How to Stop a Virus in Windows - Identifying rogue processes

(Page 3 of 4 )

The first step I take in identifying malware or viruses is to download and run HijackThis 2.  It has taken some heat recently over some false positives and its inability to stop some processes; however, it still remains one of the best tools available for identifying threats.

Reading a HijackThis log can be a bit intimidating.  The program's author has written a brief tutorial that can help you get started, but it shouldn't be a replacement for posting in a knowledgeable forum.

Once you become accustomed to reading the log, identifying rogue processes becomes extremely easy.  You'll want to pay specific attention to the auto start and BHO (Browser Helper Objects) sections since these are common hot spots.

Most rogue processes will be randomly named.  They can typically be identified quite easily this way.  Others may try to name themselves after valid Windows files.

Once you identify a suspected file or process a Google search will typically reveal some useful information.  For best results, be very specific in your search by only searching for the file or process name.  There are also several useful sites where you can look up processes. 

• Microsoft Dll Help Database (for identifying files in Microsoft products)
• ProcessLibrary.com
• WinTasks Process Library

Once you have identified a rogue process, the next course of action is to find and stop it.

Next: Stopping malware and viruses >>
 

More BrainDump Articles
More By Nilpo/Developer Shed Staff Writer

Comments On: How to Stop a Virus in Windows

· With an influx in new viruses and new variants on old ones, anti-virus makers are...    · Computer viruses are among the oldest and most dreaded computer security threat....   >>> Post your comment now!