UKC

My computer has become infected by something called TrojanDownloader:Win32/Rottenu.A which tries to download various unwanted programs to my computer. Twice it has downloaded about 10 programmes which I've had to uninstall and the odd 1 or 2 have got through at other times.
Periodically Windows Defender bleeps telling me it has protected my computer and the Trojan has appeared in the virus vault. I've run several full scans and every time the virus has appeared in the virus vault, sometimes several times but oddly at the end of the scan it tells me no infection was found. The virus vault tells me the risk of this virus is severe and recommends removal, which I do, but it keeps reappearing.
I've downloaded and run Windows Safety Scanner (as recommended by the Microsoft website) which tells me there is no infection but there is, I'm having to post this from my wife's work iPad as when I try to do it on my desktop the page becomes totally cluttered with ad banners which if I try to get rid of them, start multiplying.
How do I get rid of this? Thanks.

In reply to pec:

What anti-Virus software are you using?

In reply to krikoman:
Sorry, I'm using the built in Windows Defender that comes with Windows 8.1. I did ask on here before I bought the computer only a few months ago and most replies said it was fine.

In reply to pec:

Download and run one of the free malware programs, eg https://www.malwarebytes.org/lp/sem/5/?gclid=CO-hsZK_7MUCFQkIwwodUQ0Apg

That should help

Davey

In reply to pec:

Install malware bytes, boot PC into safe mode, press f8 lots as windows starts in anything pre windows 8, then run n it a few times. Can also run eset on line scanner. Once running mbam of you got any more issues post up and will see what I can suggest.

In reply to fire_munki:

I've already downloaded and run malware bytes, it found lots of stuff including things with names of some of the programmes that had downloaded themselves but it hasn't got rid of the TrojanDowloader. Defender has found it again (but won't get rid of it) and I'm still getting webpages becoming unreadable because of the number of pop ups etc.
I've had some trouble getting into safe mode, just pressing f8 lots doesn't do anything, some googling (on the iPad which still works) suggests it's not so easy with windows 8. I think I'm in it now so I'll run malware bytes again and report back. Should I run it whilst online or offline or doesn't it make any difference?
What's eset online scanner?
Thanks.

In reply to pec:

Windows 8 is a bit more of a pain. From the home page type run and open the run window. Type msconfig and press enter, in the boot tab there should be a couple options including safe mode. Hit apply and reboot then run mbam. Then rerun msconfig to chose normal boot.

Eset is a free virus/malware scanner.

In reply to pec:

The best and least time intensive way to disinfect your computer is to do a factory restore. It may be the nuclear option but it is guaranteed to remove all nasties.

Or you could try malware bytes root kit detector.
https://www.malwarebytes.org/antirootkit/

In reply to pec:

AVG anti virus I've found works well.

Try some on-line fixes F-Secure used to have good on-line tools as did Kaspersky.

In reply to pec:

If you do go down the route of the nuclear option by a factory restore or wiping your hard drive and reinstalling windows, then may I suggest you research how to clone, make snapshot or mirror image of your operating system?

Once you have your operating system squeaky clean from viruses and malware, you can make an exact copy of it to be stored on another hard drive, either in your computer or on an external hard drive. The next time you get a nasty virus, Trojan or your computer slows to a crawl because some installed software buggered things up, you can then delete your operating system and replace it with the exact copy you made some time ago. All this will take about the same length of time to make a coffee and drink it. All you would then have to do is look for any available updates for your operating system.

Think of this as the ultimate factory restore or system restore.

In reply to pec:

I would advise a visit to the Sophos website.

They supply downloadable tools to rid malware, viruses , rootkits etc.

I have been a Sophos user for years now and not once has it let me down.

In reply to pec:

Have you tried running these scans with the computer in safe mode?

In reply to gethin_allen:

It may be a good idea to disable or turn off system restore while disinfecting your computer as well. This makes it harder for the malware to get back onto your computer when you turn it on again.

In reply to pec:

Thanks to all for the help. I think I may have got rid of the TrojanDownloader thing but I'm not sure. Its stopped being found by Windows Defender, which kept finding it repeatedly before but seemed unable to get rid of it and my computer hasn't downloaded any unwanted programmes for a while. Malware bytes found lots of things the first couple of times but isn't finding anything now.
On the other hand, when I use Firefox (my normal browser) the pages are still being invaded by adverts and new tabs open themselves when they shouldn't. The advert banners all say "ads by name" or "ads by key" in the bottom corner and random words in the text (not the ads) are in blue capitals with a green logo above them which I think are links to more ads for products connected to this word. Presumably this is a result of some sort of infection if not the original Trojan itself?
Oddly non of this happens when I use Internet Explorer, just Firefox. I'll have to try something other than defender or Malwarebytes when I get time and see how I get on.
Thanks again.

In reply to pec:

Check for unwanted addons in firefox. Go to the menu button, then add-ons, and look for anything that's out of place. If you aren't sure about something, googleing it's name will probably set out on the right track.

In reply to pec:
Thanks to everyone for your help. I think I've finally got rid of everything with multiple scans in safe mode using Windows Defender, Malwarebytes and adwcleaner. It was a persistent bugger to get rid of but on the plus side I know a bit more about the hidden recesses of computers now.