I'm 90% sure I have a virus/malware or something. Need Help

iNizie

Estimable
Mar 16, 2014
4
0
4,510
0
So, my computer has been running slow lately so I ran my normal Malware-bytes scan and It came up with 2 "PUP.Optional.CrossRider" When I clicked "Remove Selected" it restarts my computer and the "PUP.Optional.CrossRider" comes back when I rescan.

To go along with this, when using Google Chrome I get this enhanced search results that, when I accidentally click on them, sends me to some sketchy looking sites.

Today, when I first started my PC and went to the normal websites I go to when I get on my computer, every time I middle mouse clicked or right clicked, it would load a random site. This is the first time it has done this since my PC started running slow.

I've never had to deal with a virus before so I don't really know what to do. Can someone help? Thanks in advance.
 

Jugeum

Commendable
Apr 26, 2016
36
0
1,610
9
First, I would recommend running a boot-type scan for viruses, then boot in safe mode and run malwarebytes. I would also recommend getting CCleaner and clean everything up, both cleaner and registry (be warned, this will delete your passwords you have saved on all internet browsers). Your next step is to check your installed programs (delete anything new there that you didn't install, and go ahead and delete crap you don't use because you should do that periodically anyways) and your startup items (msconfig in 7 or 8, task manager and hit the more details button for 10). Open all browsers except IE or the new 10 version of IE and remove all added toolbars, reset your home page to google or whatever you set it to (just gonna suggest www.google.com for home page) and install the addon adblock plus. Take all shortcuts to IE and the new 10 IE off of your toolbar, desktop, and anyplace else you may click on it (just in case someone else uses your computer because never touch those)
Restart your computer. If you still have the same issue, at this point it would need to be a reinstall of your OS.
 

iNizie

Estimable
Mar 16, 2014
4
0
4,510
0


Thanks I'll have to try it.
When I did what the other guy suggested I do I got the threat in Malwarebytes to go away. (I ran MB in safe mode, did CCleaner, and then did MB again and it didn't have any threats.) My computer hasn't been freezing up anymore however, sometimes when I click on links it sends me to random web pages that are sketchy (I exit out immediately)<---- Last thing I need to fix
 

iNizie

Estimable
Mar 16, 2014
4
0
4,510
0


So, I must be doing something wrong. I booted to safemode w/Networking, did a full scan with Malware bytes (it came up with two threats, both being "PUP.optional.Crossfire" I clicked to remove them and then, since ComboFix doesn't work on Win10, I just went and downloaded Avast Anti-Virus and restarted by computer. I did another malware bytes scan (also in safemode w/Networking) and the two "PUP.optional.Crossfire" are back.

Another thing is that when I try to do a scan via Avast, I get "Unable to start scan. There are no endpoints available from the mapper"
 

aford10

Distinguished
Moderator
Did you restart after malwarebytes found those 2 and you told it to remove them? Sometimes it needs to reboot to finish removing the threat.

PUP stands for potentially unwanted program. Does the crossfire application show up in the control panel-->programs list? If so, just download revo uninstaller and uninstall it. Using the default medium settings, it will scan for fragments left behind after removal.

As for the Avast error, go into the control panel-->programs list and repair the Avast install.
 

iNizie

Estimable
Mar 16, 2014
4
0
4,510
0

Yes, I restarted


No, it doesn't show up.


Fixed it, thanks

EDIT-- I finished a boot-time scan via AVAST and it came up with a virus in my downloads. It said it moved it to a chest or something. However I still get the problem of random websites popping up when I click in places on google chrome. Is this a browser hijack or something? And do you have a reliable place to download something to fix this (the CWShredder link in your "Simple and free Guide to Removing Malware" has a 404 error?