Damnable Trojans
November 5, 2008 10:44 AM Subscribe
Do I have a computer virus? How can I get rid of it?
I have a PC, running XP SP2 with Avast! and Windows firewall. I was downloading an album and I got a bunch of notices saying that Avast had identified a Win.32.Trojan or something to that effect, which is apparently just Avast's generic name for a virus.
When this has happened in the past, it's said, "Don't panic--just click here to delete it or move it to the safe chest." But this time, I tried to do these things, and Avast said it wasn't able to perform those actions.
I deleted the offending album right away. Then I rebooted the computer and did an Avast virus scan. It didn't up any viruses. However, a few days later, the computer is acting pretty slow.
How can I find out if there's a virus--preferably without buying any software--and how can I eliminate the little bastard?
I have a PC, running XP SP2 with Avast! and Windows firewall. I was downloading an album and I got a bunch of notices saying that Avast had identified a Win.32.Trojan or something to that effect, which is apparently just Avast's generic name for a virus.
When this has happened in the past, it's said, "Don't panic--just click here to delete it or move it to the safe chest." But this time, I tried to do these things, and Avast said it wasn't able to perform those actions.
I deleted the offending album right away. Then I rebooted the computer and did an Avast virus scan. It didn't up any viruses. However, a few days later, the computer is acting pretty slow.
How can I find out if there's a virus--preferably without buying any software--and how can I eliminate the little bastard?
Seconding Inspector.Gadget's comments -- but it is likely you are completely fine, and you are being hypersensitive to the machine acting differently.
posted by SirStan at 10:56 AM on November 5, 2008
posted by SirStan at 10:56 AM on November 5, 2008
just nuke and re-install
Gotta agree. Whether or not it is something nasty, your computer has been performing really slowly. I know it is maybe a little extreme, but a fresh install could be just what the doctor ordered. I had to recently (dl'd a virus like you) and had to format and reinstall and it was actually totally worth it, if only for the fact that my computer is super fast again and behaving like a good little computer.
posted by gwenlister at 10:57 AM on November 5, 2008
Gotta agree. Whether or not it is something nasty, your computer has been performing really slowly. I know it is maybe a little extreme, but a fresh install could be just what the doctor ordered. I had to recently (dl'd a virus like you) and had to format and reinstall and it was actually totally worth it, if only for the fact that my computer is super fast again and behaving like a good little computer.
posted by gwenlister at 10:57 AM on November 5, 2008
Response by poster: Thanks for the answers. Obviously I'm pretty unsavvy with this stuff...can I ask how one judges if they've got something "really nasty" (assuming the Kaspersky scan turns something up)?
posted by Beardman at 11:09 AM on November 5, 2008
posted by Beardman at 11:09 AM on November 5, 2008
I find that lots of people have anti-virus, but never run any sort of anti-spyware.
The one I've been using lately is MalwareBytes but I also use Spybot, Adaware and Windows Defender.
posted by so_ at 11:24 AM on November 5, 2008
The one I've been using lately is MalwareBytes but I also use Spybot, Adaware and Windows Defender.
posted by so_ at 11:24 AM on November 5, 2008
Thanks for the answers. Obviously I'm pretty unsavvy with this stuff...can I ask how one judges if they've got something "really nasty" (assuming the Kaspersky scan turns something up)?
Google the name that the virus scan produces. Symantec makes crap software but their threat database (most of which, at least, is online) is fairly informative Something like Vundo is a pain in the ass but fixable with the right tool whereas less common threats that threaten to screw up your data require a liberal application of Darik's Boot and Nuke followed by a reinstall.
posted by Inspector.Gadget at 1:13 PM on November 5, 2008
Google the name that the virus scan produces. Symantec makes crap software but their threat database (most of which, at least, is online) is fairly informative Something like Vundo is a pain in the ass but fixable with the right tool whereas less common threats that threaten to screw up your data require a liberal application of Darik's Boot and Nuke followed by a reinstall.
posted by Inspector.Gadget at 1:13 PM on November 5, 2008
For what it's worth, the consumer versions of Symantec are pretty much crap, but their corporate stuff works well and is unobtrusive. I have never liked any of their "home" versions, but I won't give up their Enterprise AV.
Also, ClamAV Portable (from PortableApps.com) will run off of a thumb drive. Which means you don't have to be online to use it, once you've downloaded the updates, which in turn means you don't run any risks of installed crapware phoning home while you are scanning your system.
Finally Process Explorer (also able to run off of a thumb drive) is great for identifying and killing rouge software, because it can be asked to confirm killed processes and stop them from respawning. Enable the "Verify signatures" option and kill anything that doesn't seem to look legit.
posted by caution live frogs at 2:24 PM on November 5, 2008
Also, ClamAV Portable (from PortableApps.com) will run off of a thumb drive. Which means you don't have to be online to use it, once you've downloaded the updates, which in turn means you don't run any risks of installed crapware phoning home while you are scanning your system.
Finally Process Explorer (also able to run off of a thumb drive) is great for identifying and killing rouge software, because it can be asked to confirm killed processes and stop them from respawning. Enable the "Verify signatures" option and kill anything that doesn't seem to look legit.
posted by caution live frogs at 2:24 PM on November 5, 2008
Boot into safe mode and do another scan. Now do a scan with an anti-spyware application like Spybot in addition to the virus scan.
Or use system restore to go back to a period before the virus.
posted by damn dirty ape at 6:20 PM on November 5, 2008
Or use system restore to go back to a period before the virus.
posted by damn dirty ape at 6:20 PM on November 5, 2008
This thread is closed to new comments.
posted by Inspector.Gadget at 10:49 AM on November 5, 2008