | 000,000,000 | ---D | C] -- C:\EsenthelEngineSDK
[2013/03/01 12:01:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2013/03/01 11:38:17 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/03/01 11:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/03/01 11:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2013/03/01 11:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/03/01 11:05:37 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2013/03/01 11:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2013/03/01 10:58:33 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013/03/01 10:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013/03/01 10:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/03/01 10:32:21 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2013/03/01 10:32:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2013/03/01 10:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/03/01 10:26:24 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2013/03/01 10:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/03/01 10:26:03 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/03/01 10:19:25 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\sec
[2013/03/01 09:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2013/03/01 09:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/03/01 09:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2013/03/01 09:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2013/03/01 09:20:50 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/03/01 09:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2013/03/01 09:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/01 09:15:32 | 002,134,200 | ---- | C] (Esenthel) -- C:\Users\GranGran\Documents\EsenthelEngineSDK Installer.exe
[2013/03/01 09:12:38 | 076,902,472 | ---- | C] (The GIMP Team ) -- C:\Users\GranGran\Documents\gimp-2.8.4-setup.exe
[2013/03/01 09:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/03/01 09:09:37 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Local\Google
[2013/03/01 09:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/03/01 08:39:46 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Local\Privatefirewall
[2013/03/01 08:37:09 | 000,128,672 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\System32\drivers\pwipf6.sys
[2013/03/01 08:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Privatefirewall 7.0
[2013/03/01 08:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Privacyware
[2013/03/01 08:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Privacyware
[2013/03/01 08:35:58 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\WinPatrol
[2013/03/01 08:35:34 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/03/01 08:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/03/01 08:35:32 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\Notepad++
[2013/03/01 08:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2013/03/01 08:34:53 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Local\fontconfig
[2013/03/01 08:34:52 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Local\gegl-0.2
[2013/03/01 08:34:52 | 000,000,000 | ---D | C] -- C:\Users\GranGran\.gimp-2.8
[2013/03/01 08:29:38 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\Foxit Reader
[2013/03/01 08:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013/03/01 08:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2013/03/01 08:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/03/01 08:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/03/01 08:28:02 | 000,000,000 | ---D | C] -- C:\Users\GranGran\Desktop\Browsers
[2013/03/01 08:26:12 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\Opera
[2013/03/01 08:26:12 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Local\Opera
[2013/03/01 08:26:09 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2013/03/01 08:24:02 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\Mozilla
[2013/03/01 08:23:57 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\Comodo
[2013/03/01 08:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013/03/01 08:19:22 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Local\Comodo
[2013/03/01 08:19:19 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\Windows\System32\certsentry.dll
[2013/03/01 08:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo
[2013/03/01 08:16:04 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/03/01 08:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/03/01 08:14:39 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\Malwarebytes
[2013/03/01 08:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/01 08:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/01 08:14:32 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/03/01 08:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/03/01 07:58:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2013/03/01 07:58:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2013/03/01 07:58:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2013/03/01 07:57:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013/03/01 07:51:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013/03/01 07:46:31 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2013/03/01 07:25:44 | 000,000,000 | R--D | C] -- C:\Users\GranGran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/01 07:25:44 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Searches
[2013/03/01 07:25:44 | 000,000,000 | R--D | C] -- C:\Users\GranGran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/01 07:25:37 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\Identities
[2013/03/01 07:25:36 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Contacts
[2013/03/01 07:25:36 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Local\VirtualStore
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\AppData\Local\Temporary Internet Files
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\Templates
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\Start Menu
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\SendTo
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\Recent
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\PrintHood
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\NetHood
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\Documents\My Videos
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\Documents\My Pictures
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\Documents\My Music
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\My Documents
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\Local Settings
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\AppData\Local\History
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\Cookies
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\Application Data
[2013/03/01 07:25:34 | 000,000,000 | -HSD | C] -- C:\Users\GranGran\AppData\Local\Application Data
[2013/03/01 07:25:33 | 000,000,000 | --SD | C] -- C:\Users\GranGran\AppData\Roaming\Microsoft
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Videos
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Saved Games
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Pictures
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Music
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Links
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Favorites
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Downloads
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Documents
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\Desktop
[2013/03/01 07:25:33 | 000,000,000 | R--D | C] -- C:\Users\GranGran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/01 07:25:33 | 000,000,000 | -H-D | C] -- C:\Users\GranGran\AppData
[2013/03/01 07:25:33 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Local\Microsoft
[2013/03/01 07:25:33 | 000,000,000 | ---D | C] -- C:\Users\GranGran\AppData\Roaming\Media Center Programs
[2013/03/01 07:19:11 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/01 07:18:16 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2013/03/01 07:17:22 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/03/01 07:17:17 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/02 23:48:44 | 000,004,467 | ---- | M] () -- C:\Users\GranGran\AppData\Local\recently-used.xbel
