16
5
I recently spent many hours troubleshooting a laptop that could not connect to the internet. The laptop exhibited no other unnatural behavior, and so my first thoughts were to try connecting to other networks, try a new NIC, etc... The question I posted can be found here with more detail. One of the first things I did was to check for viruses with MalwareBytes, eSet, and Panda Cloud Antivirus... All 3 scans were run separately and independently of one another, and no virus was found. I then proceeded to spend hour after hour troubleshooting, and in the end I just took the computer to a repair shop where it was discovered to have a virus.
My question is not subjective, I'm not asking what is the best anti-virus software to use. I'm asking how can I actually be certain I have no viruses when popular and generally effective anti-virus scans detect absolutely nothing?
In the past my routine would be to run through the list of running processes and start-up programs, and use online resources to try and find anything malicious. This routine seemed relatively silly to me in the face of all of these anti-virus programs, and I thought it would be more effective to run scans than to manually look on my own.
Obviously IT firms have some effective method of identifying viruses, and I doubt these companies are just running some virus scanner. Clearly experience would have led me to identify my own problem as a virus, but I feel like there are all kinds of ways an undetected virus can manifest itself, so I don't want to rely solely on experience.
Edit:
I should clarify this a little bit. I'm not necessarily looking for some "ultimate" checklist of things to do to identify viruses, but clearly there are ways to identify them when our normal anti-virus scans fail, and I'm wondering what some of these approaches might be.
"I thought it would be more effective to run scans than to manually look on my own." => Completely incorrect, human (with enough experience and good training) is a lot more effective virus detection/removal system than any software solution today. Software can not beat IT-persons heuristic scans. – Sampo Sarrala - codidact.org – 2012-08-22T17:41:21.637
1If you question the security of the system, the only real solution, is to format the system. What virus was discovered, these computer repair shops, have this nasty habit of finding stuff that does not actually exist. Post the log file that proved you had a virus, if they cannot supply this, I would ask for your money back. If they claim they deletd it, ask for your money back, because that means they never actually found anything. – Ramhound – 2012-08-22T19:54:27.480
When it comes to antivirus software, you (to a degree) get what you pay for. Of the three packages you list, only eSet is apparently a fully commercial AV product, and if you used the "free trial" likely you got a crippled version. (I'm getting the impression that you had no AV product on the laptop to start with, and only tried to close the agricultural portal after the bovines were afield.) – Daniel R Hicks – 2012-08-22T21:19:43.450
Give a try to ComboFix it is a good malware detector. – avirk – 2012-08-23T01:35:10.440
Did it have Mcafee on it by chance? I spent 4 hours troubleshooting a similar problem and it turned out Mcafee sent out a bad patch, which made networking impossible. – Phillip R. – 2012-08-23T03:00:35.177
@Ramhound I did not think to ask for a log, it's been a long time now since they fixed it. But it's important to note that they did, at the least, fix it, which is why I sent it there in the first place. – JonathonG – 2012-08-27T00:26:11.773
@DanH The computer was running the full commercial version of McAfee Antivirus, active protection was enabled 24/7 and after I began having problems I ran a full on-demand scan with McAfee to no avail. In my experience, my commercial version of MalwareBytes succeeds more often than McAfee. – JonathonG – 2012-08-27T00:27:23.410
@PhillipR. It did have McAfee, but it's too late now to check if it was a result of a bad McAfee patch, as the computer has been completely killdisked and reformatted, new drivers and all. – JonathonG – 2012-08-27T00:28:10.227
@DanH While I agree with you in general (that you get what you pay for) my choice to utilize services such as MalwareBytes, eSet, Panda Cloud Antivirus, etc. is based on the fact that over the course of 6 years, I've never once had a positive experience with McAfee, Norton, or Kaspersky. Kaspersky seemed to be more effective than the others in several cases, but it was horribly intrusive and clunky when I tried it. MalwareBytes alone has saved several machines for me on which those heavyweight AV programs never even managed to find a virus. – JonathonG – 2012-08-27T00:36:52.600
Well, in this case it appears likely that you never had a virus problem, but some other issue with networking. So it's not surprising that you found nothing. – Daniel R Hicks – 2012-08-27T02:06:26.893