[marianne]

Each time AVG free does a scan it finds trojans, Loggers, and hijackers. Several hundred different versions and adware etc. Could I be infected or have a security vulnerablity. I have the latest version of AVG.

Marianne

[blues_harp28]

Avg should be stopping some of these while you are online.
Do you have it running in the background and is it regularly updated??

[stephencc]

AVG will put what it finds into the virus vault, keep it running in the background and let it update automatically. Sounds strange that every time you scan it finds so many, how often do you scan?

[pedroguy]

This is from the Grisoft Support site.
Don't know if it applies to you but thought I would post it up for info purposes.


1198:
Infection detected in "ActiveX Compatibility" registry key

An "ActiveX Compatibility" registry key is a result of the "Immunize" function included in some anti-spyware programs (e.g.: "Spybot search & destroy", "Spyware blaster",...)

The key contains the same registry entries as the actual threats, thus preventing them from working correctly. Some anti-spyware programs use this method to prevent launching of the malware. Unfortunately, these parts are still detected by AVG signatures and that is why AVG marks them as infected.

To assure protection provided by AVG against these threats, it is not possible to remove such signatures from AVG virus bases.
Because of this, "Immunize" function included in above mentioned softwares is NOT compatible with AVG products.
W

[marianne]

AVG is scheduled to run once a day at 6 am. I have done an extra scan just to see what would show up. It seems to have begun finding all that stuff after the new version of avg was intalled. I do have spybot s & d and have used the immunize funtion on regular basis.

How do I know if avg is running in the background. Anti virus, anti spyware, email scanner, license, link scanner, resident shield, and update manager are all check. Does that mean it's running in background.

Thanks,
Marianne

[pedroguy]

I think the answer is yes.That is the way mine runs and I believe that is the default.

On another note.We have friends who live in Magalia.Bill and Deb Enz.

Small world isn't it.

[stephencc]

AVG scanning and spybot should remove most threats, after your AVG scan is finished make sure you delete them if you would like, that way instead of quarantine (making the file where it can't run) it will actually delete it from your computer. Quarantine is simply an option to give you time to decide if you need the file or not.

[Byteman]

Hi, It's already been posted....but may not have been seen.

Please do not automatically Quarantine or delete anything AVG 8 finds....

If the files that the new version of AVG detected have been on the computer, and have been scanned with other programs that don't alert about anything, then I would say that these new alerts are false positives....

I've had the same thing happen on my computer, and I have used umpteen antispyware etc scans... with nothing found, only the new version 8 of AVG finds anything...but, I know the files are OK, so just click "Ignore" on them. It is annoying to say the least....

To help make sure that the files are NOT malware, you should scan the entire computer, all hard disks...

Kaspersky online full scan

• Please go HERE and click Free Online Scanner
• Read and Accept the Agreement
• You will be promted to install an ActiveX component from Kaspersky, Click Yes.
• If you see a Windows dialog asking if you want to install this software, click the Install button.
• The program will launch and then begin downloading the latest definition files,
• When the "Update progress" line changes to "Ready" and the "NEXT ->" button becomes available, please click on it.
• Click on the Scan Settings button, and in the next window select the Extended database, and click Ok.
• Under "Please select a target to scan:", click My Computer to start the scan.
• When the scan is finished, click the "Save as Text" button, and save the file as kavscan.txt to your Desktop, close the Kaspersky On-line Scanner window.
• Copy and Paste the contents of the on line scanner results into a Reply here in your thread, along with a new HJT log and log from any other scans you run.

You can post the results log and we can take a look.

[marianne]

I did the online scan with Kaspersky and it didn't find anything. That was about 2 weeks ago.

This morning I got a call from my bank with a fraud alert. I learned that someone had tried to charge $1000 from computer network.... The charge was denied as I didn't have that much in my account but today my husband's retirement had been deposited and there would have been enough had they done it this morning. Eeeeek!!! Thank God they tried yesterday. There were also 2 others made yesterday that were showing a pending and they were $1 from Yahoo Search Marketing and another pending for $100 from Adster.com. No idea about those 2, just that I didn't authorize any of them. My atm card was canceled so there should be no further problem for now. Someone used my atm card from another bank account a few months ago so my guess is my security settings are not good. I am running AVG free (newest version), spybot s&d, spyware doctor, and spyware blaster. I saved a screen shot of some potentially dangerous stuff from a few days ago. I've attached it. At this point I do a lot of online bill pay using my bank accounts. I would appreciate recommendations for really good security software which I am willing to pay for.

Thanks

Marianne

[marianne]

Woops! Forgot to attach snapshot.

Marianne

[Byteman]

Hi,

In order to help you, I'd need to be able to see the filenames and file locations-

If that list was from AVG 8 perhaps you can locate the file information in the Virus Vault or the Event History Log.

Since the Kaspersky online scan did not find anything, I am thinking these detected items, might be false positives.....AVG 8 is new, and detects differently than the last version did. Files you've had for years often are found now, "infected" but actually are not.

The only way to be sure is to scan with mulitple tools, and we have done at least one....

What program is your list from?

Kaspersky locates bad items in AVG's virus vault, and even in System Restore, so more than likely the items are false detections. I see some familiar ones in your list....KillAV, Killproc,

However, there certainly are some very nasty trojans shown, so I would like to investigate this to make sure.

[mrss]

First thiings first. Call the bank/brokerages and halt all online transactions by changing your login and password over the phone. Then don't do any online transactions til you get a known good PC.

Everyone has different opinons about how to get a known good PC. For a PC used for online banking, I do not bother with disnfecting programs. I nuke the hard drive, and reinstall everything.

[Byteman]

mrss

I appreciate your stopping by with advice, but no malware has been found by anything, other than the new version of AVG and the software has known false detection issues....a scan with Kaspersky has not shown any of these items. Kaspersky online scan detects a great deal of malware, not just trojans, virii....it's a tool we have found to be very efficient, and since it did not find anything I am leaning toward those items being false positives for now....

What I'm after is some confirmation of the files, locations, and what found them to be a problem.

marianne

It certainly cannot do any harm to change passwords and to ensure that your accounts are OK, I'll leave that up to you. From what you posted, it seems to me that you are fully aware of the bank account situtations and have checked and done some changes.

[marianne]

How do I get a copy of the file locations from the avg scan. Also, there is something wrong as my computer sometimes is too slow like something extra is running and taking up ram.

Marianne

[marianne]

Since I haven't figured out how to get files I've attached a snapshot of some, one of which is a logger and another a trojan. I will do more research after some more sleep.

Thanks,
Marianne