Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Resolved Question

Can someone help me please?

Feb 22, 2015 4:49AM PST

I may have a virus, or some type of malware or something.. Because I keep getting PPP ups saying I have a virus, then saying I have adware and malware, and it's being slower than usual. If someone can help, I'd greatly appreciate it.

I'm on a laptop, running windows 7 and ie11.

Thanks!
Michele

Discussion is locked

Michele_Angelina has chosen the best answer to their question. View answer

Best Answer

- Collapse -
run scans
Feb 22, 2015 5:00AM PST

what antivirus software do you have installed? you need to run your antivirus and a companion utility such as malwarebytes. If you ran your antivirus, then try housecall. it will do the scan from online and hopefully take care of it.

http://www.malwarebytes.org/
http://housecall.trendmicro.com/

- Collapse -
I did both.. and nothing..
Feb 22, 2015 6:53AM PST

I just did the ESET online scanner and it found 16 threats.. this is what it showed me at the end of the scan: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\5737f1b5-4fb04302 a variant of Java/Exploit.CVE-2013-0422.DI trojan
C:\Program Files (x86)\2e98fea2-c228-4322-833d-e61493ac6816\0e42d4a0-eb88-44f9-b096-46c5a1af338e.dll a variant of Win32/Toolbar.CrossRider.BM potentially unwanted application deleted - quarantined
C:\Program Files (x86)\2e98fea2-c228-4322-833d-e61493ac6816\2e98fea2-c228-4322-833d-e61493ac6816.dll a variant of Win32/Toolbar.CrossRider.BM potentially unwanted application deleted - quarantined
C:\Program Files (x86)\BeestSavveFuorYOOu\7JedJ6Yjbm9srr.dll a variant of Win32/Adware.MultiPlug.EG application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\BeestSavveFuorYOOu\7JedJ6Yjbm9srr.x64.dll a variant of Win64/Adware.MultiPlug.F application cleaned by deleting - quarantined
C:\Program Files (x86)\File Type Helper\FileTypeHelper.exe MSIL/FileTypeHelper.A potentially unwanted application deleted - quarantined
C:\Program Files (x86)\File Type Helper\FileTypeHelper_assoc.exe MSIL/FileTypeHelper.A potentially unwanted application deleted - quarantined
C:\Program Files (x86)\GrreaTSaVe4U\Zh0TSeOHEzGyyq.dll a variant of Win32/Adware.MultiPlug.EG application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\GrreaTSaVe4U\Zh0TSeOHEzGyyq.x64.dll a variant of Win64/Adware.MultiPlug.F application cleaned by deleting - quarantined
C:\ProgramData\InstallMate\{333C40C6-3203-44C3-A628-7A21E8DF6230}\Custom.dll Win32/InstalleRex.M potentially unwanted application deleted - quarantined
C:\ProgramData\{82a56f09-3d8b-dc10-82a5-56f093d8bc24}\Jason Derulo - Talk Dirty (feat. 2 Chainz).mp3.exe a variant of Win32/Adware.MultiPlug.ED application cleaned by deleting - quarantined
C:\Temp\asc-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
C:\Users\Michele\AppData\Roaming\MAIFVTY JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined
C:\Users\Michele\AppData\Roaming\XUYE JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined
C:\Windows\AppPatch\AppPatch64\VCLdr64.dll a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\5737f1b5-4fb04302 a variant of Java/Exploit.CVE-2013-0422.DI trojan cleaned by deleting - quarantined


And it still doing what I said in the 1st post.. still pop ups.. saying theres a virus/spyware/malware etc.. I dont understand what else am I suppose to do?

- Collapse -
Hi Michele,
Feb 22, 2015 6:58AM PST

Google how to RESET your browsers and do that.
Dafydd.

- Collapse -
That may have worked..
Feb 22, 2015 7:13AM PST

So far no pop ups. Let me go to a few sites, and see what happens. Thanks in advance, really Happy

- Collapse -
I think it worked...
Feb 22, 2015 7:17AM PST

If it ends up doing the same thing, I'll let you know. But, so far its working Grin Thank you so much for your help! I appreciate it.

Since the pop ups were saying its a virus or malware.. was it really that? or what was it exactly?

- Collapse -
Great news!
Feb 22, 2015 7:32AM PST

Glad it helped. Likely not a virus just a bit of malware. Be careful to read stuff when you download
even from "reputable" sites.
Dafydd.

- Collapse -
You are awsome!
Feb 22, 2015 7:43AM PST

Thank you again Happy

Michele

- Collapse -
I should say...
Feb 22, 2015 8:01AM PST

that renegade600's suggestion was right. That removed the malware but what was left was in your browsers hence the reset. So props to him as well.
All the best,
Dafydd.

- Collapse -
What removed the malware?
Feb 22, 2015 8:21AM PST

??

- Collapse -
Sorry.
Feb 22, 2015 8:24AM PST

The housecall link and malwarebytes by renegade600. You did run those?
Dafydd.

- Collapse -
Bad explanation by me.
Feb 22, 2015 8:32AM PST

The two scans you ran removed the bad guys from your pc. But it left behind the addons in your browsers. Resetting your browsers finished the job.
Hope that's clear.
Dafydd.

- Collapse -
Oh...
Feb 22, 2015 8:57AM PST

Yeah the malwarebytes, I already had on my computer. I did that like 2 days ago myself. The housecall I did, but it didnt detect anything. Thanks to the both of you anyway Happy I appreciate it very much so Happy

- Collapse -
Mbam is great.
Feb 22, 2015 9:02AM PST

Probably took the bad stuff out. But some things can only be truly gone via a browser reset.
Dafydd.

- Collapse -
Answer
Have you run any scans?
Feb 22, 2015 4:52AM PST

Dafydd.

- Collapse -
Yes... a couple...
Feb 22, 2015 5:01AM PST

I ran a couple, and nothing. Now Im running ESET online scanner, and so far its detected 14 things.

- Collapse -
also try system restore
Feb 22, 2015 5:05AM PST

forgot to mention in my other post. if the scanning does not help, you can also try doing a system restore to a date prior to when you started having malware issues.