Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Search Search
Search for:
Tech Support Guy > > >

What is about:blank in Chrome? Virus?

(New)
(!)

RavensBleed's Avatar
RavensBleed RavensBleed is offline
Computer Specs
Junior Member with 22 posts.
THREAD STARTER
 
Join Date: Oct 2011
Experience: Intermediate
29-Oct-2011, 10:27 AM #1
What is about:blank in Chrome? Virus?
I only use Google Chrome despite the issues with each new update.

So if this happens on other browers on my pc, I don't know.

When opening a new tab or going to a new website via a link, the page is white and blank. It states about:blank in the location bar. Most times, it will stay there for a new seconds/or more then proceed to the website.

Is this malware?

I use Avira, MalwareBytes and SUPERAntiSpyware and they have never showed this about:blank. I also have SpywareBlaster which is up to date. The only think that SUPERAntiSpyware picks up, is a tracking cookie from Chrome and it's always in the same location. I've checked my settings in Chrome and not sure why this has started to happen but seemed to start with the previous update. Before the update these never showed on my scans.

Here is the information about my computer.

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz, x86 Family 15 Model 2 Stepping 7
Processor Count: 1
RAM: 511 Mb
Graphics Card: NVIDIA GeForce4 MX 420, 64 Mb
Hard Drives: C: Total - 305234 MB, Free - 242484 MB;
Motherboard: Dell Computer Corp., , , .. .
Antivirus: Avira Desktop, Updated: Yes, On-Demand Scanner: Enabled

Here is the HiJackThis results;


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:47:01 AM, on 10/29/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\freecell.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctOTE0MDU wMTk3LUJBKzEtS1YzKzctWEwrMS1UNS1TVDEyRk9JKzEtRERUKzAtRVVMQSsxLVNUMTJGQVBQKz E"&"prod=90"&"ver=2012.0.1834"&"mid=cc32ed4410b247d6ba8ed14eaf595384-2c58b7fd06acbcf036c28f0e21bbd10319631876
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ProcessLassoManagementConsole] "C:\Program Files\Process Lasso\processlasso.exe"
O4 - HKCU\..\Run: [ProcessGovernor] "C:\Program Files\Process Lasso\processgovernor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.mywot.com
O16 - DPF: vzTCPConfig - http://my.verizon.com/micro/speedopt...zTCPConfig.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1241480738515
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - http://a.download.toontown.com/sv1.0.37.11/ttinst.cab
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} (Java Plug-in 1.6.0_19) -
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/pla..._installer.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IHA_MessageCenter - Unknown owner - C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 10755 bytes


Here are the results of the DDS scan:


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Owner at 9:52:28 on 2011-10-29
.
============== Running Processes ===============
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\msdtc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\freecell.exe
C:\Documents and Settings\Owner\Desktop\dds.com
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.msn.com
mStart Page = hxxp://search.myheritage.com
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ProcessLassoManagementConsole] "c:\program files\process lasso\processlasso.exe"
uRun: [ProcessGovernor] "c:\program files\process lasso\processgovernor.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [BCMSMMSG] BCMSMMSG.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [Verizon_McciTrayApp] "c:\program files\verizon\McciTrayApp.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctOTE0MDU wMTk3LUJBKzEtS1YzKzctWEwrMS1UNS1TVDEyRk9JKzEtRERUKzAtRVVMQSsxLVNUMTJGQVBQKz E"&"prod=90"&"ver=2012.0.1834"&"mid=cc32ed4410b247d6ba8ed14eaf595384-2c58b7fd06acbcf036c28f0e21bbd10319631876
dRunOnce: [RunNarrator] Narrator.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
Trusted Zone: mywot.com\www
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: vzTCPConfig - hxxp://my.verizon.com/micro/speedoptimizer/fios/vzTCPConfig.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241480738515
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.37.11/ttinst.cab
DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{452DD80C-BA96-4A23-8CE1-91FB6444C9AB} : DhcpNameServer = 192.168.1.1 192.168.1.1
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\zn918y9k.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.myheritage.com/
FF - prefs.js: keyword.URL - hxxp://search.myheritage.com/?orig=ds&q=
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nptgeqplugin.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Nero Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R? fsssvc;Windows Live Family Safety Service
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
R? hitmanpro35;Hitman Pro 3.5 Support Driver
R? hvrhxabg;hvrhxabg
R? Lavasoft Kernexplorer;Lavasoft helper driver
R? Lbd;Lbd
S? !SASCORE;SAS Core Service
S? AntiVirSchedulerService;Avira Scheduler
S? AntiVirService;Avira Realtime Protection
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSEH;AVGIDSEH
S? AVGIDSFilter;AVGIDSFilter
S? AVGIDSShim;AVGIDSShim
S? avgntflt;avgntflt
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avkmgr;avkmgr
S? fssfltr;fssfltr
S? IHA_MessageCenter;IHA_MessageCenter
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
.
=============== Created Last 30 ================
.
2011-10-28 23:10:47 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-28 23:10:47 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-28 23:10:33 -------- d-----w- c:\program files\Avira
2011-10-28 23:10:33 -------- d-----w- c:\documents and settings\all users.windows\application data\Avira
2011-10-28 21:22:54 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-10-28 18:56:03 -------- d-----w- c:\documents and settings\owner\application data\Leader Technologies
2011-10-28 18:39:09 -------- d-----w- c:\program files\Epson Software
2011-10-28 13:53:39 -------- d-----w- c:\documents and settings\owner\application data\AVG
2011-10-27 20:06:15 -------- d-----w- c:\documents and settings\owner\application data\AVG2012
2011-10-27 20:03:50 -------- d-----w- c:\documents and settings\all users.windows\application data\AVG2012
2011-10-24 16:56:15 -------- d-----w- c:\program files\Speccy
2011-10-24 13:23:15 1414440 ----a-w- c:\windows\system32\ShellManager310E2D762.dll
2011-10-20 19:05:04 -------- d-----w- c:\program files\World of Warcraft
2011-10-20 19:05:04 -------- d-----w- c:\program files\common files\Blizzard Entertainment
2011-10-20 19:04:07 -------- d-----w- c:\documents and settings\all users.windows\application data\Blizzard Entertainment
2011-10-17 15:45:22 237776 ----a-w- c:\windows\system32\tpuninst.exe
2011-10-17 15:45:19 -------- d-----w- c:\program files\Windows Update Remover
2011-10-11 15:52:32 -------- d-----w- c:\program files\SpringPublisher
2011-10-11 15:52:31 -------- d-----w- c:\documents and settings\owner\application data\SpringPublisher
2011-10-11 15:46:31 2254848 -c--a-w- C:\sp_setup.msi
2011-10-09 13:08:38 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-10-09 13:08:38 -------- d-----w- c:\windows\system32\wbem\Repository
2011-10-09 13:07:56 -------- d-----w- c:\windows\Night eScapes Uninstaller
2011-10-09 13:07:56 -------- d-----w- c:\windows\A special winter night Uninstaller
2011-10-09 13:06:52 -------- d-----w- c:\program files\Coupons
2011-10-07 21:05:50 323624 ----a-w- c:\windows\system32\wiaaut.dll
.
==================== Find3M ====================
.
2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-03 10:17:37 599040 ----a-w- c:\windows\system32\crypt32(3).dll
2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
.
============= FINISH: 9:57:08.39 ===============

