General discussion

Locked

identify good & bad processes In Me& XP

By bob21 ·
I run computers with Windows Me and XP. Windows processes and files have very cryptic names.

1. I would like to minimize the number of processes that start up when Windows opens. Is there some place that lists all, or most of the process names, and tells what they do? And for other software packages?

2. I would like to be able to tell the distinguish between valid processes from windows and my software, and others such as viruses, spyware, trojans, or just unneccessary stuff set to run in case I might need it.

3. If I prevent a processs from starting up with Windows, how can I get it to run later, if I need it? (without rebooting?)

4. In the same vein, where can I find out what files belong to Windows, and what they do? For example, there are a couple of huge files that have appeared recently in my system root drive that claim to be protected system files. I can't read them, or move them (to see if they are really used by the system). Maybe they are part of a trojan using my computer.

I have moved the page file, Temp folders, My Documents, etc to separate partitions to free up space on the c: drive. I use AV6, and Ad-aware. But when the computer still slows down, hangs, or all the free space on c: drive dissappears, I think something is not kosher.

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by darts32 In reply to identify good & bad proce ...

Hopefully I can help with some of your questions.

First, a good site to identify processes running.
http://tinyurl.com/97zn

You can click start,run and type msconfig and hit enter. This will show the startup processes. You can turn them off or on from there. Without rebooting, can't help you there.
Note: Some spyware and virus will turn themselves back on however after a reboot.

To turn some processes off you may need to go into the processes tab in the task manager and/or go into \HKEY_LOCAL_MACHINE\software\microsoft\windows\cerrentversion\run (be careful in here)

good luck

Collapse -

by pierrejamme In reply to identify good & bad proce ...

Ity is possible they are loaded up with SpyWare/Malware or possibly even a virus. Check your virus status first.

If you are unfamiliar with spyware/Malware, check out the articles at:
http://www.pcmag.com/article2/0,4149,1522416,00.asp
http://www.pcmag.com/article2/0,4149,1523357,00.asp

If you have XP or Millenium, it has a System Restore:
You need to disable systen restore before removals tools will work.

Turn off System Restore:

Click Start > right-click My Computer, and then click Properties.
Click the System Restore tab.
Select the "Turn off System Restore" check box and then click OK.
Click Yes when you receive the prompt to the turn off System Restore.
While you are in My Computer, click on the "Advanced Tab" and then the "PerformanceSettings button" and then select "Adjust for Best Performance". Next select the "Eror Reporting Tab"Button" and select
"Disable Error Reporting".
Run MSConfig and select the "Services" tab, Put a check in the box: "Hide all Microsoft Services" and then uncheck all the rest.

When you reboot, the system restore wont replace the automatically backed up file and reinfect you.

A good program to use if your Windows Viruscanner is compromised is either NOD32 for DOS trial at:
http://www.nod32.com/download/trial.htm
Or Mcafee's Stinger at:
http://vil.nai.com/vil/stinger/

After you are virus free then attack SpyWare.
For the Spyware/Malware the two best Free scanners are AdAware 6 at:
http://www.lavasoftusa.com/
And Spybot Search & Destroy version 1.3 at:
http://www.safer-networking.org/index.php?page=download
After Installing each check for updates before proceeding. Both have several cool tricks, Adaware has a custom search that can search your Hosts file and your archived files as well. SPpybot S&D has an new program called Teatime that doesn't install by default you have to check the box ehn you are installing. SPybot S&D also has an Immunization program.

Collapse -

by pierrejamme In reply to

CONTINUATION:
Another excellent program is SpySweeper from www.webroot.com, it allows for one update and then you need to purchase to get anymore updates. It will find a lot that the two free one didn't.

I also use PestPatrol which also costs money. It is located at:
http://www.pestpatrol.com/ and they have a free pest scan if you can stay on the Internet long enough.

Steve Gibson also has several really good security tools as well as his famopus "Shields UP" tester at:
www.grc.com

When you are all clean, get the free ZoneAlarm 4.5 at:
http://download.zonelabs.com/bin/free/1043_zl/zapSetup_45_594_000.exe
This is a slighly older version, but the is a problem with version 5.0.
Or even better buy the Pro version.

If you don't have a virus scanner you can get a good free one at:
http://www.free-av.com/
or:
AVG v 7.0 at:
http://www.grisoft.com/us/us_updt7.php

It might be a good idea to also install "IESPyAd", it will add some custom (known) certificates to your block list so you don't get hijacked.
https://netfiles.uiuc.edu/ehowes/www/resource.htm

After removing the trojan and reboooting, rescan your system one more time then re-enable system restore.

Turn on System Restore Back on
Clear the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK. then reduce the amount given to System REstore, deppending on how much room you have on your hard drive, 3% is plenty.

Collapse -

by cglrcng In reply to identify good & bad proce ...

Just to update...ZA is up to version 5.1.011 now and just fine.

Also get Boozooka.exe another spyware scanner that finds suff others don't. And Perfect Companion to clear that startup folder easily from www.easydesksoftware.com (PerfectNT for the XP unit though). I personally use Pacs.portal.uk for the startup listing but there are others out there. The Adaware6.0 if you look 2 the log right after it finishes scanning you will learn a bunch about what is & isn't normal in ME.

Back to Windows Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums