No single product is 100% foolproof
What is the best program to use to double check that there isnt anything else on here I should fix?
and can detect and remove all threats at any given time. The security community is in a constant state of change as new infections appear. Each vendor has its own definition of what constitutes malware and scanning your computer using different criteria will yield different results. The fact that each program has its own definition files means that some malware may be picked up by one that could be missed by another. Thus, a multi-layered defense using several anti-spyware products (including an effective firewall) to supplement your anti-virus combined
with common sense and safe surfing habits provides the most complete protection.
However, you can overkill your system with resource heavy security programs that will drain your resources and slow down performance. Sometimes you just have to experiment to get the right combo for your particular system as there is no universal solution that works for everyone.
See BC's List of Virus & Malware Resources
and Freeware Replacements For Common Commercial Apps
I still have over 70 running processes. How can I tell which of these are legitimate and which are not needed?
Anytime you come across a suspicious file or one that you do not recognize, search the name using Google or the following links:BC's File DatabaseBC's Startup Programs DatabaseFile Research CenterSvchost.exe
is a generic host
process name for a group of services that are run from dynamic-link libraries (DLLs). It is not unusual for multiple
instances of Svchost.exe running at the same time. The process ID's (PID's) must be checked in real time to determine what services each instance of svchost.exe is controlling at that particular time. To investigate these processes, see "How to determine what services are running under a Svchost.exe process
Determining whether a file is malware or a legitimate process sometimes depends on the location (path) it is running from. One of the ways that malware tries to hide is to give itself the same name as a critical system file. However, it then places itself in a different location on your computer. A file's properties may give a clue to identifying it. Right-click
on the file, Properties
and examine the General and Version tabs.
You can download and use Process Explorer
or System Explorer
to investigate all running processes and gather additional information to identify and resolve problems. These tools will show the process CPU usage, a description and its path location
. If you right-click on the file in question and select properties, you will see more details about the file.
If you have XP Pro, you can use Tasklist
to display a list of active processes.
Go to Start > Run and type: cmd
At the command prompt type: tasklist /svc >c:\taskList.txt
Then go to Start > Run and type: c:\taskList.txt
press Ok to view the list of processes.
The /SVC switch shows the list of active services in each process.
For help and syntax information, type the following command: tasklist /?
press ENTER or see: Syntax options
You can also use the WMI command-line utility
to view and list processes.
Go to Start > Run and type: cmd
At the command prompt type:WMIC /OUTPUT:C:\ProcessList.txt PROCESS get Caption,Commandline,Processid
or you can type:WMIC /OUTPUT:C:\ProcessList.txt path win32_process get Caption,Processid,Commandline
Then go to Start > Run and type: C:\ProcessList.txt
press Ok to view the details of all the processes.
Anytime you come across a suspicious file which you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to jotti's virusscan
. In the "File to upload & scan
" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.