h2g2 The Hitchhiker's Guide to the Galaxy: Earth Edition

I should specify my request for help: I do not seek guidance in creating a virus, but in determining what is going on on my computer.

I use Firefox, and sometimes Safari, to access the net. IE7 (I think) is also installed, but I do not use that.

My virus protection is AVG Anti-Virus Free (8.0.175), which updates everyday and runs a full scan almost every day - in fact, it is running a scan right now.

Since yesterday or so, I keep getting thread alerts about Trojans that might be on my computer. Anytime such a message comes up, I click "heal" or, if that fails, "remove" or whatever sounds most promising to get rid of it.

But also since yesterday or so, every now and then a IE window opens up to display ads or whatnot - I close them without looking at them. This happens regardless of what program is running, or if any program is running, at all.

How do I stop theses windows from popping up? Have they got to do with the Trojan threads? How do I know whether these have truly been removed? And finally, how can I feel more secure?

Thanks for helping,

Y.

Traveller in Times from behind a wall
"If a virus scanner does not manage to do the job you should boot from a non infected source and make a virus scanner run from there.

Popups from IE can be switched off using the internet options from the control panel. "

AVG does seem to be behaving very badly of recent. Doesn;t seem to detect stuff as well either. Try another AV kit (ensure AVG turned off first) and see if that fixes it.

There's also been problems with false positives with AVG so run another update just to be sure.

I got p'd off with AVG in the end as it was flagging all sorts of things up as a problem that weren't - often just tracking cookies. I tried PCTools anti virus but there's plenty to choose from (just make sure it is a real one and not a dodgy one that actually infects your computer!).

If still having a problem then ensure all your AVs have up to date definitions. Close all browsers and net connections. Do a disk clean up to remove temporary files (maybe go back into your browser and delete cookies etc first).

Then reboot in safe mode and run the scanner on a full system scan.
AVG actually has a special 'safe mode' mode for such a task. Anything it picks up get rid of.

Then reboot as normal and see how things are. If using multiple scanners do each of themin turn.

and lastly, don;t forget if you have got multiple AV scanners then running them at the same time can cause conflicts.

You should grab a few extra free anti-virus and anti-spyware tools . Don't have them running in the background all the time, just run the full system scans one after another in safe mode. Sometimes one will find a virus that others will miss. The trouble with viruses is that the first thing they usually do is install other viruses, so you have to get them all in one go.

When you do the scans, the best option is to boot from another operating system as TiT says. Many people download and burn a Linux live CD for this reason - you can even find some Linux installs which come configured just to clean up viruses. Alternatively, if you have a spare hard-drive or partition, you could put a separate Windows on there temporarily.

Another thing which is perhaps slightly easier, but not as good, is to press F8 as Windows starts loading, then go into safe mode. This makes viruses less likely to be able to grow back, as it were.

I'm not an expert but personally waht I'd do is...
1. downloadAVG, spibott, Addaware, Avast antivirus, and C-cleaner (or not if you already have these, as you do for AVG), personally I've found AVG less than useless of late and it almost acts in a viral way itself sometimes; as yet I've not but am about to change over to Avast antivirus as I've heard a few good thigns about it..
2. Update them all.
3. In IE, firefox and wahtever other browsers you have, empty temp internet files, delete cookies, delete all offline content etc, empty recycle bin.
4. Run C-cleaner, although you've already deleted all the internet offline stuf this has a few other options and jsut tends to do it better, but I always tend to do both as it doesn't exactly take long.
5. then run all the antivirus/antispiware/malware stuff, one each at a time, not really sure what would be the best order to do this in, after having run them all once I'd go back and run them again just to make sure ifs got everything...
6. if that hasn't worked, then I guess what others said about doing it in safe mode/another opperating system etc.
7. if that seems to have worked, run C-cleaner again, then run disk defragmenter and then scandisk whilst the system is hopefully clean of the malware