# Google Chrome kill pages error



## armendvisoka (Jun 4, 2007)

Hi, since yesterday Google Chrome has been hanging and it tells me to kill the oages. This happens whenever I open Chrome. Also, sometimes when I start up it sometimes just displays a black screen and only the mouse can be seen. I did a Hijack this log and a malware bytes search. Malwarebytes deleted 3 items but I'm still getting the problem. I'm running on Windows 7 and it's a netbook. Also, HijackThis said something about not being allowed access to the hosts files when doing the search. Thanks!

MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\FSP\FspUip.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fl.iamwired.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe"
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Google Update] "C:\Users\Armend\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

--
End of file - 5521 bytes

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4714

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

29/09/2010 08:04:50
mbam-log-2010-09-29 (08-04-50).txt

Scan type: Full scan (C:\|)
Objects scanned: 185862
Time elapsed: 55 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Armend\AppData\Local\Temp\9CDD.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Armend\AppData\Local\Temp\spottyface.exe (Adware.Agent) -> Quarantined and deleted successfully.


----------



## armendvisoka (Jun 4, 2007)

And I made a log with ComboFix since I alaways get asked to make one on this site:

ComboFix 10-09-28.03 - Armend 29/09/2010 9:24.1.2 - x86
Microsoft Windows 7 Starter 6.1.7600.0.1252.44.1033.18.1013.453 [GMT 1:00]
Running from: c:\users\Armend\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2010-08-28 to 2010-09-29 )))))))))))))))))))))))))))))))
.

2010-09-29 08:42 . 2010-09-29 08:42	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-09-29 07:50 . 2010-09-29 08:00	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2010-09-29 07:50 . 2010-09-29 08:00	--------	d-----w-	c:\program files\Spybot - Search & Destroy
2010-09-29 07:25 . 2010-09-29 07:25	388096	----a-r-	c:\users\Armend\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-09-29 07:25 . 2010-09-29 07:25	--------	d-----w-	c:\program files\Trend Micro
2010-09-29 06:08 . 2010-09-29 06:08	--------	d-----w-	c:\users\Armend\AppData\Roaming\Malwarebytes
2010-09-29 06:08 . 2010-04-29 14:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-29 06:08 . 2010-09-29 06:08	--------	d-----w-	c:\programdata\Malwarebytes
2010-09-29 06:08 . 2010-04-29 14:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-09-29 06:08 . 2010-09-29 06:08	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-09-29 05:15 . 2010-09-07 14:47	17744	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2010-09-29 05:15 . 2010-09-07 14:52	165584	----a-w-	c:\windows\system32\drivers\aswSP.sys
2010-09-29 05:15 . 2010-09-07 14:47	23376	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2010-09-29 05:15 . 2010-09-07 14:52	46672	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2010-09-29 05:15 . 2010-09-07 14:47	50768	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2010-09-29 05:15 . 2010-09-07 15:12	38848	----a-w-	c:\windows\avastSS.scr
2010-09-29 05:15 . 2010-09-07 15:11	167592	----a-w-	c:\windows\system32\aswBoot.exe
2010-09-29 05:15 . 2010-09-29 05:15	--------	d-----w-	c:\programdata\Alwil Software
2010-09-29 05:15 . 2010-09-29 05:15	--------	d-----w-	c:\program files\Alwil Software
2010-09-28 19:39 . 2010-09-28 20:02	--------	d-----w-	c:\users\Armend\AppData\Local\MediaMonkey
2010-09-28 19:39 . 2010-09-28 19:39	--------	d-----w-	c:\program files\MediaMonkey
2010-09-28 18:45 . 2010-03-04 04:04	146304	----a-w-	c:\windows\system32\drivers\usbvideo.sys
2010-09-28 18:45 . 2010-03-04 03:57	190976	----a-w-	c:\windows\system32\drivers\ks.sys
2010-09-28 18:45 . 2010-06-19 06:15	2048	----a-w-	c:\windows\system32\tzres.dll
2010-09-27 20:36 . 2010-09-27 20:36	273920	----a-w-	c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\lwjgl64.dll
2010-09-27 20:36 . 2010-09-27 20:36	195072	----a-w-	c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\OpenAL64.dll
2010-09-27 20:36 . 2010-09-27 20:36	108032	----a-w-	c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\OpenAL32.dll
2010-09-27 20:36 . 2010-09-27 20:36	193024	----a-w-	c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\lwjgl.dll
2010-09-27 20:36 . 2010-09-27 20:36	65024	----a-w-	c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\jinput-dx8_64.dll
2010-09-27 20:36 . 2010-09-27 20:36	62464	----a-w-	c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\jinput-raw_64.dll
2010-09-27 20:36 . 2010-09-27 20:36	61952	----a-w-	c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\jinput-dx8.dll
2010-09-27 20:36 . 2010-09-27 20:36	59392	----a-w-	c:\users\Armend\AppData\Roaming\.minecraft\bin\natives\jinput-raw.dll
2010-09-27 20:36 . 2010-09-27 20:37	--------	d-----w-	c:\users\Armend\AppData\Roaming\.minecraft
2010-09-27 19:51 . 2010-09-27 20:29	--------	d-----w-	c:\program files\GOG.com
2010-09-27 19:36 . 2010-09-27 19:36	2005392	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0DA8B1B-8429-4131-A557-2113E97DBD85}\mpavdlta.vdm
2010-09-27 19:36 . 2010-09-27 19:36	360848	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0DA8B1B-8429-4131-A557-2113E97DBD85}\mpasdlta.vdm
2010-09-27 19:36 . 2010-09-26 19:44	41722256	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0DA8B1B-8429-4131-A557-2113E97DBD85}\mpavbase.vdm
2010-09-27 19:36 . 2010-09-26 19:44	12300688	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0DA8B1B-8429-4131-A557-2113E97DBD85}\mpasbase.vdm
2010-09-27 17:10 . 2010-09-27 18:47	--------	d-----w-	c:\program files\Diablo II
2010-09-27 17:10 . 2010-09-27 17:11	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2010-09-26 22:21 . 2010-09-26 22:21	--------	d-----w-	C:\e38615caaef2911b9621fd5d
2010-09-26 21:53 . 2010-09-26 21:53	--------	d-----w-	c:\users\Armend\AppData\Local\Microsoft Games
2010-09-26 19:46 . 2010-08-21 05:32	316928	----a-w-	c:\windows\system32\spoolsv.exe
2010-09-02 22:46 . 2010-09-02 22:46	--------	d-----w-	c:\windows\SHELLNEW
2010-09-02 22:36 . 2010-09-02 22:36	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2010-09-02 22:35 . 2010-09-27 20:42	--------	d-----w-	c:\program files\Microsoft.NET
2010-09-02 22:34 . 2010-09-02 22:34	--------	d-----w-	c:\users\Armend\AppData\Local\Microsoft Help
2010-09-02 22:34 . 2010-09-02 22:34	--------	d-----r-	C:\MSOCache
2010-09-02 22:11 . 2010-09-02 22:11	--------	d-----w-	c:\program files\Common Files\Java
2010-09-02 22:11 . 2010-09-02 22:10	423656	----a-w-	c:\windows\system32\deployJava1.dll
2010-09-02 22:10 . 2010-09-02 22:10	--------	d-----w-	c:\program files\Java
2010-09-02 01:01 . 2009-11-25 11:47	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2010-09-02 01:01 . 2009-11-25 11:47	49472	----a-w-	c:\windows\system32\netfxperf.dll
2010-09-02 01:01 . 2009-11-25 11:47	297808	----a-w-	c:\windows\system32\mscoree.dll
2010-09-02 01:01 . 2009-11-25 11:47	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2010-09-02 01:01 . 2009-11-25 11:47	1130824	----a-w-	c:\windows\system32\dfshim.dll
2010-09-02 00:53 . 2010-09-01 20:37	1953680	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpavdlta.vdm
2010-09-02 00:53 . 2010-09-01 20:37	438672	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpasdlta.vdm
2010-09-02 00:53 . 2010-08-31 11:47	40258960	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpavbase.vdm
2010-09-02 00:53 . 2010-08-31 11:47	12120464	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpasbase.vdm
2010-09-02 00:51 . 2010-02-11 07:10	293376	----a-w-	c:\windows\system32\browserchoice.exe
2010-09-02 00:48 . 2010-09-02 00:48	691696	----a-w-	c:\windows\system32\drivers\sptd.sys
2010-09-02 00:47 . 2010-09-02 00:48	--------	d-----w-	c:\program files\DAEMON Tools Lite
2010-09-02 00:47 . 2010-09-02 22:32	--------	d-----w-	c:\users\Armend\AppData\Roaming\DAEMON Tools Lite
2010-09-02 00:47 . 2010-09-02 00:47	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2010-09-01 20:40 . 2010-06-14 06:12	1286016	----a-w-	c:\windows\system32\drivers\tcpip.sys
2010-09-01 20:38 . 2010-05-09 09:14	641536	----a-w-	c:\windows\system32\CPFilters.dll
2010-09-01 20:37 . 2010-06-30 06:25	978432	----a-w-	c:\windows\system32\wininet.dll
2010-08-31 20:57 . 2010-09-26 19:36	79136	----a-w-	c:\users\Armend\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-31 20:53 . 2010-08-31 20:53	--------	d-----w-	c:\users\Armend\AppData\Local\FSP
2010-08-31 13:34 . 2010-08-31 13:34	--------	d-----w-	c:\program files\CCleaner
2010-08-31 12:39 . 2010-08-31 12:39	--------	d-----w-	c:\users\Armend\AppData\Local\VS Revo Group
2010-08-31 12:38 . 2009-12-30 11:21	27192	----a-w-	c:\windows\system32\drivers\revoflt.sys
2010-08-31 12:38 . 2010-08-31 12:38	--------	d-----w-	c:\program files\VS Revo Group
2010-08-31 12:30 . 2010-08-31 12:30	--------	d-----w-	c:\program files\uTorrent
2010-08-31 12:29 . 2010-09-28 20:10	--------	d-----w-	c:\users\Armend\AppData\Roaming\uTorrent
2010-08-31 12:23 . 2010-09-29 08:16	--------	d-----w-	c:\users\Armend\Tracing
2010-08-31 12:22 . 2010-04-28 06:44	54632	----a-w-	c:\windows\system32\drivers\fssfltr.sys
2010-08-31 12:07 . 2010-08-31 12:08	--------	d-----w-	c:\users\Armend\AppData\Local\Google
2010-08-31 12:07 . 2010-08-31 12:07	--------	d-----w-	c:\users\Armend\AppData\Local\Apps
2010-08-31 12:07 . 2010-08-31 12:07	--------	d-----w-	c:\users\Armend\AppData\Local\Deployment
2010-08-31 11:51 . 2009-12-29 06:55	172032	----a-w-	c:\windows\system32\wintrust.dll
2010-08-31 11:51 . 2010-01-09 06:52	132608	----a-w-	c:\windows\system32\cabview.dll
2010-08-31 11:48 . 2010-09-26 19:43	1946512	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpavdlta.vdm
2010-08-31 11:48 . 2010-09-26 19:44	41722256	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpavbase.vdm
2010-08-31 11:48 . 2010-09-26 19:43	297360	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpasdlta.vdm
2010-08-31 11:48 . 2010-09-26 19:44	12300688	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpasbase.vdm

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-29 04:58 . 2010-01-18 13:35	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-09-27 14:05 . 2010-01-21 14:01	--------	d-----w-	c:\programdata\Microsoft Help
2010-09-02 22:35 . 2010-01-18 13:34	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2010-09-02 21:33 . 2009-07-14 02:37	--------	d-----w-	c:\program files\Windows Mail
2010-09-02 00:54 . 2010-01-21 14:16	--------	d-----w-	c:\program files\Microsoft Security Essentials
2010-08-31 14:26 . 2010-08-31 14:26	0	----a-w-	c:\users\Armend\AppData\Roaming\wklnhst.dat
2010-08-31 12:22 . 2010-01-18 13:33	--------	d-----w-	c:\program files\Windows Live
2010-08-14 16:40 . 2010-08-14 16:40	8245424	----a-w-	c:\users\Armend\AppData\Roaming\MediaMonkey_3.2.2.1300.exe
2010-08-14 16:40 . 2010-08-14 16:40	8245424	----a-w-	c:\users\Armend\AppData\Roaming\MediaMonkey_3.2.2.1300.exe
2010-07-29 06:30 . 2010-09-01 20:39	197632	----a-w-	c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-09-01 20:39	82944	----a-w-	c:\windows\system32\iccvid.dll
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Armend\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-08-31 136176]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-02 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-02 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-05 7703072]
"fspuip"="c:\program files\FSP\fspuip.exe" [2009-09-23 3342336]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-09-02 691696]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 fspad_wlh32;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh32;c:\windows\system32\DRIVERS\fspad_wlh32.sys [2009-09-22 41984]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2009-09-28 638976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder

2010-08-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2020085807-1544784501-1952108477-1000Core.job
- c:\users\Armend\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-31 12:07]

2010-09-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2020085807-1544784501-1952108477-1000UA.job
- c:\users\Armend\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-31 12:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://fl.iamwired.net/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(3184)
c:\program files\MediaMonkey\DeskPlayer.dll
.
Completion time: 2010-09-29 09:49:48
ComboFix-quarantined-files.txt 2010-09-29 08:49

Pre-Run: 228,093,575,168 bytes free
Post-Run: 228,047,216,640 bytes free

- - End Of File - - C6AA51112041E957E76E9C3A97E75D3B


----------



## dvk01 (Dec 14, 2002)

you have 2 active antivirus on this one

MSE & Avast

decide which you want & uninstall the other

For a netbook, I would go with MSE which tends to be lighter on resources than Avast

see if taht cures chroem, otherwise uninstall chrome & reinstall it as a corrupt install or profile can cause that

I think it is more likely to be MSE & Avast both checking webpages at the same time & making chrome fall over


----------



## armendvisoka (Jun 4, 2007)

dvk01 said:


> you have 2 active antivirus on this one
> 
> MSE & Avast
> 
> ...


I'm still getting the error, I uninstalled avast, restarted and still got it. I then reinstalled Chrome, but I'm still getting it. Any other ideas?

I installed Avast because I was getting this error by the way because of virus', so It's not Avast' fault.

EDIT: The homepage on IE and Google Chrome got changed to something called "fl.iamwired.com" and also something got installed on my netbook called flvtube player, I uninstalled it though.


----------



## dvk01 (Dec 14, 2002)

I can't see anything 
* Run Kaspersky online virus scan *Kaspersky Online Scanner*.

After the updates have downloaded, click on the "Scan Settings" button.
select the *(b)"Spyware, Adware, Dialers and other potentially dangerous programs" *for the scan.
Under "Please select a target to scan", click "My Computer".
When the scan is finished, Save the results from the scan!

Note: Kavscan is a scanner only & won't fix anything but will normally find the most infected files so it's report gives us a good place to work from 

If that won't run then 
Run an online antivirus check from one of the following sites

http://www.eset.com/online-scanner
http://www.pandasoftware.com/activescan/
http://www.bitdefender.com/scan8/ie.html


----------



## armendvisoka (Jun 4, 2007)

The scan didn't pick anything up and Chrome is loading fine now, thanks for the help anyway, I really appreciate it!


----------



## dvk01 (Dec 14, 2002)

chrome has a silent autoupdate mechanism, so it is very posible that there was an update that was faulty & a new update cured it

*Follow these steps to uninstall Combofix and the other tools it downloaded to remove the malware*
* Click *START* then * RUN*
* Now type *Combofix /Uninstall * in the runbox and click *OK*. Note the *space *between the *X* and the */U*, it needs to be there.









This will also purge the restore folder and clear any malware that has been put in there. Now Empty Recycle bin on desktop Then reboot.

go here* http://www.thespykiller.co.uk/index.php?page=3 *for info on how to tighten your security settings and how to help prevent future attacks.

and scan here* http://secunia.com/software_inspector/ * for out of date & vulnerable common applications on your computer and update whatever it suggests

Then pay an urgent visit to windows update & make sure you are fully updated, that will help to plug the security holes that let these pests on in the first place


----------

