Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Google Chrome kill pages error

(In Progress)
(!)

armendvisoka's Avatar
armendvisoka armendvisoka is offline
Member with 102 posts.
THREAD STARTER
 
Join Date: Jun 2007
29-Sep-2010, 03:37 AM #1
Google Chrome kill pages error
Hi, since yesterday Google Chrome has been hanging and it tells me to kill the oages. This happens whenever I open Chrome. Also, sometimes when I start up it sometimes just displays a black screen and only the mouse can be seen. I did a Hijack this log and a malware bytes search. Malwarebytes deleted 3 items but I'm still getting the problem. I'm running on Windows 7 and it's a netbook. Also, HijackThis said something about not being allowed access to the hosts files when doing the search. Thanks!


MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\FSP\FspUip.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fl.iamwired.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe"
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Google Update] "C:\Users\Armend\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

--
End of file - 5521 bytes









Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4714

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

29/09/2010 08:04:50
mbam-log-2010-09-29 (08-04-50).txt

Scan type: Full scan (C:\|)
Objects scanned: 185862
Time elapsed: 55 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Armend\AppData\Local\Temp\9CDD.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Armend\AppData\Local\Temp\spottyface.exe (Adware.Agent) -> Quarantined and deleted successfully.

Last edited by armendvisoka; 29-Sep-2010 at 05:29 AM..
armendvisoka's Avatar
armendvisoka armendvisoka is offline
Member with 102 posts.
THREAD STARTER
 
Join Date: Jun 2007
29-Sep-2010, 04:51 AM #2
And I made a log with ComboFix since I alaways get asked to make one on this site:

ComboFix 10-09-28.03 - Armend 29/09/2010 9:24.1.2 - x86
Microsoft Windows 7 Starter 6.1.7600.0.1252.44.1033.18.1013.453 [GMT 1:00]
Running from: c:\users\Armend\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2010-08-28 to 2010-09-29 )))))))))))))))))))))))))))))))
.

2010-09-29 08:42 . 2010-09-29 08:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-29 07:50 . 2010-09-29 08:00 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-09-29 07:50 . 2010-09-29 08:00 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-09-29 07:25 . 2010-09-29 07:25 388096 ----a-r- c:\users\Armend\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-09-29 07:25 . 2010-09-29 07:25 -------- d-----w- c:\program files\Trend Micro
2010-09-29 06:08 . 2010-09-29 06:08 -------- d-----w- c:\users\Armend\AppData\Roaming\Malwarebytes
2010-09-29 06:08 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-29 06:08 . 2010-09-29 06:08 -------- d-----w- c:\programdata\Malwarebytes
2010-09-29 06:08 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-29 06:08 . 2010-09-29 06:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-29 05:15 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-29 05:15 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-29 05:15 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-29 05:15 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-29 05:15 . 2010-09-07 14:47 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-29 05:15 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-29 05:15 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-29 05:15 . 2010-09-29 05:15 -------- d-----w- c:\programdata\Alwil Software
2010-09-29 05:15 . 2010-09-29 05:15 -------- d-----w- c:\program files\Alwil Software
2010-09-28 19:39 . 2010-09-28 20:02 -------- d-----w- c:\users\Armend\AppData\Local\MediaMonkey
2010-09-28 19:39 . 2010-09-28 19:39 -------- d-----w- c:\program files\MediaMonkey
2010-09-28 18:45 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-09-28 18:45 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-09-28 18:45 . 2010-06-19 06:15 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-27 20:36 . 2010-09-27 20:36 273920 ----a-w- c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\lwjgl64.dll
2010-09-27 20:36 . 2010-09-27 20:36 195072 ----a-w- c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\OpenAL64.dll
2010-09-27 20:36 . 2010-09-27 20:36 108032 ----a-w- c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\OpenAL32.dll
2010-09-27 20:36 . 2010-09-27 20:36 193024 ----a-w- c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\lwjgl.dll
2010-09-27 20:36 . 2010-09-27 20:36 65024 ----a-w- c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\jinput-dx8_64.dll
2010-09-27 20:36 . 2010-09-27 20:36 62464 ----a-w- c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\jinput-raw_64.dll
2010-09-27 20:36 . 2010-09-27 20:36 61952 ----a-w- c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\jinput-dx8.dll
2010-09-27 20:36 . 2010-09-27 20:36 59392 ----a-w- c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\jinput-raw.dll
2010-09-27 20:36 . 2010-09-27 20:37 -------- d-----w- c:\users\Armend\AppData\Roaming\.minecraft
2010-09-27 19:51 . 2010-09-27 20:29 -------- d-----w- c:\program files\GOG.com
2010-09-27 19:36 . 2010-09-27 19:36 2005392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0DA8B1B-8429-4131-A557-2113E97DBD85}\mpavdlta.vdm
2010-09-27 19:36 . 2010-09-27 19:36 360848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0DA8B1B-8429-4131-A557-2113E97DBD85}\mpasdlta.vdm
2010-09-27 19:36 . 2010-09-26 19:44 41722256 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0DA8B1B-8429-4131-A557-2113E97DBD85}\mpavbase.vdm
2010-09-27 19:36 . 2010-09-26 19:44 12300688 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0DA8B1B-8429-4131-A557-2113E97DBD85}\mpasbase.vdm
2010-09-27 17:10 . 2010-09-27 18:47 -------- d-----w- c:\program files\Diablo II
2010-09-27 17:10 . 2010-09-27 17:11 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-09-26 22:21 . 2010-09-26 22:21 -------- d-----w- C:\e38615caaef2911b9621fd5d
2010-09-26 21:53 . 2010-09-26 21:53 -------- d-----w- c:\users\Armend\AppData\Local\Microsoft Games
2010-09-26 19:46 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-02 22:46 . 2010-09-02 22:46 -------- d-----w- c:\windows\SHELLNEW
2010-09-02 22:36 . 2010-09-02 22:36 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-09-02 22:35 . 2010-09-27 20:42 -------- d-----w- c:\program files\Microsoft.NET
2010-09-02 22:34 . 2010-09-02 22:34 -------- d-----w- c:\users\Armend\AppData\Local\Microsoft Help
2010-09-02 22:34 . 2010-09-02 22:34 -------- d-----r- C:\MSOCache
2010-09-02 22:11 . 2010-09-02 22:11 -------- d-----w- c:\program files\Common Files\Java
2010-09-02 22:11 . 2010-09-02 22:10 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-02 22:10 . 2010-09-02 22:10 -------- d-----w- c:\program files\Java
2010-09-02 01:01 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-09-02 01:01 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-09-02 01:01 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-09-02 01:01 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-09-02 01:01 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-09-02 00:53 . 2010-09-01 20:37 1953680 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpavdlta.vdm
2010-09-02 00:53 . 2010-09-01 20:37 438672 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpasdlta.vdm
2010-09-02 00:53 . 2010-08-31 11:47 40258960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpavbase.vdm
2010-09-02 00:53 . 2010-08-31 11:47 12120464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpasbase.vdm
2010-09-02 00:51 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-09-02 00:48 . 2010-09-02 00:48 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-02 00:47 . 2010-09-02 00:48 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-02 00:47 . 2010-09-02 22:32 -------- d-----w- c:\users\Armend\AppData\Roaming\DAEMON Tools Lite
2010-09-02 00:47 . 2010-09-02 00:47 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-09-01 20:40 . 2010-06-14 06:12 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-09-01 20:38 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-09-01 20:37 . 2010-06-30 06:25 978432 ----a-w- c:\windows\system32\wininet.dll
2010-08-31 20:57 . 2010-09-26 19:36 79136 ----a-w- c:\users\Armend\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-31 20:53 . 2010-08-31 20:53 -------- d-----w- c:\users\Armend\AppData\Local\FSP
2010-08-31 13:34 . 2010-08-31 13:34 -------- d-----w- c:\program files\CCleaner
2010-08-31 12:39 . 2010-08-31 12:39 -------- d-----w- c:\users\Armend\AppData\Local\VS Revo Group
2010-08-31 12:38 . 2009-12-30 11:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-08-31 12:38 . 2010-08-31 12:38 -------- d-----w- c:\program files\VS Revo Group
2010-08-31 12:30 . 2010-08-31 12:30 -------- d-----w- c:\program files\uTorrent
2010-08-31 12:29 . 2010-09-28 20:10 -------- d-----w- c:\users\Armend\AppData\Roaming\uTorrent
2010-08-31 12:23 . 2010-09-29 08:16 -------- d-----w- c:\users\Armend\Tracing
2010-08-31 12:22 . 2010-04-28 06:44 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-08-31 12:07 . 2010-08-31 12:08 -------- d-----w- c:\users\Armend\AppData\Local\Google
2010-08-31 12:07 . 2010-08-31 12:07 -------- d-----w- c:\users\Armend\AppData\Local\Apps
2010-08-31 12:07 . 2010-08-31 12:07 -------- d-----w- c:\users\Armend\AppData\Local\Deployment
2010-08-31 11:51 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-08-31 11:51 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2010-08-31 11:48 . 2010-09-26 19:43 1946512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpavdlta.vdm
2010-08-31 11:48 . 2010-09-26 19:44 41722256 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpavbase.vdm
2010-08-31 11:48 . 2010-09-26 19:43 297360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpasdlta.vdm
2010-08-31 11:48 . 2010-09-26 19:44 12300688 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpasbase.vdm

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-29 04:58 . 2010-01-18 13:35 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-27 14:05 . 2010-01-21 14:01 -------- d-----w- c:\programdata\Microsoft Help
2010-09-02 22:35 . 2010-01-18 13:34 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-09-02 21:33 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-09-02 00:54 . 2010-01-21 14:16 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-08-31 14:26 . 2010-08-31 14:26 0 ----a-w- c:\users\Armend\AppData\Roaming\wklnhst.dat
2010-08-31 12:22 . 2010-01-18 13:33 -------- d-----w- c:\program files\Windows Live
2010-08-14 16:40 . 2010-08-14 16:40 8245424 ----a-w- c:\users\Armend\AppData\Roaming\MediaMonkey_3.2.2.1300.exe
2010-08-14 16:40 . 2010-08-14 16:40 8245424 ----a-w- c:\users\Armend\AppData\Roaming\MediaMonkey_3.2.2.1300.exe
2010-07-29 06:30 . 2010-09-01 20:39 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-09-01 20:39 82944 ----a-w- c:\windows\system32\iccvid.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Armend\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-08-31 136176]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-02 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-02 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-05 7703072]
"fspuip"="c:\program files\FSP\fspuip.exe" [2009-09-23 3342336]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSv c]
@="Service"

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-09-02 691696]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 fspad_wlh32;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh32;c:\windows\system32\DRIVERS\fspad_wlh32.sys [2009-09-22 41984]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2009-09-28 638976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder

2010-08-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2020085807-1544784501-1952108477-1000Core.job
- c:\users\Armend\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-31 12:07]

2010-09-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2020085807-1544784501-1952108477-1000UA.job
- c:\users\Armend\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-31 12:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://fl.iamwired.net/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(3184)
c:\program files\MediaMonkey\DeskPlayer.dll
.
Completion time: 2010-09-29 09:49:48
ComboFix-quarantined-files.txt 2010-09-29 08:49

Pre-Run: 228,093,575,168 bytes free
Post-Run: 228,047,216,640 bytes free

- - End Of File - - C6AA51112041E957E76E9C3A97E75D3B
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 45,148 posts.
 
