How to differentiate the genuine from the fakes? If you were to open Task Manager on a machine which is known to have viruses/trojans/worms, more likely than not you'll find an array of unfamiliar (or familiar) processes that are running on the victim.
A great resource if you have access to internet would be here at LIUtilities. They have an extensive list of tasks that are known to hide in your OS as if genuine processes. Don't get confused! Some are just a matter of a letter difference. For example the legit syshost.exe becomes svshost.exe. If you look closely, the "y" is missing its tail!
Simply go to the page and search for your suspicious process. Then click on the link to see how severe it is. You'll see a security rating, 5 being greatest, and the category of damage it can bring. Of course LIUtilities has a product that could zap it all for you, but being the self-proclaimed geek I am, I prefer to do-it-myself. (WARNING: Only for trained personnel! Or those who don't mind formatting your computer again! Fiddle at your own risk!)
Another excellent free utility to check your running processes would be Process Explorer by SysInternals. This will give you a better understanding of what the process is actually doing, where it's from. Usually, Windows processes are marked from Microsoft. If they look like Windows OS processes without the Microsoft label on it, then its worth taking a further look. Right-click and Google it :)
Happy Zapping!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment