Virus blocking use of chrome + sound?

Hey all, first time poster here

I was browsing this website (www.fpsbanana.com) until AVG started shouting at me saying there was a virus, I immediately stopped and removed the viruses supposedly but they are obviously still around as its blocked me from using my default browser making it unusable with (Google Chrome) resorting to me using firefox therefore my internet is not the problem, whenever i open up Chrome i get a message saying ‘Windows application error 0xc0000135’. Another thing is that my computer keeps playin this sound (Soon to have a recording up) it sounds like like something banging on some metal, kind of hard to explain. I’ve scanned my computer with MalwareBytes, Microsoft essentials and AVG. Malware and AVG picked up viruses but failed to get rid of them, essentials didn’t find anything. I have searched around trying few things such as uninstall/reinstall but no luck.

Any help is appreciated! :slight_smile:

OS-Vista

Unfortunately this being the avast antivirus support forums, we won’t know much about AVG and I don’t use MSE either, so I can’t be much practical help. You don’t say what the file names, the locations or malware names of the detections were. No joy on the AVG forums I take it ?

However, having MSE which is also a resident AV solution that would make two resident AVs on your system, one too many. This can cause a conflict between both AVs and this can present itself on many ways.

Yes apologies for coming here being an AVG user, no luck on their forums and i’m slowly getting desperate hence coming here. Think my AVG days are over once i suss this out ::slight_smile:

AVG states that the files are ‘Trojan horse generic18’ files located in my temp folders, they’ve supposedly been moved to the virus vault healed but thats obviously not the case.

Filetypes:
Trojan Horse Generic18.acmf
Trojan Horse Generic18.xud

Lets see if we can convert you ;D

Download OTL to your Desktop

[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
[*]Check the box that says Scan All Users
[*]Under the Custom Scan box paste this in


netsvcs
drivers32 /all
%SYSTEMDRIVE%*.*
%systemroot%\system32*.wt
%systemroot%\system32*.ruy
%systemroot%\Fonts*.com
%systemroot%\Fonts*.dll
%systemroot%\Fonts*.ini
%systemroot%\Fonts*.ini2
%systemroot%\system32\spool\prtprocs\w32x86*.tmp
%systemroot%\system32\Spool\prtprocs\w32x86*.dll
%systemroot%\REPAIR*.bak1
%systemroot%\REPAIR*.ini
%systemroot%\system32*.jpg
%systemroot%*.scr
%systemroot%*._sy
%APPDATA%\Adobe\Update*.*
%ALLUSERSPROFILE%\Favorites*.*
%APPDATA%\Microsoft*.*
%PROGRAMFILES%*.dat
%APPDATA%\Update*.*
%systemroot%*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32*.dll /lockedfiles
%systemroot%\Tasks*.job /lockedfiles
%systemroot%\System32\config*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

[*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Attach both logs

Well generic detections have a higher risk of being a false positive and if removed could have an impact on your system. However, since they were in the Temp folders that shouldn’t have been an issue and as you say AVG was unable to get rid of them (though you also say they were sent to the virus vault), even less chance of it being an issue.

I would suggest you clear your temp folders if you haven’t already done so.

I think it could also be a partial clean of a virus that left registry or other remnants, but it is very hard to say.

Hopefully essexboy and OTL will be able to get to the bottom of the problem.

Here you go, hope it can do some help :slight_smile:

Hi Pastard,

Make that link in your post non-click-through with wXw. There is a hidden iFrame there pointing to:
htxp://www.tossads567.com/f/index.php

polonus

Yes i was doing some searching and apparently this virus is through java, this link might be of some help :slight_smile:
http://forums.steampowered.com/forums/showthread.php?t=1347821&highlight=fps+banana

I see you have both AVG and Avast on your system I would highly recommend that you remove one or the other

Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.

If you choose to install more than one Anti-Virus program on your computer, then only one of them should be active in memory at a time.

There are basically two types of these programs:
On-Access and On-Demand

On-Access Scanners
As the name implies, are scanners that run in the background all the time the PC is turned on and running. The main function of an On-Access scanner is to monitor activity on your machine.

On-Demand Scanners
As the name implies, are scanners that only run when you ask them to.
Such as:
Online Scans and scanners that run on your machine but are not actively scanning your machine

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-2303572473-919864812-644777677-1000\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKU\S-1-5-21-2303572473-919864812-644777677-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O33 - MountPoints2\{5c6a202b-ff92-11de-8136-00221514b975}\Shell\AutoRun\command - "" = E:\pccompanion\Startme.exe -- File not found
O33 - MountPoints2\{5c6a202b-ff92-11de-8136-00221514b975}\Shell\menu1\command - "" = E:\pccompanion\Startme.exe -- File not found
O36 - AppCertDlls: ie4uvr32 - (C:\Windows\system32\dvdplace.dll) - C:\Windows\System32\dvdplace.dll ()
[2010/07/11 12:40:06 | 000,046,592 | -H-- | M] () -- C:\Windows\System32\dvdplace.dll
[2010/03/26 18:38:57 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll


:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Please download Malwarebytes’ Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

[*]Make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
[*]If an update is found, it will download and install the latest version.
[*]Once the program has loaded, select “Perform Quick Scan”, then click Scan.
[*]The scan may take some time to finish,so please be patient.
[*]When the scan is complete, click OK, then Show Results to view the results.
[*]Make sure that everything is checked, and click Remove Selected.
[]When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
[
]The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
[*]Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Apologies for the wait. Hopefully thats the right OTL file.
Also there was no detection with MBAM :slight_smile:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4303

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

11/07/2010 19:40:47
mbam-log-2010-07-11 (19-40-47).txt

Scan type: Quick scan
Objects scanned: 128031
Time elapsed: 6 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

EDIT:Just fired up Chrome and it works perfectly, looks like that did it, thank you so much for your time and the quick replies, think i’ve found my new Anti Virus software.
Have a good day! ;D ;D ;D

Glad that it has worked out for you.

As an ex AVG user who skipped to avast just over 6 years ago and I haven’t looked back. One thing often forgotten when looking for an AV is support ;D

I think you will really like avast5 ;D
Make sure you fully remove AVG as essexboy advises - Ensure that all remnants of AVG are gone - AVG8.x (or higher) Remover, download tool from here, http://www.avg.com/download-tools there is a 32bit and 64 bit windows version, ensure you use the correct one.

I would also advise disabling the Resident element of MSE or removing it completely with avast and MBAM that should be good and you will most likely find your system more responsive.