E-Virus (Part II): Maybe your PC is infected ... how to verify their presence?
Depending on the level of operation of the PC you can work in various ways:
A) If you can start and enter your username and password.
In this case you can use some tools:
1) Using the free tool GMER http://www.gmer.net/ you can see if it'is present a rootkit, disable and / or remove the service / process indicted (E-viruses) from memory and from boot starting process (of the next time). To recognize the services / processes containing E-virus you should look for files with names abstruse (eg: rytrewxz.dll). GMER usually marks them in red and / or specify the attribute (*** hidden ***) which means "file hidden to the user." In case that appears the message: "WARNING! GMER has found system modification, Which Might Have Been Caused by ROOTKIT activity. Do you want to fully scan your system? " it is evident that GMER has identified a rootkit on the system and asked to start the full scan of your PC.
2) If you press simultaneously the keys CTRL + ALT + DEL and you access to the task manager (Windows Task Manager) you can see all the processes in memory and identify the processes that have random names similar to those shown in case (1), possibly you can kill ("terminate") them, that is, temporarily remove it from memory.
3) Using the free tool McAfee Stinger http://www.mcafee.com/us/downloads/free-tools/how-to-use-stinger.aspx you can identify and remove the most common e-VIRUS. The procedure is automatic because the tool detects both infections in place (files in memory), either tracks and files infected from the hard drive analyzed. The tool shows which and how many "problems" was able to identify and provide for its eradication.
4) Using the free tool Prevx http://www.prevx.com/ you can identify both rootkit either the kind of insidious virus that is installed for example in the MBR (Master Boot Record) of the hard disk. In the free version detects and lists all the E-virus present in the system but does not eliminate them. However, it may be useful to identify the name of E-virus present in your PC or the type of epidemic in progress.
5) using the free service OpenDNS www.opendns.com for malware detection. It is totally automatic and when it detects suspicious activity on the control panel of the OpenDNS website appears the message "Malware / Botnet Activity Detected". Inside:http://itmanagerslife.blogspot.com/2011/07/opendns-replacement-for-improving-dns.html