[2013/03/02 23:14:11 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/02 22:40:31 | 000,004,928 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/02 22:40:31 | 000,004,928 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/02 20:49:16 | 000,645,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/02 20:49:16 | 000,123,148 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/02 20:41:07 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/02 20:40:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/02 20:40:28 | 3756,580,864 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/02 13:44:05 | 000,000,938 | ---- | M] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/03/01 15:16:11 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2013/03/01 12:36:38 | 000,000,589 | ---- | M] () -- C:\Users\GranGran\Desktop\Esenthel Editor.lnk
[2013/03/01 12:14:44 | 051,035,768 | ---- | M] () -- C:\Users\GranGran\Documents\blender-2.66-windows32.zip
[2013/03/01 11:20:25 | 000,000,943 | ---- | M] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/01 11:09:28 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2013/03/01 11:09:28 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2013/03/01 11:09:19 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013/03/01 11:06:25 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/03/01 11:05:39 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/03/01 10:56:55 | 000,000,874 | ---- | M] () -- C:\Users\GranGran\Desktop\gimp-2.8 - Shortcut.lnk
[2013/03/01 10:47:50 | 000,001,995 | ---- | M] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/01 10:14:27 | 000,000,680 | ---- | M] () -- C:\Users\GranGran\AppData\Local\d3d9caps.dat
[2013/03/01 09:18:02 | 076,902,472 | ---- | M] (The GIMP Team ) -- C:\Users\GranGran\Documents\gimp-2.8.4-setup.exe
[2013/03/01 09:15:52 | 002,134,200 | ---- | M] (Esenthel) -- C:\Users\GranGran\Documents\EsenthelEngineSDK Installer.exe
[2013/03/01 09:03:17 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/01 09:02:31 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\Windows\System32\certsentry.dll
[2013/03/01 08:37:08 | 000,000,146 | ---- | M] () -- C:\Windows\ODBC.INI
[2013/03/01 08:35:34 | 000,000,868 | ---- | M] () -- C:\Users\GranGran\Desktop\Notepad++.lnk
[2013/03/01 08:26:10 | 000,001,638 | ---- | M] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2013/03/01 08:20:09 | 000,001,783 | ---- | M] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Dragon.lnk
[2013/03/01 08:14:33 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/01 07:42:03 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2013/03/01 07:42:01 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2013/03/01 07:38:39 | 000,327,680 | ---- | M] () -- C:\Windows\SPInstall.etl
[2013/03/01 07:19:36 | 000,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
[2013/03/01 01:11:21 | 241,407,079 | ---- | M] () -- C:\Users\GranGran\Documents\Esenthel.zip
[2013/03/01 01:08:02 | 691,496,789 | ---- | M] () -- C:\Users\GranGran\Documents\back up textures.zip
[2013/02/10 03:20:39 | 000,013,625 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/02 23:48:44 | 000,004,467 | ---- | C] () -- C:\Users\GranGran\AppData\Local\recently-used.xbel
[2013/03/02 13:44:05 | 000,000,938 | ---- | C] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/03/01 16:17:13 | 691,496,789 | ---- | C] () -- C:\Users\GranGran\Documents\back up textures.zip
[2013/03/01 16:17:07 | 241,407,079 | ---- | C] () -- C:\Users\GranGran\Documents\Esenthel.zip
[2013/03/01 15:16:11 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2013/03/01 15:16:10 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2013/03/01 14:54:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/03/01 14:54:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/03/01 14:54:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/03/01 14:54:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/03/01 14:54:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/03/01 12:29:33 | 000,000,619 | ---- | C] () -- C:\Users\GranGran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Esenthel Editor.lnk
[2013/03/01 12:29:33 | 000,000,589 | ---- | C] () -- C:\Users\GranGran\Desktop\Esenthel Editor.lnk
[2013/03/01 12:05:14 | 051,035,768 | ---- | C] () -- C:\Users\GranGran\Documents\blender-2.66-windows32.zip
[2013/03/01 11:20:25 | 000,000,943 | ---- | C] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/01 11:09:19 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013/03/01 11:06:25 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/03/01 11:05:39 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/03/01 10:56:55 | 000,000,874 | ---- | C] () -- C:\Users\GranGran\Desktop\gimp-2.8 - Shortcut.lnk
[2013/03/01 10:54:37 | 000,000,880 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013/03/01 09:40:34 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2013/03/01 09:40:10 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/03/01 09:40:10 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/03/01 09:36:49 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2013/03/01 09:36:49 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2013/03/01 09:36:49 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2013/03/01 09:35:07 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2013/03/01 09:17:21 | 000,001,995 | ---- | C] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/01 09:09:49 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/01 09:09:47 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/01 09:03:17 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/01 08:37:08 | 000,000,146 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/03/01 08:35:34 | 000,000,868 | ---- | C] () -- C:\Users\GranGran\Desktop\Notepad++.lnk
[2013/03/01 08:26:10 | 000,001,638 | ---- | C] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2013/03/01 08:26:10 | 000,001,626 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013/03/01 08:20:09 | 000,001,783 | ---- | C] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Dragon.lnk
[2013/03/01 08:16:19 | 000,001,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/03/01 08:14:33 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/01 07:53:36 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2013/03/01 07:53:35 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2013/03/01 07:53:35 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2013/03/01 07:53:34 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2013/03/01 07:53:33 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2013/03/01 07:53:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2013/03/01 07:53:26 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2013/03/01 07:53:25 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2013/03/01 07:53:23 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013/03/01 07:53:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2013/03/01 07:53:21 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2013/03/01 07:53:21 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2013/03/01 07:53:20 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2013/03/01 07:34:01 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2013/03/01 07:34:01 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2013/03/01 07:33:54 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2013/03/01 07:33:54 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2013/03/01 07:33:54 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2013/03/01 07:31:46 | 000,327,680 | ---- | C] () -- C:\Windows\SPInstall.etl
[2013/03/01 07:25:45 | 000,000,949 | ---- | C] () -- C:\Users\GranGran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/01 07:25:44 | 000,000,944 | ---- | C] () -- C:\Users\GranGran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/03/01 07:25:34 | 000,000,680 | ---- | C] () -- C:\Users\GranGran\AppData\Local\d3d9caps.dat
[2013/03/01 07:25:33 | 000,000,258 | ---- | C] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/03/01 07:25:33 | 000,000,240 | ---- | C] () -- C:\Users\GranGran\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/03/01 07:21:04 | 3756,580,864 | -HS- | C] () -- C:\hiberfil.sys

