For definitive virus detection, you must turn to an anti-virus program with updated definitions. If a reputable anti-virus program will install, run, and complete a check successfully, and if its definitions have been updated within the last 24 hours, you can be fairly confident that the problem is not a virus. Otherwise, virus infection is still a credible suspect.

Updated virus definitions are essential; otherwise, performing a complete system scan for a virus is a waste of time. And these days, new viruses are discovered almost every day, so definitions updated within the last 24 hours are preferable.

Most anti-virus programs can’t detect viruses that they don’t know about. There are exceptions, such as programs that monitor the file sizes and dates of essential system files and warn you if they are about to be changed. However, the vast majority of threats circulating today are not true viruses because they do not actively infect your existing .exe files or boot sector. Instead, they are Trojan horses, back door programs, or worms, whose behaviors won’t normally trigger that kind of proactive detection. Therefore, updated definition files are your only reliable line of defense against new virus threats.

Norton AntiVirus, for example, checks for new definitions on the company’s server and installs them automatically. Be warned, however, that some services (such as Symantec’s Live Update) update their servers only once a week except during peak periods of virus problems, so you might not always get the latest updates by running Live Update. Going manually to the company’s Web site and comparing the date of the most recently posted definitions to the date shown in your software is one way to ensure you have the latest stuff, but that can be a little taxing. Symantec offers an Intelligent Updater service that updates virus definitions every business day, which is a great alternative for administrators with mission-critical PCs to support.

Assuming your virus definitions are up to date, you can be reasonably certain that if an anti-virus program successfully completes a full system scan and tells you there is no virus, there probably is no virus. If you remain skeptical, check one of the major virus security Web sites after 24 hours; it’s possible that a brand-new variant has slipped in. If that’s the case, other people should be reporting it and it should be all over the virus community’s news within 24 hours.

If your anti-virus program won’t run, or won’t do a full system scan, or if you buy a new copy and it won’t install, this is a significant sign there is a virus infection. For example, many varieties of the W32.Klez.mm mass-mailing worm include commands that disable your anti-virus software and make it difficult or impossible to install new anti-virus software.