Panda Cloud Cleaner is a new and effective tool to remove active malware.
By default Panda Cloud Cleaner performs a Quick Scan.
This kind of scan performs a fast check of the system memory, the Registry and known locations where malware is commonly found at boot time. This scan is launched by clicking on the “Accept and Scan Button.”
To maximize detection capability, the infected computer must be connected to the Internet for Cloud cleaner to work at maximum capability, as it leverages cloud knowledge and connects to its backend server during scans.
Once it has scanned all these areas, Panda Cloud Cleaner sends a report to the cloud and waits for this to return the disinfection instructions associated with the detected items.
Besides letting you disinfect any malware specimen identified by Panda’s Collective Intelligence, it shows any other categories of detected programs that can potentially impact in the PC performance or security.
All these different identified categories are shown below:
If known malware is found it will offer the possibility to disinfect the detected items, which are shown to users marked to disinfect by default.
Potential unwanted programs (PUPs) could have unexpected or undesirable effects on a user's computer. For example, once downloaded, some PUP programs may run background processes that could slow the computer down, or may display numerous annoying advertisements. The sole purpose of some of these applications is not discovered until they have been installed and run. Most often, PUPs are downloaded and installed with legitimate applications, and users are unaware of these additional installations because they do not read user agreements thoroughly.
Anyway, PUPs are not marked to disinfect by default in order to let the user choose if he wants or not to keep the PUP installed.
Panda Cloud Cleaner also shows suspicious items found, like those that look similar to mutations of malware or also unknown very uncommon recently installed programs. This allows the user to take visibility of the most risky recently installed programs and, therefore, the ones with a higher probability of being unknown malware not yet included in the Collective Intelligence database.
Suspicious Policies are related to those changes in the operating systems than could have been due to a malware attack.
To keep your computer better optimized and a bit more secure, it’s recommended to at least delete browser temporal files:
The Trusted boot scan is an scan option that is used to detect rootkits and also to block malware whose effects may seriously affect disinfection efforts, for example because they kills AV processes, or it runs only during the start up and then, disappears, etc…. In short, it´s the scan mode recommended when the computer is affected by a rootkit or MBR malware or a very resilient malware.
To this end, Panda Cloud Cleaner temporarily installs a secure startup monitoring software and requests a computer restart.
Important: this software (drivers) are only compatible with 32-bit operating systems; therefore, this scan option is only available on those systems. At this moment the trusted boot scan is not available on 64-bit systems because these OSs provide more security against rootkits than 32-bit systems.
Panda Cloud Cleaner will automatically detect if it is running on a 64-bit system and will then disable the High Security Analysis option.
The trusted boot scan can be enabled by clicking on the Advanced options on the main screen, and enabling the corresponding check
Phase 1 starts with the drivers installation. A reboot is required to end up the installation process successfully.
Phase 2 starts immediately after the reboot required to install the aforementioned drivers. During this phase the driver is already active and Panda Cloud Cleaner can check file and process creation. The tool performs an initial scan looking for suspicious items, which can be blocked later on by the user.
After the Phase 2 scan is complete, Panda Cloud Cleaner will display the scan results like a Quick Scan.
Clicking on each category will display the list of items to be blocked after restart. To put it briefly, Panda Cloud Cleaner will use a white list of items that will be allowed to run in Phase 3, whereas any other items will be blocked. This white list will be used to configure the boot of the computer (during the trusted boot phase), so any kind of suspicious item will not be loaded.
In addition, Panda Cloud Cleaner will virtualize the registry entries to block, so that if anything fails at the beginning of Phase 3, they will not be affected when Panda Cloud Cleaner is uninstalled and the computer will be able to boot up normally. Click Clean to restart the computer in ‘secure’ mode.
This phase scans your computer just like the Quick scan option but in a safe environment. All items (Registry entries and files) not marked as safe or not allowed at the end of the Phase 2 scan will be blocked. For example, if during this phase the user tries to manually run a not allowed item, Windows will display an error message. Obviously no malware should be able to run during this phase, unless the program was not configured properly.
After the Phase 3 scan is complete, Panda Cloud Cleaner will display the scan results:
In addition, and only in this phase, Panda Cloud Cleaner can identify Master Boot Record modifications and suspicious drivers as ‘anomalies’ (“Unknown Files & Anomalies” Category)
After restarting the computer the disinfection process is complete.
Panda Cloud Cleaner offers a set of advanced tools only recommended for advanced users. Those tools are accessible through the Advanced Tools Menu on the Right Upper corner of Panda Cloud Cleaner.
The available tools are:
By default Panda Cloud Cleaner performs a Quick Scan. However, other scan options are available too, as a full computer scan or a customized scan where the user can select the folders to analyze.
These options are available in the arrow down of the “Accept and Scan” button: