Malicious software these days are becoming an epidemic all over the world and, unfortunately, the way malware affects a computer has changed. The malware was previously recognizable, slowing down the PC by opening malicious pop-ups or advertising web pages, while today they are certainly more discreet, hidden and deadly.
You could have a computer infected with a virus without having any visible symptoms.
Furthermore, unfortunately, it often seems as if the only way to be sure of having a clean computer is to scan your computer with more than one anti-malware program, wasting a lot of time.
To find a definitive solution, you can follow this guide that lists and explains the operation of some very powerful and precise free programs that you absolutely must always have on hand, to recognize and remove any type of virus and malware .
I can assure you that no malware or virus, even the worst, can escape this recognition process which is made up of some mandatory and consecutive steps.
If one of the steps turns out to be infected, then you can go straight to the malware removal guide .
If a network connection is not available, they can be downloaded from another pc and transferred using a USB stick.
Each of the programs listed here is very effective and easy to use and they are portable applications that do not require installation and do not cause any conflict on your computer.
However, keep in mind that a virus can change the configuration of the proxy so, first of all, it is important to remove any proxy .
Open Internet Explorer, enter the internet options (Iin IE9 from the gear icon at the top right) and, in the connections tab, press the LAN Settings button.
Where Server Proxy is written, check that the square is not flagged and delete whatever is written in the address field.
The same is true for Firefox while Chrome relies on Internet Explorer options.
1) Check for rootkits .
Rootkits are not all negative, drivers are also rootkits.
However, these are programs that start and end when the computer is turned on, making them invisible.
In another post the list of the best programs to check and eliminate rootkit viruses from your PC .
If this does not find anything, you need to download and use Comodo Cleaning Essentials .
This free program is available in two versions for 32-bit or 64-bit PCs.
Unzip the CCE zip file into a folder and double click on the file called CCE to open the main program.
If it doesn't open, hold down the Shift key on your keyboard, double-click on the CCE file and release Shift only after CCE has loaded.
If CCE doesn't work, download and run a similar and equally effective program called RKill .
These two equivalent programs have a key function in the preliminary process of envying and removing viruses because they are able to recognize the malicious processes that are running .
They therefore serve to stop the malware and make it so removable (because if they are active, Windows cannot delete files in use and even the antiviruses remain ineffective).
If you use Comodo Cleaning Essentials, however, you must pay attention to what to remove or disable because there may be warnings of potential but untrue dangers.
With CCE you can make an intelligent scan for all types of malware .
This program also checks which system changes may have been caused by the malware and restore them to their previous value.
For example, if the icons disappeared because of the virus, it would make them reappear.
After the scan you will be asked to restart your computer to see the final results.
This Comodo Cleaning Essential is an excellent program but it has the defect of detecting many false positives.
It is therefore a matter of checking the results before removing or disabling some processes and, if in doubt, leaving them as they are.
However, if Comodo finds problems, the PC is probably infected and you must proceed with the removal of the malware by restarting the PC in safe mode and then using the MalwareBytes Anti-malware scanner (which must be installed after stopping the malicious processes with rKill).
2) Use Killswitch to investigate running processes
If the previous procedure did not find any malware activity, open Comodo Cleaning Essentials again, go to the Tools menu and use the KillSwitch option.
It analyzes all running processes and identifies safe processes against those that can be dangerous.
Many will be referred to as FLS.Unknown, that is, unknown and not necessarily dangerous.
If Killswitch shows that " There are no items to display ", the computer has also passed this test, otherwise we have to investigate.
right click on the process in question, select "Go to folder" and open the folder where the file associated with the process is located.
To find out if that file is dangerous, you could upload it to VirusTotal for a check with 30 antivirus programs together.
In reality it would be better if nothing was found from these scans so, in case some results appeared, it would probably be better to delete every file detected to be really sure.
3) Use Comodo Autoruns to check if the registry entries are infected .
Still using Comodo Cleaning Essentials, open the "Tools" menu and select the " Analyzer Autorun " option.
This program analyzes the registry and displays the files associated with each item.
Almost all malware writes something in the registry so this verification can identify if there are other hidden files somewhere on the disk that are part of the malware, even if they are not running.
Unfortunately, using this tool is a tedious job because each result must be checked manually in a similar way as done with KillSwitch.
If Autoruns shows that " There are no items to display " the computer has also passed this test and is certainly free of any malware or viruses.
If the computer had gone through all the previous steps, but still not working properly, every problem is due to some hardware or software error, certainly not dependent on the presence of viruses.
If, on the other hand, there has been some detection, it is useless to download a thousand different antiviruses, just remove the malware with Malware Bytes following the procedure indicated in the malware removal guide .
The basic step of this guide is all in phase 1, the one to identify and stop harmful processes because it is the basic initial step of each removal guide.
In addition to these tools, I also remember to keep other important portable security programs on hand on the USB stick, including the fantastic rKill.
