How to viruses get past antivirus programs and make it into system restore?

I mean, today I had to clean a virus out of my wifes computer.

We have had AVG 6 on their since the install of windows and we upgraded it to AVG 7 when prompted.

However for a few days she has had a virus that AVG 7 could not clean, this one was in the system restore files.

In short, I had to disable system restore and rescan to clear it out.

My question is, how did it get pass the AVG that was running to make it into the system restore???

Weird. Might be that AVG needs to send out another set of detection rules for whatever virus you had to get rid of. Just a thought is all.

I seen this in the past, where it is recommended to disable system restore, go into safe mode and scan to clean some viruses.

I am just wondering how they get passed the active scan in the first place, when the verison running is able to clean it.

It probably made it past AVG before you had detection rules that could detect it, and it took a restore point before you had the rules to detect it. 6 needed heuristics enabled to detect a lot of crap.

It probably made it past AVG before you had detection rules that could detect it.
I have often thought that this is the case, I sometimes wonder if people who get viruses have had them for a while and don't realise it, the only time they show up is on a system scan done x amount of time after the machine was infected and the virus data base updated.

AVG's resident shield has always been excellent in popping up whenever a known virus does try to get past it, so it has to be a definitions issue.

All that must be it. I was kinda wondering and thinking they might have made it though before the updates. Since Updates are to detect new viruses, it stands to reason they are released after the new virus is already out in the wild.

You know... I never bother cleaning out of the system restore. I clean the system and make a new restore date and label it "Do not restore before this date". A few days later, the virus infected restore points dump out anyway. The virus infected points are not a threat to your system provided you don't restore to those points