[SADGEEK]

 Extras.Txt   30.92KB   259 downloads

 

Hi,

 

I do appreciate you taking the time to help me out. My computer has crashed recently 

and I ran the recovery process and the system was brand new but lost all data. 

It was saved on a external device though, so I put it back in the system. 

 

PROBLEM: I cannot even download anything from the internet and I was thinking that Norton antivirus was preventing this,

Internet explorer settings too, but I researched and tried what others recommended.

When I was to install a program that requires a connection to the internet, chrom opens a new window and freezes. And I basically cannot

do anything else but close the page... I hope there is a solution to this. I run a windows vista 32 bit system. I guess it's time to upgradebut I love this computer I hope there is a solution to it. 

 

Thank you in advance,

 

AC

 

OTL logfile created on: 1/24/2015 9:22:29 AM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Rhinojaxx\Downloads

Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

2.99 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 58.29% Memory free

6.18 Gb Paging File | 4.99 Gb Available in Paging File | 80.83% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 223.12 Gb Total Space | 193.08 Gb Free Space | 86.54% Space Free | Partition Type: NTFS

Drive D: | 7.45 Gb Total Space | 6.83 Gb Free Space | 91.69% Space Free | Partition Type: FAT32

Drive G: | 77.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: RHINOJAXX-PC | User Name: Rhinojaxx | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2015/01/24 09:21:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rhinojaxx\Downloads\OTL.exe

PRC - [2015/01/23 12:14:30 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe

PRC - [2015/01/20 19:50:49 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2015/01/18 23:19:56 | 011,261,952 | ---- | M] (Sand Studio) -- C:\Program Files\AirDroid\AirDroid.exe

PRC - [2014/07/06 18:41:02 | 004,694,016 | ---- | M] () -- C:\Program Files\D-com 3.5G\UnifiedUi.exe

PRC - [2014/05/14 21:55:56 | 000,432,384 | ---- | M] () -- C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe

PRC - [2014/05/14 21:55:56 | 000,426,752 | ---- | M] () -- C:\ProgramData\ZDSupport\ZDServ\CancelAutoPlay_Server.exe

PRC - [2008/10/28 22:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008/08/20 17:35:19 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

PRC - [2008/08/08 20:00:40 | 000,217,088 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe

PRC - [2008/07/25 14:55:02 | 000,207,416 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe

PRC - [2008/07/18 18:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

PRC - [2008/06/23 19:16:24 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe

PRC - [2008/06/03 16:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe

PRC - [2008/04/02 18:09:50 | 000,087,336 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe

PRC - [2008/03/31 22:09:30 | 000,266,240 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe

PRC - [2008/03/31 01:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe

PRC - [2008/03/18 11:27:11 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe

PRC - [2008/01/23 09:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe

PRC - [2008/01/20 18:33:24 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE

PRC - [2008/01/20 18:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

PRC - [2008/01/11 21:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe

PRC - [2007/11/30 10:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe

PRC - [2007/11/04 18:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe

PRC - [2007/10/17 18:04:00 | 007,737,344 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe

PRC - [2007/10/02 20:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe

PRC - [2007/08/15 10:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe

PRC - [2007/08/07 23:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe

PRC - [2007/08/03 11:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

PRC - [2007/07/05 15:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe

PRC - [2005/07/06 14:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2015/01/20 19:50:47 | 014,913,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\40.0.2214.91\PepperFlash\pepflashplayer.dll

MOD - [2015/01/20 19:50:45 | 009,171,272 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\40.0.2214.91\pdf.dll

MOD - [2015/01/20 14:25:10 | 001,740,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\074b45e6d23085b217e6939364110b75\Microsoft.VisualBasic.ni.dll

MOD - [2015/01/20 14:23:56 | 012,218,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0d01ecab2b5b05bd7e5e019f9299b5e2\System.Web.ni.dll

