I think my computer has a virus but my scanners aren't picking any

Discussion in 'Computer Games and General Discussion' started by JJBro1, Mar 22, 2009.

  1. JJBro1
    OP

    Member JJBro1 GBAtemp Advanced Fan

    Joined:
    Jan 20, 2008
    Messages:
    849
    Country:
    United States
    The other day avg picked up a trojan and some cookies and i sent them to the virus vault and deleted them. Even though I deleted them from the virus vault my pc is runs awfully slow and buggy. I ran scans with avg and spybot both in regular and in safe mode and nothing is being detected. What do you think is the problem with my computer? How do i get avg or spybot to detect the problem or is there a software out there that is better than both of them? And when i tried to do a system restore all of my restore points were gone!
     
  2. FAST6191

    Reporter FAST6191 Techromancer

    pip
    Joined:
    Nov 21, 2005
    Messages:
    21,698
    Country:
    United Kingdom
    Some of the newer stuff I have tangled with can embed itself rather nicely and avoid detection quite well (one I dealt with deleted the startup entry after launch (before I could run a scanner) and added itself again on shutdown).

    Two options and you can combine ideas quite easily.
    liveCD boot and test.
    Linux and windows options here, bartpe is the usual windows suspect
    bartpe: You will need a windows CD
    http://nu2.nu/pebuilder/
    bartpe plugins:
    http://www.bootcd.us/BartPE_Plugins_Category/antivirus/
    and linux:
    http://www.raymond.cc/blog/archives/2008/0...otable-windows/ is a start, I tend to go in manual rather than automated though.

    Option 2 is safe mode. Safe mode if you were unaware is a minimal version of windows that only loads a specific subset and will usually stop any bad code loading.
    Press f8 when booting up (I usually start just after the bios has finished doing whatever) and you should get the option.
    You can then proceed to doing whatever including the steps below:

    Applicable to both.
    AV scanners do have limited heuristics (detection of bad code not in the database) but I have never encountered a good one and obviously a database is not going to be 100% accurate. This means going manual is the way forward.

    You have two options:
    1. Use something like a sqaured hijack free (note all the various programs are on the page so make sure to get a sqaured hijack free rather than something else:
    http://www.hijackfree.com/en/hijackfree/

    2. I know I just rubbished heuristics but if you do not mind the odd false positive full packages like comodo http://personalfirewall.comodo.com/ have the ability to tell you if something is trying to do something.
    I also use a few things from the people behind spybot that are a bit more low end:
    http://www.safer-networking.org/en/runalyzer/index.html
     

Share This Page