Malware doesn’t usually sit idly on a computer; it will run as a background process behind windows where you cant see it. From there, it can monitor your activity and start throwing pop-ups. The first place to check to see if you have malware is through the Task Manager.

If you aren’t familiar with the Task Manager, it is one of the most powerful utilities Windows has to offer. You can access it by pressing Ctrl+Shift+Esc or by right clicking on the task bar and selecting “Task Manager”.

Once there, you will have all of your system’s applications, services and processes (they are different) at your fingertips. The Applications tab shows you currently running programs that you can see ie. Microsoft Word, Google Chrome etc. The Processes tab shows you all of the software that your computer is using in the background of your Applications. This is where you want to look.

From here, you can see the Process ID, Memory Usage, CPU Usage and a description of the process itself. You can sort by these  values to either list the processes alphabetically or by the amount of resources used. I find it most useful to sort by Memory Usage if your computer is running slowly.

Most processes developed by reputable manufacturers will have a full, and ‘well written’ description that succinctly describes the process’ function. Your first cause for concern is a process without a description or one that is extremely limited. Note, sometimes a valid and reputable process wont have a description. Now its time to Google it! Simply search for the name of the process in question and you will no doubt find dozens of websites that carefully evaluate the process’ reputation.

Lets say that you see a process running called “Hijack.exe”. It has no publisher information and its description is also empty. Upon searching for Hijack.exe you find that thousands of people have identified this as malware. What do you do from here?

First off, end the process. Simply select it and click End Process/End Task. From there, you should run an antivirus scan. If, somehow, your antivirus doesn’t detect it you should open up a Run Dialog with Win+R and type in MSCONFIG.EXE and press enter. Once there, navigate to startup items and make sure that Hijack.exe is not listed in your startup items. (On Windows 8, Startup Items is also in your Task Manager).

Next, restart your computer and get yourself some new antivirus!

Task Manager is an extremely powerful tool that should be used with caution. Some processes are critical to windows functionality and stopping them can lead to the dreaded BLUE SCREEN OF DEATH. Google is your friend, and so is the task manager. Become familiar with your normal process IDs so that you can immediately identify a suspicious/malicious one.

If you have any questions, feel free to comment or give us a call at the office! =)

 

One of the tech questions I am most frequently asked is, “What is the best Antivirus out there?” To which I respond, “It’s different every six months.”

For the past 6-8 months, I’ve been a firm supporter of Avast Antivirus. It was an antivirus program that didn’t try and intimidate its user’s. It had a simple, intuitive interface and even let you choose “Pirate” as the announcement voice: brilliant! In addition to the well-designed interface, it seemed to be a really solid passive (live monitor) antivirus software. It caught malware when I suspected a computer to be infected and after one or two full scans, it showed the system as clean and I had no reason to believe otherwise.

In the past two or three months however, I’ve been getting a lot of calls about Windows and third party software acting a little wonky/erratic/spooky. Upon inspection, Avast is actually attacking software like Google Chrome! Boot times had slowed, some programs stopped working, malware started slipping through the nets!

What had happened? Why had one of the first ‘layman’s antivirus’ programs begun to devolve into another Norton?

I see a trend. Each year an antivirus program puffs out its chest and touts something about it having security professionals on the design team, or the most current virus profiles and now, the smallest digital footprint. Professionals and consumers flock to it and install it because their antivirus from last year started letting malware through and breaking programs or making their computer very slow. (See where I’m going with this?)

Norton Antivirus used to be the heavy hitter, then it became so resource dependent that it was worse than a virus for a computer. McAfee and AVG followed thereafter. McAfee was the first to fall into disrepair and eventually became as secure as swiss cheese. I recently worked with a client running AVG and it was one of the worst experiences I have ever had with an antivirus program; the details of which I’d be happy to share in a later post or comment thread. After AVG was an assortment of Bitdefender, Windows Security Essentials, Vyper and some others, but none really stood out as much as AVG or Norton. Avast came onto the scene but as I said before, it is in its decline now.

At netEffx, we are currently installing and recommending WebRoot. For the time being, its the fastest, most secure, low-profile antivirus on the market. We’ve installed it in a couple client networks and everyone seems to love it. We also always run Malwarebytes alongside our Antivirus, which I will talk about in a future article.

If you are looking for a quick and clean antivirus software, check out Webroot. It looks to be the new big thing.