1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

How Anti-Virus Programs Scan

Discussion in 'All Other Software' started by electrodug, Oct 29, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. electrodug

    electrodug Thread Starter

    Joined:
    Oct 27, 2007
    Messages:
    9
    I have Norton anti-virus 2003 installed on my computer. I read somewhere that a virus scan will not look at files that are being used by the computer at that time. Is this true and if it is true how can you be sure your computer is virus free if the results of the scan say no problems detected?
    I have a friend who is running Windows XP and she has the NNCORE.DLL Trogan Virus. I looked at the list of known viruses on my Norton (it is up to date) and this virus is not even listed. How can a uitility be effective if a known virus is not in its data base.
    Thanks
     
  2. rka0

    rka0 Banned

    Joined:
    Oct 12, 2007
    Messages:
    1,281
  3. TOGG

    TOGG

    Joined:
    Apr 2, 2002
    Messages:
    5,912
    I don't know the answers to your questions, but do have the following 'observations';

    1. NAV 2003 may still get definitions updates but its scanning 'engine' must now be well out of date.

    2. All the AV companies have their own names for each piece of malware, so the fact that you couldn't find the one you mention in NAV's definitions doesn't necessarily mean it couldn't protect against it.

    3. However, referring back to 1, the recent developments in malware that can reinvent itself at frequent intervals means that signature based programs are less effective, and things like 'heuristics' (recognising and blocking dangerous looking processes), are more important.

    4. My antivirus, NOD32, can't scan within files locked by Windows but, I don't see that as a great risk to me.
     
  4. good grief

    good grief

    Joined:
    Aug 26, 2007
    Messages:
    694
    TOGG

    I am considering changing from Norton 360 to NOD32, so I was interested in your reply to
    Electrodug. Could you please explain what you meant by:

    "My antivirus, NOD32, can't scan within files locked by Windows but, I don't see that as a great risk to me. "

    What do you mean by locked, and why is this not a risk for you?

    Thanks in advance...
     
  5. TOGG

    TOGG

    Joined:
    Apr 2, 2002
    Messages:
    5,912
    When I run scans I see a list of files it was not possible for NOD to access. Some are Windows files, presumably in use, and some are password protected files.

    In my case the protected files seem to be security related, such as backups or quarantine files made by AdAware, which I don't even use any more but whose backups obviously survived the uninstall.

    I assume that security software should try and protect itself from 'unauthorised' attempts to open files, so I don't worry about it. Maybe I should but, as far as I can tell, I am clean, which may have more to do wth the fact that I don't use IE or do file sharing or visit the 'social' sites, You Tube, MySpace, Facebook etc..

    In addition to NOD, I use the Comodo firewall and run Comodo Anti Malware (formerly BO Clean). I also have Sandboxie which I can use if I think anything I am going to look into could be 'risky' but I don't use it much because I usually don't remember to!
     
  6. rka0

    rka0 Banned

    Joined:
    Oct 12, 2007
    Messages:
    1,281
    Hi electrodug. I think the best thing you can do now is post a hjt log NNCORE.DLL seems to be one of those nasties.
     
  7. John Burns

    John Burns

    Joined:
    Jul 29, 1999
    Messages:
    1,150
    Not disputing you, TOGG, but I don't understand - I have Comodo Firewall and Comodo BOClean installed - is there a new AntiMalware that takes the place of BOClean? The BOClean I have is at this link:

    http://www.comodo.com/boclean/boclean.html
     
  8. TOGG

    TOGG

    Joined:
    Apr 2, 2002
    Messages:
    5,912
    No, it's the same thing, it's just that, when Comodo bought BO Clean, they appeared to place more emphasis on the 'Anti Malware' part of the title. They still use BO Clean in the product name, so I suppose I should have as well.

    I imagine the Comodo people wanted to shift the emphasis away from the Back Orifice Trojan/downloader that BOC was named after, so as to emphasise that it is more than a simple anti trojan (assuming that all their claims can be justified).
     
  9. John Burns

    John Burns

    Joined:
    Jul 29, 1999
    Messages:
    1,150
    Thanks for the response - I should have figured that out myself, I guess. Anyway I appreciate the explanation.
     
  10. good grief

    good grief

    Joined:
    Aug 26, 2007
    Messages:
    694
    TOGG

    Thanks from me for your explanations also , and good luck electrodug. :>)
     
  11. electrodug

    electrodug Thread Starter

    Joined:
    Oct 27, 2007
    Messages:
    9
    I don't have this virus, a good friend however does. I am using Windows 2000 Professional SP4. My friend is using Windows XP. It looks to me as if this virus attacks the NNCORE.DLL in Windows XP. I came to this conclusion by running a search on my system and there is no NNCORE.DLL file on my computer. This virus keeps my friend from getting online, so she cannot send a log from her computer. My son did a live update of her Norton Anti-Virus and ran a scan, but Norton did not find this virus (makes me question the value of anti-virus software). We have not tried the procedure outlined by Tech Support Guy.(y)
     
  12. WhitPhil

    WhitPhil Gone but never forgotten Trusted Advisor

    Joined:
    Oct 4, 2000
    Messages:
    8,684
    That DLL is part of the piece of Malware call NewDotNet.

    Have your friend create an account here, download and run HijackThis and post the log in the Malware forum for assistance.
     
  13. electrodug

    electrodug Thread Starter

    Joined:
    Oct 27, 2007
    Messages:
    9
    Thanks....Will I be able to put her log on a floppy and send it from my computer? I am not sure she has a CD burner, if this log will be larger than 1.44MB!
    (y)
     
  14. WhitPhil

    WhitPhil Gone but never forgotten Trusted Advisor

    Joined:
    Oct 4, 2000
    Messages:
    8,684
    HJT logs are tiny. You can attach and email it.
     
  15. electrodug

    electrodug Thread Starter

    Joined:
    Oct 27, 2007
    Messages:
    9
    Where do I attach this log?(y)
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Anti Virus Programs
  1. kvnsgn24
    Replies:
    4
    Views:
    182
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/645284

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice