My computer is canoe| Off-Topic Discussion forum |

trigun7469 Reader
10/29/13 6:44 p.m.

I am not sure what to do,I believe when my wife used my computer to download Picasa she some how downloaded a virus or spyware. My anti Virus is Avira and I used Malewaybyets to find the spyware. My computer is running slow and when try log-in to sites, I automatically pull up this website http://www.comparetheinsurance.com/cars.html

I use firefox, which I reinstalled, but I am still having the same problem. This problem does not occur with Internet explorer. Any idea on my next step? I did notic that spigot program were downloaded on my computer which I quickly deleted as it was spyware and I haven't noticed any other programs that are spyware installed.

SyntheticBlinkerFluid PowerDork
10/29/13 8:00 p.m.

Download Spybot Search and Destroy and install it, run it.

I've had luck with that in the past.

Brett_Murphy GRM+ Memberand UltraDork
10/29/13 8:42 p.m.

Download Combo fix, boot into safe mode and run it.

http://www.bleepingcomputer.com/download/combofix/

DoctorBlade UltraDork
10/29/13 8:49 p.m.

I've got SuperAntiSpyware I run occasionally. That works well.

There's always CrapCleaner :)

t25torx Reader
10/29/13 9:20 p.m.

Brett_Murphy wrote: Download Combo fix, boot into safe mode and run it. http://www.bleepingcomputer.com/download/combofix/

QTFT. Combofix is what i use at work when i don't want to run Spybot 30 times in a row. /thread

Grtechguy UltimaDork
10/30/13 6:20 a.m.

Brett_Murphy wrote: Download Combo fix, boot into safe mode and run it. http://www.bleepingcomputer.com/download/combofix/

IT Guy here. +abazillian

GameboyRMH GRM+ Memberand MegaDork
10/30/13 8:11 a.m.

Grtechguy wrote:
Brett_Murphy wrote: Download Combo fix, boot into safe mode and run it. http://www.bleepingcomputer.com/download/combofix/
IT Guy here. +abazillian

+more from another IT guy. This is kind of a shotgun approach but one of these anti-malware apps should pick up what you've got.

neon4891 UltimaDork
10/30/13 9:15 a.m.

Switch to chrome?

Edit* 100% Sarcasm

GameboyRMH GRM+ Memberand MegaDork
10/30/13 9:35 a.m.

neon4891 wrote: Switch to chrome?

That would work as a real quick fix to let him access those login pages, since I'm pretty sure the remaining infection is in the Firefox instance, but there's malware for Chrome too.

stroker Dork
10/31/13 3:27 p.m.

I tried downloading Combofix. I tried to install it but it wouldn't complete unpacking. I think that my computer is infected with something posing as ClamWin. This may be bad if it's blocking me from installing new antivirus software.... Any suggestions?

Brett_Murphy GRM+ Memberand UltraDork
10/31/13 4:17 p.m.

Did you try booting into safe mode and installing it there?

What version of Windows do you have?

stroker Dork
11/1/13 3:24 p.m.

XP

I was able to (finally) get into safe mode and install/run Combofix. It made an enormous difference in the performance but I lost hundreds of reference bookmarks in the process.

One thing--I can't get the computer to shut off using the "Start" menu. I have to hold the button down...

paranoid_android74 HalfDork
11/1/13 3:27 p.m.

Grtechguy wrote:
Brett_Murphy wrote: Download Combo fix, boot into safe mode and run it. http://www.bleepingcomputer.com/download/combofix/
IT Guy here. +abazillian

There you go!

I ended up switching to Linux and LOVED it. Unfortunately that computer croaked finally.

trigun7469 Reader
11/2/13 7:06 p.m.

I tried combo fix, in safe mode and then I ran malwarebytes and it picked up some as well. In any case it seems to be clean.

Brett_Murphy GRM+ Memberand UltraDork
11/3/13 1:03 a.m.

Not sure on the Start button issue, Stroker. Did you run a repair on the install?

Trigun: glad to hear it.

jmthunderbirdturbo Reader
11/3/13 5:01 a.m.

CCleaner will fix your start/shutdown issue.

-J0N

stroker Dork
11/3/13 11:59 a.m.

jmthunderbirdturbo wrote: CCleaner will fix your start/shutdown issue. -J0N

I downloaded CCleaner. What is all this other crap I got, too???

And furthermore, why won't my Control Panel open, now?

jmthunderbirdturbo Reader
11/3/13 8:01 p.m.

Oh dear, did you DL it from the Piriform server or elsewhere?

stroker Dork
11/3/13 10:53 p.m.

jmthunderbirdturbo wrote: Oh dear, did you DL it from the Piriform server or elsewhere?

Apparently not. What is RegCleanPro and how do I nuke it?

jmthunderbirdturbo Reader
11/4/13 4:43 a.m.

malewarebytes SHOULD get it. if not, and you have never used Hitman Pro before (only get one 30 day trial), that works wonders too. crap man i was tryin to help, sorry.

-J0N

Kenny_McCormic UltraDork
11/4/13 6:15 a.m.

This is whats called a redirect virus, usually they get in there deep/embedded enough that the typical antivirus software will say its gone, but it will come back. At which point you've gotta correctly ID it and remove manually or with a specialized program.

dean1484 GRM+ Memberand PowerDork
11/4/13 7:06 a.m.

All the "fix's" noted above are good advise.

I don't have anything else to add except that when ever I turn my computer on it seems to end up at GRM.. . . . There is a virus at work here but I don't think it is in the computer. .. .

dean1484 GRM+ Memberand PowerDork
11/4/13 7:07 a.m.

Ohya and posting the link that it is being re directed to can / will just spread the problem to others.

stroker Dork
11/4/13 8:50 a.m.

Well, the big problem I've got right now is that I can't bring up the Control Panel. I click on it and nothing happens. I'm beginning to think I'm going to have to try and save my critical documents then reinstall the operating system...

stroker Dork
11/11/13 8:11 p.m.

I run Avast and get a message after the scan that my applications and data have a virus:

Java:malware-gen [trj]

any ideas?