Virus troubleshooting

Everybody these days seem to have their own preference of antivirus software.  When it comes to needing the quickest solution for a large amount of virii on a PC, of course reformatting and reinstalling everything can be the best solution.

When this is not the desired option, the following programs are great and still very robust for resolving this type of issue.

Avira Antivirus (free version is available and stays active in the taskbar with nag screens)
Malwarebytes Anti-Malware (free version requires the user to manually run it every time)
combofix (normally this is found by searching on the web for the bleepingcomputer web site hosting the latest version)
Norton Antivirus products (for home)
Symantec Endpoint Protection (for business)

The last two software, of course, people often debate on.  From a professional perspective, there is absolutely nothing wrong with Symantec and Norton branded products.  SEP does work great in a small business environment and is a lot more robust for management than smaller companys' products.  Sometimes Norton products, such as Norton 360, may be a burden on the workstation or processes but for the most part, most home users will not notice the issues that a more advanced user may see from time to time.  Again, both of these software suites are top tier products and deserve that recognition.

Realistically, there exists no antivirus software that is 100% accurate and reliable.  A combination of antivirus and troubleshooting techniques can be required for very stubborn virus problems on workstations.

I would also like to point out that, in the past, it often was stated that only 32-bit versions of Windows were susceptible to rootkit virii.  Now that 64-bit Windows has been available for quite some time, especially that most people running 64-bit operating system are running Windows Vista or Windows 7, this is no longer true.  To clean this type of virus, sometimes more methods need to be exercised to do a cleanup and will require web searches.

Since rootkit trojans hide themselves and attach to running processes, they can be too difficult or too time consuming for a technician to find on his own.  Detective work is necessary to troubleshoot this issue and resolving the problem involves web searching for the solution if current antivirus definitions do not detect them.

Combofix only worked on 32 bit versions of Windows all of the last times I tried it, so when there is a rootkit on a 64 bit operating system, such as Windows 7 Home or Professional x64, I always had to start with SEP or Avira.  If these antivirus software did not resolve the issue, then I research a solution on the web.

Malwarebytes is still a very useful tool as well and should not be completely disregarded.  There are other tools out there such as AVG and supreantispyware but I have not needed to use either one of these programs in several years.  95% of the time, a combination of troubleshooting skills with Avira and Combofix will resolve the issue.