It hasnt been running particularly badly.
The main reason for the scan was Clamwins memory scan reported something while I was running Chrome
C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll: W32.Virut.Gen.D-148 FOUND
It hasnt been running particularly badly.
The main reason for the scan was Clamwins memory scan reported something while I was running Chrome
C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll: W32.Virut.Gen.D-148 FOUND
Hello matthewjumpsoffbuilding,
Possibly a false positive, however it might be best for someone to take a look at the system. Please see the Malware Removal Forum sticky which includes guidelines and instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.
http://forums.spybot.info/showthread.php?t=288
Then start a new topic in that forum providing the logs so a volunteer analyst can guide you, also provide a link back to this thread please.
Best regards.
Last edited by tashi; 2014-10-06 at 22:52. Reason: clarify
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016
I will check that out, thanks.
Some more info.
I browsed to the location and found there were 2 versions of Chrome, C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124, and C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120.
I scanned chrome.dll in 37.0.2062.120 with Clamwin, Windows Security Essentials, MalwareBytes AntiMalware, and they all returned clean.
I scanned chrome.dll in 37.0.2062.124 with the same tools, and all but Clamwin returned clean.
I then uninstalled Chrome completely, and reinstalled it fresh and rescanned chrome.dll in the 37.0.2062.124 folder (now the only folder in there), and Clamwin still reported the same virus.
Does that make it more likely a false postive?
Hi matthewjumpsoffbuilding,
Could be but Virut is nasty.
I see you reported it at the Clamwin forums: http://forums.clamwin.com/search.php...psoffbuildings
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016
I downloaded Farbar and scanned it with Clamwin, and got
"C:\Users\Matt\Desktop\FRST64.exe: Win.Trojan.Expone FOUND"
I uninstalled Chrome and installed the 64 bit version, in offline mode. Now Clamwin isnt reporting anything?
Hello matthewjumpsoffbuilding,
Clamwin would need to help you with any questions regarding their software at their site.
You could either wait for Clamwin to respond to your topic over there or do as I suggested here in post #4 above.
"Please see the Malware Removal Forum sticky which includes guidelines and instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.
http://forums.spybot.info/showthread.php?t=288
Then start a new topic in that forum providing the logs so a volunteer analyst can guide you, also provide a link back to this thread please."
Best regards.
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016