MOD - [2015/01/20 14:23:38 | 000,815,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0b996dc47d4ede6b2fdb93a0a12a62f8\System.Runtime.Remoting.ni.dll

MOD - [2015/01/20 13:52:51 | 010,969,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\6bb1dbdae40acc591caaeb0d9bc8915f\System.Design.ni.dll

MOD - [2014/07/06 18:41:02 | 004,694,016 | ---- | M] () -- C:\Program Files\D-com 3.5G\UnifiedUi.exe

MOD - [2014/06/22 22:38:36 | 001,528,064 | ---- | M] () -- C:\Program Files\D-com 3.5G\NDIS_Server.dll

MOD - [2014/06/22 22:38:36 | 000,652,032 | ---- | M] () -- C:\Program Files\D-com 3.5G\UniCodec.dll

MOD - [2014/06/22 22:38:36 | 000,648,448 | ---- | M] () -- C:\Program Files\D-com 3.5G\UniSdk.dll

MOD - [2014/06/22 22:38:36 | 000,547,584 | ---- | M] () -- C:\Program Files\D-com 3.5G\CoreSDK.dll

MOD - [2014/06/22 22:38:36 | 000,169,216 | ---- | M] () -- C:\Program Files\D-com 3.5G\UniDevManager.dll

MOD - [2014/06/22 22:38:36 | 000,155,904 | ---- | M] () -- C:\Program Files\D-com 3.5G\UniVousb.dll

MOD - [2014/06/22 22:38:36 | 000,088,320 | ---- | M] () -- C:\Program Files\D-com 3.5G\VoiceVolumnAdjust.dll

MOD - [2014/05/14 21:55:56 | 000,426,752 | ---- | M] () -- C:\ProgramData\ZDSupport\ZDServ\CancelAutoPlay_Server.exe

MOD - [2014/04/17 22:23:31 | 009,849,856 | ---- | M] () -- C:\Program Files\D-com 3.5G\QtGui4.dll

MOD - [2014/04/17 22:23:31 | 002,552,320 | ---- | M] () -- C:\Program Files\D-com 3.5G\QtCore4.dll

MOD - [2014/04/17 22:23:31 | 001,209,344 | ---- | M] () -- C:\Program Files\D-com 3.5G\QtNetwork4.dll

MOD - [2014/04/17 22:23:31 | 000,478,720 | ---- | M] () -- C:\Program Files\D-com 3.5G\plugins\sqldrivers\qsqlite4.dll

MOD - [2014/04/17 22:23:31 | 000,399,360 | ---- | M] () -- C:\Program Files\D-com 3.5G\QtXml4.dll

MOD - [2014/04/17 22:23:31 | 000,379,392 | ---- | M] () -- C:\Program Files\D-com 3.5G\plugins\imageformats\qtiff4.dll

MOD - [2014/04/17 22:23:31 | 000,351,744 | ---- | M] () -- C:\Program Files\D-com 3.5G\plugins\imageformats\qmng4.dll

MOD - [2014/04/17 22:23:31 | 000,287,232 | ---- | M] () -- C:\Program Files\D-com 3.5G\plugins\imageformats\qjpeg4.dll

MOD - [2014/04/17 22:23:31 | 000,271,872 | ---- | M] () -- C:\Program Files\D-com 3.5G\QtSql4.dll

MOD - [2014/04/17 22:23:31 | 000,221,512 | ---- | M] () -- C:\Program Files\D-com 3.5G\PSListener.dll

MOD - [2014/04/17 22:23:31 | 000,083,456 | ---- | M] () -- C:\Program Files\D-com 3.5G\plugins\imageformats\qico4.dll

MOD - [2014/04/17 22:23:31 | 000,083,456 | ---- | M] () -- C:\Program Files\D-com 3.5G\plugins\imageformats\qgif4.dll

MOD - [2014/04/17 22:23:31 | 000,043,008 | ---- | M] () -- C:\Program Files\D-com 3.5G\libgcc_s_dw2-1.dll

MOD - [2014/04/17 22:23:31 | 000,011,362 | ---- | M] () -- C:\Program Files\D-com 3.5G\mingwm10.dll

MOD - [2014/03/19 05:18:36 | 000,630,784 | ---- | M] () -- C:\Program Files\AirDroid\System.Data.SQLite.dll

MOD - [2008/07/18 18:52:08 | 000,649,704 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll

MOD - [2008/06/09 08:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll

MOD - [2008/01/20 19:12:16 | 001,064,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3faf6c0dd4b29ada10b11269abb62653\System.Management.ni.dll

MOD - [2008/01/20 19:09:27 | 013,193,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\45ee94a63c463b93e3ff694c6ecd0820\System.Windows.Forms.ni.dll

MOD - [2008/01/20 19:08:59 | 007,049,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\11afb76c8f51ad01fb460ab76e120f7c\System.Data.ni.dll

MOD - [2008/01/20 19:08:51 | 001,667,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a35f567c4c67d6b1ca9a0023852847a2\System.Drawing.ni.dll

MOD - [2008/01/20 19:08:32 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\62dc499efc246da6806ba0b74ac447f1\System.Transactions.ni.dll

MOD - [2008/01/20 19:08:31 | 000,659,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\954db9046cf0977e8baeda9160910bc0\System.EnterpriseServices.ni.dll

MOD - [2008/01/20 19:08:25 | 005,771,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\02cf61328d59df9b3ec09544f449a781\System.Xml.ni.dll

MOD - [2008/01/20 19:08:18 | 001,011,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15366cc16c2550064601b5167821667d\System.Configuration.ni.dll

MOD - [2008/01/20 19:08:13 | 008,265,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll

MOD - [2008/01/20 19:08:04 | 011,722,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll

MOD - [2008/01/20 18:34:30 | 003,036,160 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

MOD - [2008/01/20 18:34:01 | 000,261,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

MOD - [2008/01/11 21:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe

MOD - [2007/11/30 10:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe

MOD - [2007/11/12 14:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll

MOD - [2007/10/17 18:04:00 | 007,737,344 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe

MOD - [2007/08/14 12:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll

MOD - [2007/07/12 12:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

MOD - [2007/07/12 12:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll

MOD - [2007/06/15 09:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll

MOD - [2007/06/01 16:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

 

 

========== Services (SafeList) ==========

 

SRV - [2014/05/14 21:55:56 | 000,432,384 | ---- | M] () [Auto | Running] -- C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe -- (ZDServ)

SRV - [2008/03/31 01:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

SRV - [2008/03/18 11:27:11 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2008/01/20 18:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2007/10/02 20:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)

SRV - [2007/08/07 23:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2007/08/03 11:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - [2012/11/23 11:08:38 | 000,107,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ztembbusbvoice.sys -- (ZTEusbvoice)

DRV - [2012/11/23 11:08:36 | 000,107,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ztembbusbser6k.sys -- (ZTEusbser6K)

DRV - [2012/11/23 11:08:26 | 000,107,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ztembbusbnmea.sys -- (ZTEusbnmea)

DRV - [2012/11/23 11:08:20 | 000,107,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ztembbusbmdm.sys -- (ZTEusbmdm6k)

DRV - [2012/11/22 20:08:12 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ztembbmassfilter.sys -- (massfilter)

DRV - [2008/04/05 17:56:08 | 000,908,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2008/03/21 11:12:59 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2007/08/10 19:19:26 | 000,029,752 | ---- | M] (Windows ® Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)

DRV - [2007/08/08 19:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)

DRV - [2007/08/03 11:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)

DRV - [2007/07/30 09:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2007/07/24 10:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)

DRV - [2007/07/13 00:18:19 | 000,050,688 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)

DRV - [2007/01/24 10:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)

DRV - [2006/12/13 16:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)

DRV - [2006/11/01 23:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

 

 

 

========== Chrome  ==========

 

CHR - plugin: Error reading preferences file

CHR - Extension: No name found = C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\

CHR - Extension: No name found = C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\

CHR - Extension: No name found = C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: No name found = C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\

CHR - Extension: No name found = C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: No name found = C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: No name found = C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\

CHR - Extension: No name found = C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

CHR - Extension: No name found = C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [{C06C7DD7-9611-42E8-9254-7FC6A9E26160}] C:\Program Files\D-com 3.5G\UUShell.exe ()

O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)

O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe ()

O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe ()

O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [AirDroid 3] C:\Program Files\AirDroid\AirDroid.exe (Sand Studio)

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14EBC607-4A1E-4B11-B725-5D2F16CDA046}: DhcpNameServer = 192.168.100.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1636C8C6-74BC-4E19-B77D-737F6A6B2EF3}: NameServer = 197.218.5.69 8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE8072C4-602A-49FE-99B7-D6D3612C5C45}: DhcpNameServer = 192.168.100.1

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img11.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img11.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2014/07/07 07:19:44 | 000,000,063 | R--- | M] () - G:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{43415b99-a0ec-11e4-9b74-002354518de6}\Shell - "" = AutoRun

O33 - MountPoints2\{43415b99-a0ec-11e4-9b74-002354518de6}\Shell\AutoRun\command - "" = D:\Windows\AutoRun.exe

O33 - MountPoints2\{43415c14-a0ec-11e4-9b74-002354518de6}\Shell - "" = AutoRun

O33 - MountPoints2\{43415c14-a0ec-11e4-9b74-002354518de6}\Shell\AutoRun\command - "" = G:\Windows\AutoRun.exe -- [2014/05/15 05:55:56 | 000,425,728 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2015/01/24 09:17:49 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUSTek ASUSDVD

[2015/01/23 10:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2015/01/22 10:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2015/01/22 10:27:55 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Local\Google

[2015/01/22 09:06:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2015/01/20 21:57:51 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\vlc

[2015/01/20 15:56:32 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\Desktop\New Sampled

[2015/01/20 13:42:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ZDSupport

[2015/01/20 13:41:21 | 000,107,520 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ztembbusbvoice.sys

[2015/01/20 13:41:21 | 000,107,520 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ztembbusbser6k.sys

[2015/01/20 13:41:21 | 000,107,520 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ztembbusbnmea.sys

[2015/01/20 13:41:21 | 000,107,520 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ztembbusbmdm.sys

[2015/01/20 13:41:21 | 000,011,776 | ---- | C] (MBB Incorporated) -- C:\Windows\System32\drivers\ztembbmassfilter.sys

[2015/01/20 13:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\ZTEMobileBroadbandDeviceDrivers

[2015/01/20 13:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-com 3.5G

[2015/01/20 13:41:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\{C06C7DD7-9611-42E8-9254-7FC6A9E26160}

[2015/01/20 13:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\D-com 3.5G

[2015/01/19 23:00:41 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\Desktop\FL Productions

[2015/01/19 22:57:22 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\Documents\AirDroid

[2015/01/19 22:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid

[2015/01/19 22:57:19 | 000,000,000 | ---D | C] -- C:\Program Files\AirDroid

[2015/01/18 21:40:24 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\Desktop\Cashacapellas

[2015/01/18 21:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2015/01/18 21:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN

[2015/01/18 21:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\{13A9B825-42CB-4973-913D-2194B5A4CF94}

[2015/01/18 21:11:58 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dada Life

[2015/01/18 21:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX

[2015/01/18 21:10:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\reFX

[2015/01/18 21:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign

[2015/01/18 21:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1

[2015/01/18 21:06:19 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2

[2015/01/18 21:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\ASIO4ALL v2

[2015/01/18 21:05:56 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\rewire.dll

[2015/01/18 21:05:56 | 000,000,000 | ---D | C] -- C:\Program Files\VstPlugins

[2015/01/18 21:05:54 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\Documents\Image-Line

[2015/01/18 21:05:44 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line

[2015/01/18 21:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Outsim

[2015/01/18 21:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line

[2015/01/18 20:52:52 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Adobe

[2015/01/18 20:47:26 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Symantec

[2015/01/18 20:47:16 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Local\Power2Go

[2015/01/18 20:46:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2015/01/18 20:46:41 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2015/01/18 20:46:41 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Searches

[2015/01/18 20:46:41 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2015/01/18 20:46:33 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Identities

[2015/01/18 20:46:31 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Contacts

[2015/01/18 20:45:57 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Local\VirtualStore

[2015/01/18 20:44:36 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Local\Adobe

[2015/01/18 20:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2015/01/18 20:44:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2015/01/18 20:44:06 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2015/01/18 20:41:23 | 000,000,000 | --SD | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Videos

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Saved Games

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Pictures

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Music

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Links

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Favorites

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Downloads

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Documents

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\Desktop

[2015/01/18 20:41:23 | 000,000,000 | R--D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\AppData\Local\Temporary Internet Files

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\Templates

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\Start Menu

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\SendTo

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\Recent

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\PrintHood

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\NetHood

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\Documents\My Videos

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\Documents\My Pictures

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\Documents\My Music

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\My Documents

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\Local Settings

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\AppData\Local\History

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\Cookies

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\Application Data

[2015/01/18 20:41:23 | 000,000,000 | -HSD | C] -- C:\Users\Rhinojaxx\AppData\Local\Application Data

[2015/01/18 20:41:23 | 000,000,000 | -H-D | C] -- C:\Users\Rhinojaxx\AppData

[2015/01/18 20:41:23 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Local\Temp

[2015/01/18 20:41:23 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Local\Microsoft

[2015/01/18 20:41:23 | 000,000,000 | ---D | C] -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite

[2015/01/18 20:36:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates

[2015/01/18 20:36:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu

[2015/01/18 20:36:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos

[2015/01/18 20:36:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures

[2015/01/18 20:36:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music

[2015/01/18 20:36:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites

[2015/01/18 20:36:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings

[2015/01/18 20:36:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents

[2015/01/18 20:36:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop

[2015/01/18 20:36:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data

[2015/01/18 19:35:46 | 000,000,000 | -HSD | C] -- C:\System Volume Information

 

========== Files - Modified Within 30 Days ==========

 

[2015/01/24 09:23:39 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2015/01/24 09:23:39 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2015/01/24 09:21:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rhinojaxx\Desktop\OTL.exe

[2015/01/24 09:19:19 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2015/01/24 09:17:57 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2015/01/24 09:17:31 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe

[2015/01/24 09:17:18 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2015/01/24 09:17:18 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2015/01/24 09:17:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2015/01/24 09:17:10 | 3212,042,240 | -HS- | M] () -- C:\hiberfil.sys

[2015/01/24 08:43:22 | 000,002,002 | ---- | M] () -- C:\Users\Rhinojaxx\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2015/01/23 10:41:29 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2015/01/20 13:41:10 | 000,001,702 | ---- | M] () -- C:\Users\Public\Desktop\D-com 3.5G.lnk

[2015/01/19 22:57:37 | 000,001,677 | ---- | M] () -- C:\Users\Public\Desktop\AirDroid.lnk

[2015/01/19 22:57:20 | 000,001,701 | ---- | M] () -- C:\Users\Rhinojaxx\Application Data\Microsoft\Internet Explorer\Quick Launch\AirDroid.lnk

[2015/01/19 19:30:38 | 000,000,950 | ---- | M] () -- C:\Users\Rhinojaxx\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2015/01/19 18:57:23 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf

[2015/01/18 21:36:56 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2015/01/18 21:05:55 | 000,000,946 | ---- | M] () -- C:\Users\Rhinojaxx\Desktop\FL Studio 10.lnk

[2015/01/18 20:52:35 | 000,003,584 | ---- | M] () -- C:\Users\Rhinojaxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2015/01/18 19:33:10 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf

 

========== Files Created - No Company Name ==========

 

[2015/01/24 09:17:10 | 3212,042,240 | -HS- | C] () -- C:\hiberfil.sys

[2015/01/23 10:41:29 | 000,002,002 | ---- | C] () -- C:\Users\Rhinojaxx\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2015/01/23 10:41:29 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2015/01/23 10:09:57 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2015/01/23 10:09:55 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2015/01/20 13:41:10 | 000,001,702 | ---- | C] () -- C:\Users\Public\Desktop\D-com 3.5G.lnk

[2015/01/19 22:57:20 | 000,001,701 | ---- | C] () -- C:\Users\Rhinojaxx\Application Data\Microsoft\Internet Explorer\Quick Launch\AirDroid.lnk

[2015/01/19 22:57:20 | 000,001,677 | ---- | C] () -- C:\Users\Public\Desktop\AirDroid.lnk

[2015/01/19 19:30:38 | 000,000,950 | ---- | C] () -- C:\Users\Rhinojaxx\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2015/01/19 18:57:23 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf

[2015/01/18 21:36:56 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2015/01/18 21:05:55 | 000,000,946 | ---- | C] () -- C:\Users\Rhinojaxx\Desktop\FL Studio 10.lnk

[2015/01/18 20:51:35 | 000,003,584 | ---- | C] () -- C:\Users\Rhinojaxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2015/01/18 20:46:52 | 000,000,956 | ---- | C] () -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2015/01/18 20:46:40 | 000,000,951 | ---- | C] () -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

[2015/01/18 20:46:31 | 000,000,922 | ---- | C] () -- C:\Users\Rhinojaxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

[2015/01/18 20:44:23 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk

[2015/01/18 20:41:23 | 000,000,258 | ---- | C] () -- C:\Users\Rhinojaxx\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2015/01/18 20:41:23 | 000,000,240 | ---- | C] () -- C:\Users\Rhinojaxx\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

 

========== ZeroAccess Check ==========

 

[2006/11/02 04:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2008/04/23 20:58:20 | 011,580,416 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/02 20:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/20 18:33:39 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== LOP Check ==========

 

 

========== Purity Check ==========

 

 

 

< End of report >

 

 

[Advertisements]

It sounds like Chrome is not working but is set as your default browser.  You might want to open IE and tell it to be the default browser until you get Chrome fixed. Usually it will ask you when it opens but if not you can click on the gear in the upper right then Internet Options then Programs and you should see the Make Default button.

 

OTL says the preferences file for Chrome is unreadable.  That is going to cause you some grief.  The file is located at:

 

C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

It's hidden so you may need to:

 

 

    Open the Control Panel menu and click Folder Options.  (You may need to select Classic View in the dropdown View By: menu )

    After the new window appears select the View tab.

    Put a checkmark in the checkbox labeled Display the contents of system folders.

    Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.

    Remove the checkmark from the checkbox labeled Hide file extensions for known file types.

    Remove the checkmark from the checkbox labeled Hide protected operating system files.

    Press the Apply button and then the OK button and exit My Computer.

 

 

Now navigate to the preferences file and try to open it by double clicking.  It will not know what program to use so it should ask you.  Notepad or Wordpad will do.  If it opens then it should say something like:

 {

   "apps": {

      "shortcuts_have_been_created": true

   },

   "autofill": {

      "negative_upload_rate": 1.0,

      "positive_upload_rate": 1.0

   },

   "bookmark_bar": {

      "show_on_all_tabs": true

   },

   "bookmark_editor": {

      "expanded_nodes": [ "2" ]

   },

   "browser": {

      "check_default_browser": true,

      "clear_data": {

         "time_period": 4

      },

... (lots more after this)

 

     Alternatively you can copy the next line:

 

notepad \Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\preferences 

Then Start, All Programs, Accessories, then right click on Command Prompt and Run As Admin and right click and Paste or Edit then Paste and the copied line should appear.  Hit Enter.