Per the instructions from DDS I've attached the second results file.

Also not sure if there is something wrong with their website but I can't get onto the GMER. I've attempted for over half hour but will continue to see if I can get on there and post that log.

Any help is greatly appreciated as always.

UPDATE:

I was finally about to access the GMER website and download it.

It ran for about 4 hours, the scan came up clean. I clicked on save so I could post the log here, computer froze and I just let it sit for about a hour. But after that time it was still froze, so I shut down and rebooted. Of course, the file never saved.

I'll run it again tonight and hopefully will have a log file to post.

Second attempt was a success. It ran clean the first time.

GMER log:


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-30 06:36:49
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD3200AAJB-00TYA0 rev.00.02C01
Running: mv8wt1rd.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\kftdqkow.sys


---- System - GMER 1.0.15 ----

SSDT F8E6BD8C ZwClose
SSDT F8E6BD46 ZwCreateKey
SSDT F8E6BD96 ZwCreateSection
SSDT F8E6BD3C ZwCreateThread
SSDT F8E6BD4B ZwDeleteKey
SSDT F8E6BD55 ZwDeleteValueKey
SSDT F8E6BD87 ZwDuplicateObject
SSDT F8E6BD5A ZwLoadKey
SSDT F8E6BD28 ZwOpenProcess
SSDT F8E6BD2D ZwOpenThread
SSDT F8E6BDAF ZwQueryValueKey
SSDT F8E6BD64 ZwReplaceKey
SSDT F8E6BDA0 ZwRequestWaitReplyPort
SSDT F8E6BD5F ZwRestoreKey
SSDT F8E6BD9B ZwSetContextThread
SSDT F8E6BDA5 ZwSetSecurityObject
SSDT F8E6BD50 ZwSetValueKey
SSDT F8E6BDAA ZwSystemDebugControl
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xF6D69640]

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xF83C3340, 0x121A5F, 0xF8000020]
.text C:\WINDOWS\System32\nv4_disp.dll section is writeable [0xBF012380, 0x25BA81, 0xF8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1060] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3116] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3804] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Google\Chrome\Application\chrome.exe[1060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Program Files\Google\Chrome\Application\chrome.exe[3116] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Program Files\Google\Chrome\Application\chrome.exe[3804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools\PC Tools AntiVirus\Temp\images_hicontrast.zip26\svtools\res\bmpfont.png 0 bytes
File C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools\PC Tools AntiVirus\Temp\images_hicontrast.zip26\svtools\res\prnfont.png 246 bytes
File C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools\PC Tools AntiVirus\Temp\images_hicontrast.zip26\svtools\res\scalfont.png 316 bytes
File C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools\PC Tools AntiVirus\Temp\images_hicontrast.zip26\svx\res 0 bytes

---- EOF - GMER 1.0.15 ----

Your help is really appreciated.
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.

Last edited by RavensBleed; 30-Oct-2011 at 06:54 AM.. Reason: Adding information...GMER
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