Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Why do virus infections go undetected


  • Please log in to reply
1 reply to this topic

#1 Victor43

Victor43

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 28 August 2009 - 04:57 PM

Does anyone know why certain types of virus infection go undetected on a PC running Windows ? There are different kinds of viruses which exist i.e. Trojans, worms, boot sector, bios and others.

Does running Hijackthis tell you if your registry has been configured to enable a unknown file likely a virus to execute on startup ? Is it possible for a virus to infect core Windows files i.e. Svchost or Winsock or others ?

Do antivirus solutions exist which can freely and accurately in real time scan viruses/trojans/keyloggers/remote access/worms that automatically come via Internet Explorer and other browsers using scripting languages (NOT via regular browser downloading) ?

Is the problem that the viruses which find their way onto the computer are new viruses and have yet to be identitifed ? Is this where most antivirus solutions fail ?

All comments would be greatly appreciated

BC AdBot (Login to Remove)

 


#2 fearmyawesome

fearmyawesome

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:11:38 AM

Posted 28 August 2009 - 06:46 PM

Many Viruses can pass through the internet and into your computer because the firewall is down, or because your antivirus is not functioning correctly. Some of the newest viruses and trojans can also remain undetected because the Antivirus systems have not yet been updated to detect and remove the infection. Also, many trojans and viruses are disguised as another, legitimate file so that users download the files themselves. (E.g. P2P)

As to what can help the virus remain undetected... rootkits and other self disguising techniques are often used to prevent Antivirus Systems and even the user from discovering the virus.

Hijackthis can tell you if your registry has been edited to allow a virus to start up on boot. Hijackthis also has many other functions that can tell what exactly has been changed, and provides an in-depth analysis of many areas that can signal an infection. Hijackthis is an extremely complicated tool that can cause severe damage to a computer if used incorrectly. It is best that Hijackthis only be used under supervision of a trained professional.

Viruses can attack almost any area of a computer. Yes, they can infect svchost and winsock.

I'm pretty sure that almost all antivirus solutions have a download scanner to attempt to prevent viruses... however most AV's, in my experience, usually don't detect it until you click on the file. I have used AVAST, AVG and Norton. I find that Norton won't detect anything. EVER.

New viruses and trojans are definitely a major reason as to why computers can become infected. Computers and programs that are not updated regularly are also extremely susceptible to viruses. P2P networks such as Limewire, torrents also infect computers extremely easily.

AV's are updated quite frequently as well. It is very important to keep up to date to deal with the latest viruses. I find that most AV's keep up to date quite nicely with the latest viruses, but viruses come up with stronger and stronger methods to nullify the AV. Rootkits, locked .exe's and denied permissions often prevent AV's from successfully removing a virus. One Virus Removal tool that works really well to remove many viruses is Malwarebytes Anti-Malware. I find that it often works better than many AV's.

Hope I could help you out,
Fearmyawesome




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users