 

If it won't open then you will need to navigate to the file and right click on it and properties then Security.  Make sure that your login has full control.  If not, click on Advanced then on Owner.  Your login should be the owner.  If not make it so.  Then back up one and click on Edit.  Click on your login and then FUll Control.  OK.

 

A simpler method is just to rename the folder \Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default to \Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\OldDefault.

 

When you restart Chrome it should create a new folder like a fresh install.

 

 

 

If you try and download a file does it say that the file contains a virus or words to that effect?  There is a registry entry for that:

 

Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments]
"ScanWithAntiVirus"=dword:00000001

Copy the above and then start notepad.  Paste the text into notepad and then File, Save As, to your desktop, "scanoff.reg"  OK.  Make sure you put the quotes around scanon.reg or it won't work.  Close all browsers.  Now right click on the scanon.reg file and Merge.  Open a browser and try again.

 

 

 

 

 

 

 

 

 

[RKinner]

It sounds like Chrome is not working but is set as your default browser.  You might want to open IE and tell it to be the default browser until you get Chrome fixed. Usually it will ask you when it opens but if not you can click on the gear in the upper right then Internet Options then Programs and you should see the Make Default button.

 

OTL says the preferences file for Chrome is unreadable.  That is going to cause you some grief.  The file is located at:

 

C:\Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

It's hidden so you may need to:

 

 

    Open the Control Panel menu and click Folder Options.  (You may need to select Classic View in the dropdown View By: menu )

    After the new window appears select the View tab.

    Put a checkmark in the checkbox labeled Display the contents of system folders.

    Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.

    Remove the checkmark from the checkbox labeled Hide file extensions for known file types.

    Remove the checkmark from the checkbox labeled Hide protected operating system files.

    Press the Apply button and then the OK button and exit My Computer.

 

 

Now navigate to the preferences file and try to open it by double clicking.  It will not know what program to use so it should ask you.  Notepad or Wordpad will do.  If it opens then it should say something like:

 {

   "apps": {

      "shortcuts_have_been_created": true

   },

   "autofill": {

      "negative_upload_rate": 1.0,

      "positive_upload_rate": 1.0

   },

   "bookmark_bar": {

      "show_on_all_tabs": true

   },

   "bookmark_editor": {

      "expanded_nodes": [ "2" ]

   },

   "browser": {

      "check_default_browser": true,

      "clear_data": {

         "time_period": 4

      },

... (lots more after this)

 

     Alternatively you can copy the next line:

 

notepad \Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default\preferences 

Then Start, All Programs, Accessories, then right click on Command Prompt and Run As Admin and right click and Paste or Edit then Paste and the copied line should appear.  Hit Enter.

 

If it won't open then you will need to navigate to the file and right click on it and properties then Security.  Make sure that your login has full control.  If not, click on Advanced then on Owner.  Your login should be the owner.  If not make it so.  Then back up one and click on Edit.  Click on your login and then FUll Control.  OK.

 

A simpler method is just to rename the folder \Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\Default to \Users\Rhinojaxx\AppData\Local\Google\Chrome\User Data\OldDefault.

 

When you restart Chrome it should create a new folder like a fresh install.

 

 

 

If you try and download a file does it say that the file contains a virus or words to that effect?  There is a registry entry for that:

 

Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments]
"ScanWithAntiVirus"=dword:00000001

Copy the above and then start notepad.  Paste the text into notepad and then File, Save As, to your desktop, "scanoff.reg"  OK.  Make sure you put the quotes around scanon.reg or it won't work.  Close all browsers.  Now right click on the scanon.reg file and Merge.  Open a browser and try again.