Malware - Virus, Trojan, Spyware, Adware, etc.

[achtung5]

i was downloading some stuff (bad move), and i got a virus on my computer. its a trojan, and i'd love to know how to get rid of it, because until then i have to deal with excessive amounts of pop-ups.

thanks!

i'm usually the one that helps friends with computer related issues, but here i have done everything i know how to do and it's still there.

[Daitezen]

Obvious answer is anti-virus software. I always recommend AVG, its free and its really good.

Beyond that, see if you can find the name of the trojan application, in your running programs list, then search google for that particular virus, as there are often tiny bits of software (by nortons etc) that remove just one individual one, without needing any more software.

[anonsi]

It won't really help with a virus...But I also make sure to clear the cookies, since some cookies trigger popups.

[Sir Francis]

Z swears by nod32.. which you can download for one month free and it won't hog your hard drive of space like Norton    He suggests it to all of his computer repair customers.

(note, I am not a computer geek, just married to one)

[Zaranthos]

Keep your computer safe or waste valuable time and money fixing it later.

I use AVG free sometimes just to see if it will find something. The problem with the free version is it doesn't include malware detection which these days makes it almost useless. I prefer NOD32 because it's the fastest I've used and still has very high detection rates. What all anti-virus tests I've ever seen fail to test is the softwares ability to detect and stop malware under heavy system load. Norton has high detection rates, which I find remarkable considering it's complete inability to remove much of the malware it detects, but is so bloated and slow that any added load causes it to fail at preventing infestations. I've fixed more computers that were completely taken over by malware that had Norton on them than I can count. The other reason I like NOD32 is that it doesn't use the Windows installer (unless the new version does but I don't think so) to install. Many infected systems don't work properly and won't even install products like Norton. Not that you'd want to wait the 45 minutes it takes to install Norton on a slower computer anyway (yuck).

So, based on my above comments you have to take charts with a grain of salt. I find that in the real world no anti-virus program is perfect and once you're infected you may need to use more than one product to remove the infestation(s) if you can't do it manually yourself.

http://www.av-comparatives.org/
The charts there give you some idea of how products perform in the lab.

[achtung5]

thanks guys! downloading nod32 right now

[Black_Cat]

I like AVG for anti-virus.

I like SpyBot S&D for malware.

[Zaranthos]

I used to like Ad-Aware but it seems to be going downhill fast. It doesn't detect things as well as it used to.

For free spyware removal:
Spybot Search & Destroy - http://www.safer-networking.org/en/index.html
Superantispyware - http://www.superantispyware.com/

I've never been a big fan of AVG's free anti-virus and it seems to be even worse lately.

Free anti-virus:
Avira - http://www.avira.com/
Avast - http://www.avast.com/

I still like Eset Nod32 anti-virus because it's lightweight and pretty effective. Not quite free other than the 30 day trial version though.

[Club Sealer]

Eset is a Slovak company too

Z, got any rough ideas on how to get rid of the Vundo/Virtumonde trojan? I managed it myself last time but my friends computer is infested with it pretty badly. I know I downloaded some specific-purpose fixes for it and one of them worked, but can't remember now..

Thanks if you find the time!

[Zaranthos]

Spybot Search & Destroy removes it. Might require booting in Safe Mode a few times because that one is pretty stubborn. Pretty sure Nod32 kills it when it tries to re-infect on startup also as long as Nod32 manages to start first.

[Thunder Pants]

Eset is a Slovak company too

Z, got any rough ideas on how to get rid of the Vundo/Virtumonde trojan? I managed it myself last time but my friends computer is infested with it pretty badly. I know I downloaded some specific-purpose fixes for it and one of them worked, but can't remember now..

Thanks if you find the time!

The Vundo-specific one you're thinking of is most likely VundoFix from Atribune, at http://vundofix.atribune.org/. I've used that one myself, but it takes a long time to run a scan and multiple reboots to rid your system of the trojans it finds. Though it has been a while since I've used it and they've clearly updated at least its UI.

I've recently come to like SUPERAntiSpyware's freeware version too, finding it both quick and effective.

[Gluemeon]

Having recently recovered from a very bad Vundo infection myself (must've been a new strain as commercial anti-virus, VundoFix, anti-spyware etc. were all ineffective), I finally found my salvation in HijackThis (http://www.majorgeeks.com/download3155.html) and ComboFix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix).

However, I cannot stress enough that ComboFix, whilst incredibly powerful, is also a highly dangerous and I have read many accounts of irrevocable computer damage resulting from its use. So, best to consult the experts on their own forums before using it. (I didn't, and got away okay, but you might not)

Hope that helps.

[Zaranthos]

ComboFix is brutal at force restoring a lot of settings. It works when other things fail but it can destroy things at the same time.

I recently got a virus I couldn't seem to get rid of. Win32.Virut.V was what one AV program said it was. It infected Avast. It infected all my anti-spyware programs and most everything else. It infected Avira every time I tried to install that so it wouldn't install. Avast and a few other anti-virus programs wouldn't even detect it when I scanned the hard drive from another computer. I finally found an anti-virus program (G Data) that detected and removed it but it refused to clean the files and would only delete them at any reasonable speed. So I was forced to nuke the thing and reload Windows and all my software. No idea for sure what it did or what type of variant it could have been but I don't take chances with stuff like that. I won't check my email, log into KoL, or anything if I think my computer is infected.

Now that my computer is back up and running I did some more research on the virus. This is supposed to clean it. http://www.freedrweb.com/cureit/
Anyone ever used that?

I'm a little disgusted that so many anti-virus programs failed to even detect it. Avast detected the infection of it's own executable files and tried (failed) to repair them by prompting for multiple reboots. Windows XP's data execution prevention tried to prevent some of it but quickly became infected itself so that stopped working.

BitTorrent is nice for some stuff but lately it's been getting like LimeWire has been for a long time. A virus infested playground.

[Shiverwarp]

Try some private trackers instead of the public ones.

[Eurytus]

Oh yeah, I got a nasty Trojan (that's still got a piece of it stuck in the nether regions of my system restore) from a torrent. The nastiest part of it was that whenever I removed one piece of it, it replaced it. And it would download MORE trojans from the internet to infect me.

I had to get a specialist program and boot up in safe mode several times. Really irritating, that. Not nearly as bad as the infections on four computers someone I know hired me and my dad to clean up (including but not limited to several trojans, two or three worms, and a spam server) but still bad.