Join Date: Dec 2002
Location: Loughton, Essex, UK
29-Sep-2010, 06:38 AM #3
you have 2 active antivirus on this one

MSE & Avast

decide which you want & uninstall the other

For a netbook, I would go with MSE which tends to be lighter on resources than Avast

see if taht cures chroem, otherwise uninstall chrome & reinstall it as a corrupt install or profile can cause that

I think it is more likely to be MSE & Avast both checking webpages at the same time & making chrome fall over
__________________
Derek Microsoft MVP/Windows - Security | Thespykiller | How to protect yourself and other Security Advice
Find out all about the European Wild Hedgehog, what you can do to save it from extinction Hedgehog Rescue
armendvisoka's Avatar
armendvisoka armendvisoka is offline
Member with 102 posts.
THREAD STARTER
 
Join Date: Jun 2007
29-Sep-2010, 07:11 AM #4
Quote:
Originally Posted by dvk01 View Post
you have 2 active antivirus on this one

MSE & Avast

decide which you want & uninstall the other

For a netbook, I would go with MSE which tends to be lighter on resources than Avast

see if taht cures chroem, otherwise uninstall chrome & reinstall it as a corrupt install or profile can cause that

I think it is more likely to be MSE & Avast both checking webpages at the same time & making chrome fall over
I'm still getting the error, I uninstalled avast, restarted and still got it. I then reinstalled Chrome, but I'm still getting it. Any other ideas?

I installed Avast because I was getting this error by the way because of virus', so It's not Avast' fault.

EDIT: The homepage on IE and Google Chrome got changed to something called "fl.iamwired.com" and also something got installed on my netbook called flvtube player, I uninstalled it though.
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 45,148 posts.
 
Join Date: Dec 2002
Location: Loughton, Essex, UK
29-Sep-2010, 07:16 AM #5
I can't see anything
* Run Kaspersky online virus scan Kaspersky Online Scanner.

After the updates have downloaded, click on the "Scan Settings" button.
select the (b)"Spyware, Adware, Dialers and other potentially dangerous programs" for the scan.
Under "Please select a target to scan", click "My Computer".
When the scan is finished, Save the results from the scan!

Note: Kavscan is a scanner only & won't fix anything but will normally find the most infected files so it's report gives us a good place to work from

If that won't run then
Run an online antivirus check from one of the following sites

http://www.eset.com/online-scanner
http://www.pandasoftware.com/activescan/
http://www.bitdefender.com/scan8/ie.html
armendvisoka's Avatar
armendvisoka armendvisoka is offline
Member with 102 posts.
THREAD STARTER
 
Join Date: Jun 2007
29-Sep-2010, 12:49 PM #6
The scan didn't pick anything up and Chrome is loading fine now, thanks for the help anyway, I really appreciate it!
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 45,148 posts.
 
Join Date: Dec 2002
Location: Loughton, Essex, UK
29-Sep-2010, 01:06 PM #7
chrome has a silent autoupdate mechanism, so it is very posible that there was an update that was faulty & a new update cured it

*Follow these steps to uninstall Combofix and the other tools it downloaded to remove the malware*
* Click START then RUN
* Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the /U, it needs to be there.


This will also purge the restore folder and clear any malware that has been put in there. Now Empty Recycle bin on desktop Then reboot.

go here http://www.thespykiller.co.uk/index.php?page=3 for info on how to tighten your security settings and how to help prevent future attacks.

and scan here http://secunia.com/software_inspector/ for out of date & vulnerable common applications on your computer and update whatever it suggests

Then pay an urgent visit to windows update & make sure you are fully updated, that will help to plug the security holes that let these pests on in the first place
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


Similar Threads
Title Thread Starter Forum Replies Last Post
Malware killed Google Chrome, Windows Messenger, IE Fragility Virus & Other Malware Removal 2 20-Jun-2010 07:26 AM
Google Chrome Google Search Redirects Giltrap Virus & Other Malware Removal 3 31-Jan-2010 12:48 PM
Google Chrome aftermath jamie1949 Web & Email 0 16-Oct-2009 07:45 AM
Solved: Google Chrome Petty Web & Email 3 02-Oct-2009 02:51 PM
How do you disable Vista/Win 7 Aero Frame in Google Chrome fatjoez Windows Vista 0 12-Mar-2009 02:24 AM

WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