========== ZeroAccess Check ==========

[2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/03/01 08:29:38 | 000,000,000 | ---D | M] -- C:\Users\GranGran\AppData\Roaming\Foxit Reader
[2013/03/01 09:04:35 | 000,000,000 | ---D | M] -- C:\Users\GranGran\AppData\Roaming\Notepad++
[2013/03/01 08:26:12 | 000,000,000 | ---D | M] -- C:\Users\GranGran\AppData\Roaming\Opera
[2013/03/01 08:35:58 | 000,000,000 | ---D | M] -- C:\Users\GranGran\AppData\Roaming\WinPatrol

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 02/03/2013 23:54:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\GranGran\Desktop\sec
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.50 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 70.88% Memory free
7.20 Gb Paging File | 6.13 Gb Available in Paging File | 85.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 853.64 Gb Free Space | 91.64% Space Free | Partition Type: NTFS
Drive D: | 5.10 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: GRANGRAN-PC | User Name: GranGran | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-4212920738-1328311711-4236198115-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ABD5E9E-0FC4-43DE-A78C-8E0F15BA6062}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{3CEEE7BA-04A4-4660-ADF0-B1E1054DA456}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{717A94EF-51BE-4CE0-8EF5-AFA6A2F42792}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{8FF58DD3-B3B7-4FE4-956C-66EFE3B945A6}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{9BB830E8-FD75-4831-88EE-EA5F8EB5C062}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{E9DDB293-B9AE-4BFD-93F7-02AADCD81E50}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{57BB52B7-6B7B-31F3-89F4-4EE8FE5CEF6D}" = Microsoft Help Viewer 1.1
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A62F9CD0-B2E0-4F2A-88F2-79254A3C8539}" = WinPatrol
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{E8EA933E-03A2-4E62-9F52-812C72BE2A6B}" = Privatefirewall 7.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"7-Zip" = 7-Zip 9.20
"CCleaner" = CCleaner
"Comodo Dragon" = Comodo Dragon
"Comodo IceDragon" = Comodo IceDragon
"Foxit Reader_is1" = Foxit Reader
"GIMP-2_is1" = GIMP 2.8.4
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 12.11.1661" = Opera 12.11
"Steam App 72850" = The Elder Scrolls V: Skyrim

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 01/03/2013 08:14:11 | Computer Name = GranGran-PC | Source = VSS | ID = 8194
Description =

Error - 01/03/2013 08:15:19 | Computer Name = GranGran-PC | Source = System Restore | ID = 8193
Description =

Error - 01/03/2013 10:28:42 | Computer Name = GranGran-PC | Source = Application Error | ID = 1000
Description = Faulting application WinPatrol.exe, version 26.1.2013.0, time stamp
0x50e747b9, faulting module WinPatrol.exe, version 26.1.2013.0, time stamp 0x50e747b9,
exception code 0xc0000409, fault offset 0x00015b26, process id 0xbe8, application
start time 0x01ce1688aea1d009.

