How to be certain you don't have a virus when anti-virus scanners find nothing malicious? (Windows 7)
No antivirus package is perfect. I had seen viruses which I submit to http://virusscan.jotti.org/en and only 2 or 3 of the packages detect them. I have also had a virus which was reported clean by them all.
So, if I need to clean/scan a machine for virus, this is some of the things I do.
Prelimary Check
Check and possibly delete the files in the temp folder and also temporary internet files. If there are ten of thousands of files or more, deleting these can significantly reduce the time it takes to perform a full scan. It is however possible for this to delete a virus stored in these locations before it can be identified.
Stage 1
Boot off a clean CD/DVD for example a Bart CD or a special AntiVirus CD
- Run scans with several different anti-virus, anti-malware and rootkit programs
- Configure Explorer to show hidden files and folders and look for files that are recently added to the root folder, Windows, Windows\System32, and Program files folders. Also look for hidden files and/or folders in those places. The presence of such files does not necessarily mean an issue, but I usually try to identify them to make sure they are legitimate)
Stage 2
Boot in the operating system normally
- Run scans with several different anti-virus, anti-malware and rootkit programs
- Run programs such as Autoruns and Hijackthis which show everything that is started automatically or things that hook into windows (eg addons to Windows). Neither of these programs try to determine what is good and what is bad, but instead they give you information and it is up to you to decide if the entries are valid.
- Run TaskManager or Process Explorer to see what processes are running.
- Look in add/remove programs and see what sort of programs have been reinstalled and remove any junk. Don't want to mention any names, but there are some toolbars, poker games and some file sharing programs that always seem to cause programs and quite often the user/owner of the computer did not deliberately install them. (For example, toolbars that are bundled with other programs)
Stage 3 (time permitting)
- Reboot into windows and connect to the internet and leave for a while and then repeat Stage 1 to make sure the machine is still clean.
Stage 4
- Keep fingers crossed and/or pray that the machine is clean.
How to be certain you don't have a virus when anti-virus scanners find nothing
You can't.
However if you want to be sure that a virus isn't causing problems with Internet access, just boot from a live-CD or USB. If that cannot access the INternet you may have a hardware problem. Preferably one created on a different and clean system.