Spyware, Viruses, & Security forum

General discussion

virus,trojans and all that.Can they go undetected?

by ClaudiaWalky / June 15, 2010 7:18 AM PDT

Hi,
talking with my brother about a problem I have with the RAM in my pc,he told me:"Maybe you have a virus." No,I don't.Avast,Spybot,McAfee SiteAdvisor,HiJackThis and my config keep all that at bay."Mmmm...last time my RAM was bad the technician told me I had a virus although my NOD32 didn't find it.I had to format the HD"
Can this be true? Even with the best up to date antivirus,passing all the tests,HJT and everything? Can be? And if so,how technicians can be able to know we have a virus? Do they have a magical antivirus as nursery growers have magical ingredients to make plants grow and bloom bigger and better?
Thanks!
Claudia

Post a reply
Discussion is locked
You are posting a reply to: virus,trojans and all that.Can they go undetected?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: virus,trojans and all that.Can they go undetected?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Can they go undetected? Yes
by Grif Thomas Forum moderator / June 15, 2010 8:05 AM PDT

The problem with the tools you have suggested is they aren't necessarily the best at detecting all things, at all times.. Avast is a fairly good VIRUS detector and also finds some but not all spyware. Spybot is a little outdated and doesn't seem to detect or remove some of the recent spyware items and it doesn't detect viruses at all. McAfee site advisor doesn't detect items that are already on the computer and as with most scanners, it depends on definitions which are "after the fact" and may not find new malware.. The others you mentioned are the same.. It depends on when and how they are used and whether the malware infection is something newer than the scanner is programmed to find.

As to how a tech knows if there is a virus... Sometimes using a different set of scanners tells them.. Sometimes they don't know for sure it's a virus. It's simply easier, cheaper for you, and faster to reformat and reinstall everything from scratch.. As just an example, I fix infected computers as a side job.. Many times, the customer wants all their important data saved from a computer that barely runs.. In one such instance, it took me two days of running scans and repairing the operating system to get it back to a clean condition while still saving the files.. A reformat and reinstall takes a few hours.. They PAID for the two days worth of time.

Hope this helps.

Grif

Collapse -
Thanks! So,
by ClaudiaWalky / June 15, 2010 9:32 AM PDT

which security software do you recommend? [ If they have a free version available,that would be better for me.:) ]

Collapse -
Your Choices Aren't Bad... Just Remember...
by Grif Thomas Forum moderator / June 15, 2010 12:46 PM PDT
In reply to: Thanks! So,

It's more about YOU and your habits than the security software you install..

Harden your browser or use one that's fairly secure to start with.

Make sure to update necessary software frequently. (Windows Updates, Antivirus, antispyware, Java, Flash, Adobe Reader, media players, etc.)

Don't use P2P downloading software.

Don't visit dodgy sites.

Don't open email attachments that you aren't SURE is for you.

Use only ONE antivirus running in realtime and only ONE antispyware running realtime.. Multiple scanners running at the same time can conflict and cause issue.

And if you visit a site that looks a little strange don't "Click Here" when it says to.

Just suggestions.

Hope this helps.

Grif

Collapse -
Thanks again!
by ClaudiaWalky / June 15, 2010 2:04 PM PDT

Then I'm ok.I use Firefox with NoScripts add-on.McAfee SiteAdvisor never lets me open a site that was already reported and advised with yellow the ones that might have dangerous contents.Avast aborts the connection when a page has something dangerous that McAfee didn't warn and when I download anything, it aborts downloads with malicious contents.
Besides,I periodically check with ShieldsUp my Internet connection security.
I never ever click without thinking and I never download software from suspicious sites.And thanks to Gmail,nothing bad can come in my mail.
Ok,thanks again for answering!

Collapse -
to GRIF THOMAS

I frequently visit this SPYWARE etc forum and found your response dated 6/15/10, titled "Your choices aren't bad..." very appropriate. I have 2 questions:
1-How does one "harden" a browser? (I think my PCs have Windows Internet Explorer 6, 7, &8)
2-Is there ONE SITE that contains the concepts you outline, plus specific steps (defrag, system clean, etc) that I can refer to that will assist me in keeping a "clean" system? I continue to scan this, and other forums to attempt to keep my PCs clean and fast, but it seems like a continuing battle.
Thanks for any advice, and thanks for your attention to these forums.

Collapse -
CPMDAVE's addition....
by cpmdave-21209087916214755939752776832341 / June 21, 2010 10:23 AM PDT
In reply to: to GRIF THOMAS

I neglected to note that I use Windows XP (sp3) and Windows 7

Collapse -
Harden A Browser
by Grif Thomas Forum moderator / June 21, 2010 12:29 PM PDT
In reply to: to GRIF THOMAS

1. There are different opinions on this one but most browsers can be "secured" better than they are at default.. Unfortunately, they may not perform exactly as you'd like.. It becomes a bit of trial and error as to how secure you'd like to get..

And of course, it depends on the browser.. Many prefer to start with a browser other than Internet Explorer.. Although IE 8 is a little better than it's predecessors, other browser tend to work better for some.. Try surfing with Firefox or Opera and see what you think.. Internet Explorer 8 allows ActiveX controls to run while neither of the above do by default.. Still, setting IE security settings to "High" cure many of the problems.. In addition, you can disable JavaScript on all of the browser and it will lock down a number of vulnerabilities out there. In my case, I use Firefox for almost all internet surfing but keep Internet Explorer running and updated so I can use Windows Updates and a few other sites which require IE.

2. As to one single site expressing methods, you will indeed find it a continuing battle.. This CNET particular security forum is great because each day, one of the mods will supply members with the latest security updates. Follow them carefully and be sure to keep ALL of your software updated with security updates.. Many folks tend to forget about Flash player, Java, Adobe Acrobat, etc.

And for many, keeping a clean machine is as simple as following the steps in the link below which I wrote a while back for another user with a similar question:

[pb]Cleanup Steps

Hope this helps.

Grif

Collapse -
Quick Addition
by chaslinux / June 21, 2010 10:49 PM PDT
In reply to: Harden A Browser

Just a quick addition to what Grif suggested: also make sure you lock down any unnecessary users and limit users to "Limited User" accounts instead of Administrator accounts (Control Panel/Users).

Collapse -
THANK YOU GRIF
by cpmdave-21209087916214755939752776832341 / June 22, 2010 2:31 AM PDT
In reply to: Harden A Browser

THANKS for the advice...and the link. I will be following both.

Collapse -
Recommended software for anti-malware
by chaslinux / June 18, 2010 6:30 PM PDT
In reply to: Thanks! So,

Malwarebytes Anti-Malware (MBAM) (URL below) is often really good at detecting malware without detecting false positives. Used in conjunction with Avast they tend to find some of the more difficult malware. We typically install MBAM in safe mode and run a scan, or for more difficult problems remove the hard drive and scan it from a "clean machine." (note: don't use safe mode with networking as it loads more services, the idea is to load as few services as possible)

Another interesting program is GMER (rootkit remover). A lot of malware these days know about anti-malware, so what GMER does is give your download a random name when you download it (getting around malware detecting it by name). GMER is a bit more difficult to use, but not as bad as Hijack This.

http://www.malwarebytes.org/
http://www.gmer.net/

Avast and NOD32 are both excellent programs, it's surprising they found nothing, but it's not impossible that you might still be infected. Some malware detect the presence of anti-virus/anti-malware and mask themselves. Other malware go as far as removing the anti-malware software.

If you still don't find anything and your system is bogged down run msconfig (start > run > msconfig) and remove any items from the startup tab that look suspicious. Then switch to the services tab, click hide all Microsoft services, and uncheck any items from services that look like they don't belong. Sometimes malware will name themselves numerically (e.g. 583207.exe) to make it harder to detect in the registry (which actually makes it easier for you to spot).

Lastly try ccleaner to clean up the registry and defraggler to defragment your hard drive (if you've installed a lot or put a lot of files on your system recently). While the problem isn't likely bad hardware you could also check your memory to make sure a stick of RAM hasn't gone bad.

http://www.piriform.com/ccleaner
http://www.piriform.com/defraggler

Collapse -
Thanks to everyone for sharing your insight.
by ClaudiaWalky / June 19, 2010 3:20 PM PDT

And thanks for the recommendations.I already scanned with MBAM in safe mode and only found a cookie.I didn?t know about Gmer until now.I may give it a try.But if it's so difficult...At least,does it have a page where you can analize the log as Hijackthis?
Oh,I wish my memory management problem were caused by some malware! I have to post it in the hardware forum as soon as I can.Wish me luck!
Thanks again to chaslinux and everyone!
Caia

Collapse -
GMER
by chaslinux / June 19, 2010 10:42 PM PDT

GMER isn't quite as scary as I made it out to be, it just takes a long time to scan and spits out a lot of information. Generally if it finds a problem GMER will highlight the problem in red. Sometimes GMER wants to disable something and reboot before it can remove it.

Grif's first and second comments are both great advice. Really the most important thing you can do is stay away from dodgy sites and don't auto-open email attachments (from anyone). Of course this is difficult sometimes if you have children (but you can also create limited accounts for them rather than allowing them to surf as an administrator).

To answer someone else's question about "how do you know if you have malware if your scanner doesn't find it" the answer is you don't always... but, if your computer is acting very sluggish it's a good indication you might have malware. A slow system could be other things. If you install a lot of software or write a lot of files to the hard drive your hard drive might become very fragmented which can cause it to slow do. Also if some RAM has gone bad (you can test RAM with a free tool Memtest86+) you may notice a slow down. Lastly some legitimate programs (including some antiviruses) can really slow down your system. If a tech sees a computer come in and the computer has animated cursors and a variety of toolbars it's a pretty good indication it might also have some malware. A lot of these "special effects" come with another special gift you don't want.

As for reinstalling, be aware that not only will you lose data you haven't backed up, but also any extra programs. Often systems are loaded by an OEM (Original Equipment Manufacturer) with extra software. Not all of it is good (many programs are trial versions), but some programs like Microsoft Office are quite expensive if you have to buy them separately ($460 for the full version Microsoft Office Professional 2010 with Access and Publisher). Also make sure before you reinstall that you have your restore discs. If you don't have your original restore discs you may not have all the drivers necessary to get your machine back in tip-top shape (and from Microsoft's legal department standpoint you cannot reinstall if you don't have the media from the OEM).

Collapse -
Thanks again!
by ClaudiaWalky / June 20, 2010 1:51 PM PDT
In reply to: GMER

Very useful info.I will keep it at hand,Thanks!
Caia

Collapse -
Virus ETC. undetected
by jw1ls5n0129 / June 19, 2010 3:01 AM PDT

Well if you can not detect them ,how will we know ? but the people that put them on to a disc spyware like e.games used to do but there was a program that you could download and then reload the CD with no spyware that CD was now on your hard drive but if you have to put the CD in the drive again, you just put the spyware back .e gaims belong to an other company and they do not do this I did point it out to them a few years ago and was told it was no longer done .there must be others who do,but my answer to the question is if you can not detect them ! how do we know .

Collapse -
Remember
by Dango517 / June 18, 2010 11:16 AM PDT

there can be a lag between the time a virus is released and the time it can been detected and preventions created.

also, perhaps needless to say, those bad guys can be pretty sneaky about hiding there work. In fact, very sneaky.

Collapse -
Yes
by gargamel360 / June 19, 2010 9:08 AM PDT

More and more, that is how they are trying to design malware, to be undetectable. A Rootkit is one of the nastiest examples.

Prevention should be your primary focus, achieved by a combination of safe surfing habits and multiple, non-conflicting layers of active defense.

Collapse -
AHHH! That is nightmarish!

If you have more then one antivirus, then HECK YES!!!!!!!! I got no rootkits with just avast! but when I installed Norton Security Scan a hacker managed to get though!

Popular Forums
icon
Computer Help 49,613 discussions
icon
Computer Newbies 10,349 discussions
icon
Laptops 19,436 discussions
icon
Security 30,426 discussions
icon
TVs & Home Theaters 20,308 discussions
icon
Windows 10 360 discussions
icon
Phones 15,802 discussions
icon
Windows 7 7,351 discussions
icon
Networking & Wireless 14,641 discussions

Tech explained

Do you know what an OLED TV is?

CNET explains how OLED technology differs from regular TVs, and what you need to know to make the right shopping decision.