Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

about:blank for Chrome browser


  • This topic is locked This topic is locked
11 replies to this topic

#1 phased1

phased1

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 04 September 2014 - 08:04 PM

Hello just 10 minutes ago I started getting the about:blank webpage everytime I open my Chrome internet browser.  My firefox browser is fine.  Please help thanks.

 

Here are my logs.

 

Attached File  dds.txt   11.03KB   1 downloadsAttached File  attach.txt   3.89KB   0 downloads


Edited by phased1, 04 September 2014 - 09:33 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 08 September 2014 - 08:01 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Wrong or bad new tab opening at startup.

Click on the Customize and Control Google Chrome Select Settings
p22003758.gif
On Start up > Set pages
Remove any links you do not wish to open at start up.

If that fails to solve your problem click on the Advanced settings link in the bottom and Reset the Browser settings.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#3 phased1

phased1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 08 September 2014 - 08:22 PM

# AdwCleaner v3.309 - Report created 08/09/2014 at 18:09:45
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Ultimate  (32 bits)
# Username : Eric - ERIC-PC
# Running from : C:\Users\Eric\Downloads\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Users\Eric\AppData\LocalLow\Conduit
File Deleted : C:\Users\Eric\AppData\Local\Temp\Uninstall.exe

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2966884
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ImInstaller
Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\5dj9o322.default-1371427639900\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [3141 octets] - [08/09/2014 18:03:55]
AdwCleaner[R1].txt - [3201 octets] - [08/09/2014 18:09:00]
AdwCleaner[S0].txt - [3186 octets] - [08/09/2014 18:09:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3246 octets] ##########
 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014
Ran by Eric (administrator) on ERIC-PC on 08-09-2014 18:16:06
Running from C:\Users\Eric\Downloads
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Razer\DeathAdder\razerhid.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Razer USA Ltd) C:\Program Files\Razer\BlackWidow\BlackWidowTray.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(BitTorrent, Inc.) C:\Program Files\DNA\btdna.exe
(Hyperdesktop) C:\Users\Eric\AppData\Roaming\Hyperdesktop\hyperdesktop.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [DeathAdder] => C:\Program Files\Razer\DeathAdder\razerhid.exe [159744 2007-09-07] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Razer Blackwidow Driver] => C:\Program Files\Razer\BlackWidow\BlackwidowTray.exe [880016 2010-11-10] (Razer USA Ltd)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-08-12] (Logitech Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-09-04] (AVAST Software)
HKU\S-1-5-21-2840043134-1694784246-1973955215-1001\...\Run: [BitTorrent DNA] => C:\Program Files\DNA\btdna.exe [323392 2010-01-14] (BitTorrent, Inc.)
HKU\S-1-5-21-2840043134-1694784246-1973955215-1001\...\Run: [Google Update] => C:\Users\Eric\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-09] (Google Inc.)
HKU\S-1-5-21-2840043134-1694784246-1973955215-1001\...\Run: [PhotoJoy] => C:\Program Files\PhotoJoy\bin\PhotoJoy.exe /c
HKU\S-1-5-21-2840043134-1694784246-1973955215-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-2840043134-1694784246-1973955215-1001\...\Run: [Hyperdesktop] => C:\Users\Eric\AppData\Roaming\Hyperdesktop\hyperdesktop.exe [316000 2013-02-22] (Hyperdesktop)
HKU\S-1-5-21-2840043134-1694784246-1973955215-1001\...\Run: [Viber] => "C:\Users\Eric\AppData\Local\Viber\Viber.exe"
HKU\S-1-5-21-2840043134-1694784246-1973955215-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-2840043134-1694784246-1973955215-1001\...\Run: [Battle.net] => C:\Program Files\Battle.net\Battle.net Launcher.exe [2869808 2014-08-21] (Blizzard Entertainment)
HKU\S-1-5-21-2840043134-1694784246-1973955215-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?lang=en-ca&OCID=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6457529B807DCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
URLSearchHook: HKCU - (No Name) - {cf45c54f-801c-41b5-ac77-57f2bf418edc} -  No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {CF45C54F-801C-41B5-AC77-57F2BF418EDC} -  No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\5dj9o322.default-1371427639900
FF Homepage: hxxp://forums.heroesofnewerth.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_88.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll No File
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Eric\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1010120-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Eric\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Eric\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Users\Eric\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF Extension: Adblock Plus - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\5dj9o322.default-1371427639900\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-16]
FF Extension: Hide Tab Bar With One Tab - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\5dj9o322.default-1371427639900\Extensions\{e5bbc237-c99b-4ced-a061-0be27703295f}.xpi [2013-08-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-05-14]

Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> 06552A2C00483212DDC899BFD8DA4A9C7CF5D08BD91105CD2C2882B37E491D76
CHR DefaultSearchURL: Default -> A219AF7B2C2E40BEB555E82787E59E1D16C6CFAD39386628CB78F2124ED6B1DD
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\37.0.2062.103\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Eric\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1010120-0-npoctoshape.dll (Octoshape ApS)
CHR Plugin: (DNA Plug-in) - C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Eric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR CustomProfile: C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (Stylish) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2013-02-02]
CHR Extension: (AdBlock) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2011-04-09]
CHR Extension: (Deathamns) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2014-01-18]
CHR Extension: (ICE Quick Stream) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapljocpedaolbooelchgnkkaplpadgp [2011-04-09]
CHR Extension: (Google Wallet) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-09-04]
CHR StartMenuInternet: Google Chrome - C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-09-04] (AVAST Software)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 pgsql-8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [65536 2008-09-19] (PostgreSQL Global Development Group) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2011-08-19] (Logitech Inc.)
S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-09-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-09-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-09-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-09-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-09-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-09-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-09-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-09-04] ()
R3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [22176 2011-08-19] (Logitech Inc.)
R3 DAdderFltr; C:\Windows\System32\drivers\dadder.sys [22784 2007-08-02] (Razer (Asia-Pacific) Pte Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-11-23] (DT Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-09-23] (LogMeIn, Inc.)
S3 LycoFltr; C:\Windows\System32\Drivers\Lycosa.sys [16640 2009-09-30] (Razer USA Ltd.) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [95872 2010-10-15] (Razer USA Ltd)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-11-20] (Duplex Secure Ltd.)
S3 vHidDev; C:\Windows\System32\DRIVERS\vHidDev.sys [5760 2009-12-21] (Windows ® Win 7 DDK provider)
S3 apf001; \??\C:\Game\SoftnyxGame\GunBoundIS\apf001.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 ESEADriver2; \??\C:\Users\Eric\AppData\Local\Temp\ESEADriver2.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 nmwcdnsuc; system32\drivers\nmwcdnsuc.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 18:16 - 2014-09-08 18:16 - 00020051 _____ () C:\Users\Eric\Downloads\FRST.txt
2014-09-08 18:15 - 2014-09-08 18:16 - 00000000 ____D () C:\FRST
2014-09-08 18:15 - 2014-09-08 18:15 - 01097728 _____ (Farbar) C:\Users\Eric\Downloads\FRST.exe
2014-09-08 18:14 - 2014-09-08 18:09 - 00003326 _____ () C:\Users\Eric\Desktop\AdwCleaner[S0].txt
2014-09-08 18:03 - 2014-09-08 18:09 - 00000000 ____D () C:\AdwCleaner
2014-09-08 18:02 - 2014-09-08 18:02 - 01370467 _____ () C:\Users\Eric\Downloads\adwcleaner_3.309.exe
2014-09-04 21:12 - 2014-09-04 21:12 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\AVAST Software
2014-09-04 20:57 - 2014-09-04 20:57 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-04 20:57 - 2014-09-04 20:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-04 20:57 - 2014-09-04 20:57 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-04 20:53 - 2014-09-04 20:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-04 19:30 - 2014-09-04 19:30 - 00011290 _____ () C:\Users\Eric\Desktop\dds.txt
2014-09-04 19:29 - 2014-09-04 19:29 - 00003982 _____ () C:\Users\Eric\Desktop\attach.txt
2014-09-04 19:21 - 2014-09-04 19:21 - 00688992 ____R (Swearware) C:\Users\Eric\Desktop\dds.com
2014-09-04 17:58 - 2014-09-04 18:15 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-04 17:58 - 2014-09-04 17:58 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-04 17:58 - 2014-09-04 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-04 17:58 - 2014-09-04 17:58 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-04 17:58 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-04 17:58 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-04 17:58 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-04 17:57 - 2014-09-04 17:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Eric\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-04 17:18 - 2014-09-04 17:18 - 00000000 ____D () C:\Program Files\Reason
2014-08-31 17:42 - 2014-08-31 17:42 - 00000000 ____D () C:\Users\Eric\AppData\Local\Skype
2014-08-31 17:41 - 2014-08-31 17:41 - 00000000 ___RD () C:\Program Files\Skype
2014-08-31 17:41 - 2014-08-31 17:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-31 17:41 - 2014-08-31 17:41 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-22 20:04 - 2014-08-22 20:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf
2014-08-17 14:03 - 2014-08-17 14:03 - 00000031 _____ () C:\Users\Eric\Documents\battlenet account.txt
2014-08-12 22:29 - 2014-08-12 22:29 - 00000000 ____D () C:\ProgramData\Riot Games

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 18:16 - 2014-09-08 18:16 - 00020051 _____ () C:\Users\Eric\Downloads\FRST.txt
2014-09-08 18:16 - 2014-09-08 18:15 - 00000000 ____D () C:\FRST
2014-09-08 18:16 - 2009-07-13 21:34 - 00019248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 18:16 - 2009-07-13 21:34 - 00019248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 18:15 - 2014-09-08 18:15 - 01097728 _____ (Farbar) C:\Users\Eric\Downloads\FRST.exe
2014-09-08 18:14 - 2009-10-24 14:05 - 01416300 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 18:12 - 2014-07-27 17:51 - 00000000 ____D () C:\Users\Eric\AppData\Local\Battle.net
2014-09-08 18:11 - 2010-01-14 15:11 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\DNA
2014-09-08 18:11 - 2010-01-14 15:11 - 00000000 ____D () C:\Program Files\DNA
2014-09-08 18:11 - 2009-11-24 23:04 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Skype
2014-09-08 18:11 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-08 18:10 - 2013-09-29 13:50 - 00086428 _____ () C:\Windows\setupact.log
2014-09-08 18:10 - 2010-01-07 12:39 - 00229566 _____ () C:\Windows\PFRO.log
2014-09-08 18:09 - 2014-09-08 18:14 - 00003326 _____ () C:\Users\Eric\Desktop\AdwCleaner[S0].txt
2014-09-08 18:09 - 2014-09-08 18:03 - 00000000 ____D () C:\AdwCleaner
2014-09-08 18:04 - 2011-04-09 21:50 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2840043134-1694784246-1973955215-1001UA.job
2014-09-08 18:02 - 2014-09-08 18:02 - 01370467 _____ () C:\Users\Eric\Downloads\adwcleaner_3.309.exe
2014-09-07 22:04 - 2011-04-09 21:50 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2840043134-1694784246-1973955215-1001Core.job
2014-09-06 23:00 - 2010-01-10 00:27 - 08112128 ___SH () C:\Users\Eric\Downloads\Thumbs.db
2014-09-06 20:05 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-06 18:26 - 2009-07-13 19:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-04 21:23 - 2009-10-24 15:19 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-04 21:12 - 2014-09-04 21:12 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\AVAST Software
2014-09-04 20:57 - 2014-09-04 20:57 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-04 20:57 - 2014-09-04 20:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-04 20:57 - 2014-09-04 20:57 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-04 20:57 - 2013-05-03 08:19 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-04 20:57 - 2013-05-03 08:19 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-04 20:57 - 2012-05-25 08:13 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-04 20:57 - 2011-05-14 15:02 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-04 20:57 - 2009-10-24 15:19 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-04 20:57 - 2009-10-24 15:19 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-04 20:53 - 2014-09-04 20:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-04 20:53 - 2009-07-13 19:04 - 00002577 _____ () C:\Windows\system32\config.nt
2014-09-04 19:50 - 2009-12-24 14:28 - 02041344 ___SH () C:\Users\Eric\Desktop\Thumbs.db
2014-09-04 19:30 - 2014-09-04 19:30 - 00011290 _____ () C:\Users\Eric\Desktop\dds.txt
2014-09-04 19:29 - 2014-09-04 19:29 - 00003982 _____ () C:\Users\Eric\Desktop\attach.txt
2014-09-04 19:21 - 2014-09-04 19:21 - 00688992 ____R (Swearware) C:\Users\Eric\Desktop\dds.com
2014-09-04 18:15 - 2014-09-04 17:58 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-04 17:58 - 2014-09-04 17:58 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-04 17:58 - 2014-09-04 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-04 17:58 - 2014-09-04 17:58 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-04 17:58 - 2010-02-28 23:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-04 17:57 - 2014-09-04 17:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Eric\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-04 17:18 - 2014-09-04 17:18 - 00000000 ____D () C:\Program Files\Reason
2014-09-03 21:13 - 2014-03-20 18:27 - 00001421 _____ () C:\Users\Eric\Documents\anion plumbing stuff.txt
2014-08-31 17:42 - 2014-08-31 17:42 - 00000000 ____D () C:\Users\Eric\AppData\Local\Skype
2014-08-31 17:41 - 2014-08-31 17:41 - 00000000 ___RD () C:\Program Files\Skype
2014-08-31 17:41 - 2014-08-31 17:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-31 17:41 - 2014-08-31 17:41 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-31 17:41 - 2009-11-24 23:04 - 00000000 ____D () C:\ProgramData\Skype
2014-08-24 13:50 - 2010-05-15 20:24 - 00000000 ____D () C:\Users\Eric\Graal
2014-08-22 20:04 - 2014-08-22 20:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf
2014-08-21 16:45 - 2014-07-27 17:51 - 00000000 ____D () C:\Program Files\Battle.net
2014-08-18 16:59 - 2014-07-27 17:57 - 00000000 ____D () C:\Program Files\Hearthstone
2014-08-17 14:03 - 2014-08-17 14:03 - 00000031 _____ () C:\Users\Eric\Documents\battlenet account.txt
2014-08-12 22:29 - 2014-08-12 22:29 - 00000000 ____D () C:\ProgramData\Riot Games
2014-08-12 22:29 - 2011-10-18 20:53 - 00000000 ____D () C:\Users\Eric\AppData\Local\PMB Files
2014-08-12 22:29 - 2011-10-18 20:53 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-10 08:40 - 2009-07-13 21:53 - 00032554 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\ProgramData\DynuEncrypt.dll
C:\ProgramData\hash.dat


Some content of TEMP:
====================
C:\Users\Eric\AppData\Local\temp\Quarantine.exe
C:\Users\Eric\AppData\Local\temp\update.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-29 17:37

==================== End Of Log ============================

 

 

Attached File  Addition.txt   36.71KB   1 downloads

 

 

The Reset the Browser settings fixed my problem.  My computer is running good right now, but my Chrome browser is still buggy.  When I have Chrome browsers opened and I open a new Chrome browser up my most visited tabs sometimes don't show up.  Like the page is just blank white.


Edited by phased1, 09 September 2014 - 01:02 AM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 09 September 2014 - 08:24 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

URLSearchHook: HKCU - (No Name) - {cf45c54f-801c-41b5-ac77-57f2bf418edc} -  No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
Toolbar: HKCU - No Name - {CF45C54F-801C-41B5-AC77-57F2BF418EDC} -  No File
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll No File
FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\37.0.2062.103\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Google Update) - C:\Users\Eric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [X]
S3 apf001; \??\C:\Game\SoftnyxGame\GunBoundIS\apf001.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 ESEADriver2; \??\C:\Users\Eric\AppData\Local\Temp\ESEADriver2.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 nmwcdnsuc; system32\drivers\nmwcdnsuc.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]
C:\Users\Eric\AppData\Local\temp\update.exe

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

I open a new Chrome browser up my most visited tabs sometimes don't show up. Like the page is just blank white.


Go to Settings, in Google Chrome.
Then, click on Show advanced settings.
At the very end, you will see Reset browsing settings.
Click on that: it will change to the default settings, but hey, it will also clear your browsing history and disable extensions. For extensions, you can enable it again if you have installed them like ad block plus or any other.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

#5 phased1

phased1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 09 September 2014 - 07:30 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-09-2014
Ran by Eric at 2014-09-09 17:22:21 Run:1
Running from C:\Users\Eric\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start

URLSearchHook: HKCU - (No Name) - {cf45c54f-801c-41b5-ac77-57f2bf418edc} -  No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
Toolbar: HKCU - No Name - {CF45C54F-801C-41B5-AC77-57F2BF418EDC} -  No File
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll No File
FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\37.0.2062.103\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Google Update) - C:\Users\Eric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [X]
S3 apf001; \??\C:\Game\SoftnyxGame\GunBoundIS\apf001.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 ESEADriver2; \??\C:\Users\Eric\AppData\Local\Temp\ESEADriver2.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 nmwcdnsuc; system32\drivers\nmwcdnsuc.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]
C:\Users\Eric\AppData\Local\temp\update.exe

End
*****************

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{cf45c54f-801c-41b5-ac77-57f2bf418edc} => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => Key deleted successfully.
"HKCR\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CF45C54F-801C-41B5-AC77-57F2BF418EDC} => value deleted successfully.
"HKCR\CLSID\{CF45C54F-801C-41B5-AC77-57F2BF418EDC}" => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => value deleted successfully.
"HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}" => Key not found.
"HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA" => Key deleted successfully.
C:\Program Files\DNA\plugins\npbtdna.dll => Moved successfully.
"HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17" => Key deleted successfully.
C:\Users\Eric\AppData\Local\Google\Chrome\Application\37.0.2062.103\gcswf32.dll not found.
C:\Windows\system32\Macromed\Flash\NPSWF32.dll not found.
C:\Users\Eric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
StarWindServiceAE => Service deleted successfully.
apf001 => Service deleted successfully.
EagleNT => Service deleted successfully.
ESEADriver2 => Service deleted successfully.
GMSIPCI => Service deleted successfully.
nmwcd => Service deleted successfully.
nmwcdc => Service deleted successfully.
nmwcdnsu => Service deleted successfully.
nmwcdnsuc => Service deleted successfully.
pccsmcfd => Service deleted successfully.
upperdev => Service deleted successfully.
UsbserFilt => Service deleted successfully.
C:\Users\Eric\AppData\Local\temp\update.exe => Moved successfully.

==== End of Fixlog ====

 

 

 Results of screen317's Security Check version 0.99.87  
 Windows 7  x86 (UAC is disabled!)  
 Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Java™ 6 Update 20  
 Java version out of Date!
  Adobe Flash Player     11.8.800.88 Flash Player out of Date!  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox (31.0)
 Google Chrome 36.0.1985.143  
 Google Chrome 37.0.2062.103  
````````Process Check: objlist.exe by Laurent````````  
 Alwil Software Avast5 AvastSvc.exe  
 Alwil Software Avast5 avastui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
 



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 10 September 2014 - 08:02 AM

Secure your system by updating 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Latest version is Java JRE 7u67.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882


If present remove the old version(s) of Java using the Add/Remove Programs applet.

Java 6 Update 20

===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
<<<>>>

Critical vulnerabilities have been identified in old version of Adobe Flash Player please get the latest version.

Flash test site:
http://www.adobe.com/software/flash/about/
Install the new version or if you have the latest close the windows.

Flash Player Help / Find version
http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html#main_Find_the_Flash_Player_version_installed_on_your_machine
===

For you added security install Windows 7 Service Pack 1 (SP1)
http://windows.microsoft.com/installwindows7sp1

===

How is the computer running now?

#7 phased1

phased1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 10 September 2014 - 06:22 PM

I updated my java and I updated my Adobe flash, but when I try to update my Adobe Reader I get this error http://i.imgur.com/9zDUUnr.png and I get the same exact error when I try to uninstall my old version of Adobe Reader with add/remove programs.

 

My computer is running good, but after I updated my Adobe Flash most videos I watch gets pixelated during the transition from regular screen to full screen and vise versa.


Edited by phased1, 10 September 2014 - 06:43 PM.


#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 11 September 2014 - 07:33 AM


Refer to this article.
https://forums.adobe.com/message/3026610

Execute the last fix suggested on this topic by:

Christine3 Jun 25, 2014 9:26 AM

#9 phased1

phased1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 11 September 2014 - 08:04 PM

I followed those steps exactly and I still get the same error.



#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 12 September 2014 - 07:27 AM



Empty flash cache.
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html
<<<>>>

Adobe Reader and Acrobat Cleaner Tool
Refer to this page:
http://labs.adobe.com/downloads/acrobatcleaner.html

When done restart the computer normally.

Install the latest version.

#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 17 September 2014 - 08:21 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 23 September 2014 - 08:39 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users