Error - 01/03/2013 10:41:29 | Computer Name = GranGran-PC | Source = Application Error | ID = 1000
Description = Faulting application WinPatrol.exe, version 26.1.2013.0, time stamp
0x50e747b9, faulting module WinPatrol.exe, version 26.1.2013.0, time stamp 0x50e747b9,
exception code 0xc0000409, fault offset 0x00015b26, process id 0xb04, application
start time 0x01ce168a9a16a5f9.

Error - 02/03/2013 05:41:44 | Computer Name = GranGran-PC | Source = Perflib | ID = 1008
Description =

Error - 02/03/2013 05:41:45 | Computer Name = GranGran-PC | Source = Perflib | ID = 1010
Description =

Error - 02/03/2013 05:41:45 | Computer Name = GranGran-PC | Source = Perflib | ID = 1008
Description =

Error - 02/03/2013 16:55:32 | Computer Name = GranGran-PC | Source = VSS | ID = 8194
Description =

Error - 02/03/2013 16:56:44 | Computer Name = GranGran-PC | Source = System Restore | ID = 8193
Description =

Error - 02/03/2013 19:31:29 | Computer Name = GranGran-PC | Source = Application Hang | ID = 1002
Description = The program gimp-2.8.exe version 2.8.4.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: a8 Start Time: 01ce179dc3e9d824 Termination Time: 3

[ System Events ]
Error - 01/03/2013 05:51:25 | Computer Name = GranGran-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 01/03/2013 07:09:46 | Computer Name = GranGran-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 01/03/2013 07:09:46 | Computer Name = GranGran-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 01/03/2013 07:23:29 | Computer Name = GranGran-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001D0FC29050 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 01/03/2013 07:48:42 | Computer Name = GranGran-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 01/03/2013 10:54:34 | Computer Name = GranGran-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 01/03/2013 11:02:04 | Computer Name = GranGran-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 01/03/2013 11:04:25 | Computer Name = GranGran-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 01/03/2013 11:07:16 | Computer Name = GranGran-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 01/03/2013 11:09:39 | Computer Name = GranGran-PC | Source = Service Control Manager | ID = 7030
Description =


< End of report >
  • 0

Advertisements


#2
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Hello N-R,

Toughest scenario I can come up with in what I do is when someone runs a bunch of repair scans, and so leaves me behind the eight ball in where things really stand. Usually every log has some bit of info it can provide.

Nothing showing in this view. How long have you been using Comodo software without having any problems?
  • 0

#3
N-R

N-R

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Hi I've only got comodo browser (dragon) and I use there DNS. As for having problems with comodo I have had none that I'm aware of. I think I saved most of the logs from the scans encase they would be useful.
Any ideas of something to try please.
Thank you for your help :)
Nick
  • 0

#4
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Comodo programs have a negative history. I would like to look at some saved logs, but if you would, go ahead and uninstall any Comodo programs, being sure to reboot after. Then check for change.

Also post the C:\ComboFix.txt log and the RogueKiller log. Not new runs - the logs from what you have already run please.
  • 0

#5
N-R

N-R

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Hi Jintan the freezing has stopped and I have not done any thing new to the machine so I can close this post.
I'd like to thank you for your help and the lady who the machine belongs to thanks you too.
Cheers
Nick :)
  • 0

#6
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Did removing Comodo fix things? Just a few last steps then to finish up here.


I suggest you uninstall McAfee SiteAdvisor. It's suggestions on websites are incorrect, and it gives a good rating to some of the worst adware sites.


Go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator". At the prompt copy/paste the following, pressing Enter after each:

cd "%userprofile%\desktop"

combofix /uninstall


ComboFix should uninstall itself at this time.

--------

You can also at this time delete the files/folders of the tools we used. To assist with some of that, run OTL again. This will help by automatically removing some of the tools we used.

Just click CleanUp, and select Yes. When it finishes removing some of the tools and files we used there just agree to the reboot.

-------

In addition, I like to recommend reviewing the information Here to make sure you stay malware free.
  • 1

#7
N-R

N-R

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Hiya Jintan

I didn't remove Comodo or do anything extra neither did the lady who the computer belongs to, it just stopped sticking.
Thanks for your help again Jintan
cheers Nick :)
  • 0

#8
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Glad to take a look at things here.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP