Suspecting that there is a Malware in Your Windows Device?
It is Easy to say that we are trying to detect but it is not easy as it seems or as it is written, Detecting a Virus (or a Malware Particularly) is one of the toughest Jobs to perform and analyze on a system. To Track and figure out that your system is infected with such a code/program it is a long road to cross, but some people have the instinct and the experience more than others to smell those tiny hacking annoying and destructive programs and malicious codes. I will try to guide to detect some (not all no one can assume that they can find all the malware I will try to guide you with some of my Experiences and trials that should be able to help you through this volcanic road that can erupt anytime with out warnings).
First Who Creates Malware? By Kaspersky.com
Malware is created by a wide range of people such as vandals, swindlers, blackmailers, and other criminals. While the overwhelming majority of malicious programs are designed to make money illegally, the motives behind creating malware can range widely from pranks and activism, to cyber theft, espionage, and other serious crimes. If you’re mystified as to why someone would want to put so much effort into attacking your computer or your mobile device, let’s take a moment to consider the type of people that become malware creators… and how they benefit from creating malware.
Check out this Article about Malware from it's Source : Kaspersky "Who Creates Malware?"
If you think you have a malware on your Windows Computer Follow these steps (it Might be Helpful for your case).
1- Malwarebytes and Kaspersky:
Download Malwarebytes and Kaspersky from the internet, Both come with trials and FREE Versions with the best experience of both and the best results came from these 2 Softwares. There are plenty on the internet but I am only sharing my experience with you and you are free to download and try whatever you want and find more suitable for you.
After downloading and installing run a Deep Scan with Malwarebytes check whether your system has malware infection or if automatically there are quarantined files.
Run a Full Scan with Kaspersky and check whether you have infected or automatically there are some quarantined files and perform recommended actions for both Malwarebytes Kaspersky and reboot the system.
2- Check Startup & Process
Windows 7: Windows+R type in Run Command: Msconfig and go to startup Tab
Windows 8,8.1,10 : Right click on the Taskbar and go to Task Manager and open the startup tab
Look for something that is booting with the PC that is unfamiliar even if it was labeled as Microsoft or Office or Windows something.
For the Process go to Task Manager and in the Process Tab check the process for something unfamiliar or suspicious and try to google the name to see whether it is familiar with something you are using or installed to check if it has something in it's reputation for example the process named "explorer.exe"
I go to google and type : what is Explorer.exe in my process and as the report comes from there I will check if my doubt is in the right way or just paranoid by performance or actions took on my behalf to get that weird malware attack feeling ... Depends on the action I took in the last days, hours.
3- Go to Windows + R and type: %appdata%
this command will take you to your Roaming Folder in Userprofile\Appdata\Roaming
in this step and later steps keep these setting while you are searching for that potentially Malware File or Malicious File.
go to your explorer any folder: View, Options, Change Folder and search options, View TAB (in windows 7: Tools, Options, View Tab).
check Show Hidden Files, Folders and Drives
uncheck these 4 "Hide Empty Drives"
"Hide Extensions for known file types"
"Hide Folder merge conflicts"
"Hide protected operating system files (Recommended)"
Check for files in there that are hidden and suspicious in weird names and scan those files with both AV.
and start searching the PC for weird files and things that seems to be tricky.
4- Online Scanning Tools
Every file you suspect it is a malicious file upload it to an online scanning antivirus Server Like (https://www.virustotal.com) or any other but this one I've tried and it worked perfectly.
after you are done from Step #4
TO Be Sure the malware you are looking for or suspected in it is not sending logs and stuff to the attacker/Hacker Turn off your internet and work Offline.
5- Protect Your Accounts and Privacy
Use another computer system that is not related neither by network neither by USB(Flash Drives or External HDD) to change all your Passwords (Gmail, Outlook, Yahoo, Facebook all Social Media...) if you are using Browser's Password Saving Passwords (check that list and change all your Passwords on that list).
Activate on all sites Two Factor Authentication and try to receive SMS, Google Authenticator, before logging in to confirm it is you.
Log out of all other sessions from Google, Facebook, and any other site that has this feature. (Log Out from All Devices)
Review Login activity and emails sent from your e-mail(s).
Check your YouTube channel for videos if new videos were uploaded and report to google directly.
Inform everyone if they received from you an email to not open it or press on a link sent to them they might get infected too.
Check your Google Drive, One Drive, Dropbox or another Cloud Servers, for weird activities that you have not done any changes or uploads.Make sure you inform google or outlook about the incident so you don't loose your account due to usage of the account in a way that is illegal or not following the community rules on some Sites, uploads, mails sent from your account, searches that are suspecious, videos containing illegal substances.. ect ..
After the Confirmation that you have a positive malware you should Re-Install Windows OS but make sure that you do Step #5 and be sure to secure yourself and your accounts and put different email addresses to access those accounts and if applicable your phone number also to make sure that you will not loose access to your accounts.
6- Conclusion
Learn your lesson and don't press on any suspicious Link and don't download from Untrusted and Non-Genuine sources because Malwares and Viruses are Much more advanced than AV Files definition and Updates. If all these steps were all done and you did not find anything and your problem remains the same (Lagging, Poor internet connection, Unsecure feeling and weird behavior from your system) you should probably contact us to follow you on Support Calls we will Reply within a Business day and we will be more than happy to Help you with your problem. But take a note that we are writing this about malwares that we've encountered some malwares are different and have different symptoms, we will keep you updated.
For more info we will very Soon update this and Post another post what to do before this whole procedure to check your system files and Hardware's Life (PC Health Software/Hardware).
7- Keep your windows and AVs Updated and Stay Safe
Always Update your OS because Microsoft always sends Patches and Update Viruses Definitions and Keeps your privacy Safe.
Your Antivirus should always stay Updated so you can have a strong protective-wall against those malicious codes usually AVs Definitions are updated automatically every 3-4 days but it doesn't do any harm if you check for yourself for your own good and safety of your privacy and files and your internet-social-life will be at minimum risk.
I Hope that I can Help Someone in this Thread. Comment below if you have any suggestion or any new method maybe we can Update together for a better community.
EL-GEO Certified Malware Analysis






Comments
Post a Comment