Pages

.

Wednesday 16 October 2013

Checking for virus/malware : Using task manager


So you think your PC is cleaned from virus? Don't be so sure because in some cases, antivirus cannot even detect let alone deleting the virus/malware. ~Aww! That sucks. I know.~

* Did you know that MALWARE is a short form of MALICIOUS SOFTWARE? ~Maybe you do, just thought  of sharing some information~

Don't be panicked! You can be an expert for a while just by DIY using this simple trick. TASK MANAGER or another name TASKMGR. ~actually, I want to explain more about taskmanager but I think it gives me a hell lot of works so I just skip the rest and go straight to the point. If you wanna study more about taskmanager, well, you have google. Explaining about it takes me lotsa efforts and it's a pain in the a**~

Taskmanager helps you to monitor your PC activities. This program provides you with detailed information about your computer performance, CPU usage, running applications, network activity and statistic,  processes, logged-in users and system service ~see! pain in the a**! too much to explain. It's gonna be long~. In short, you can actually see and "detect" the virus/malware programs that are running in your current system while your are running your PC.

Skip all of the above. They are just a damn introduction. Here is the real deal.

Opening the Taskmanager.

Right-click on the taskbar, and click the START TASK MANAGER.


or,


Point to START --> RUN. Inside the box, type TASKMGR.




A/N :  you can also use CMD but I don't feel like typing... it... yet! And, there will be a time that you can't even open your taskmanager (disabled by administrator sort of thing). Might as well write an entry about opening disable taskmanager. update this some time later.

What to do next?

The first thing that you should look at is the performance of your PC. How? Check the CPU usage percentage by pointing to PERFORMANCE TAB. Then use your logical thinking. If you are running just a few programmes but the CPU usage percentage is high (up to 90%-100%). There surely something wrong with your PC. You might also want to look at the number of threads/ processes and handles. Normally, it depends on the software. Sometimes some just use a little memory while another might use greater memory.




A/N: It is best to run taskmanager after the startup. You'll see better. Believe me. Or, maybe you might need to close some programmes such as games or any other running applications. Unless you really know your PC's performance.

Next, go to PROCESSES TAB to look at the running processes/programmes in your PC. 


You can see types of processes that are running in your current system. If you somehow detect two identical processes running at the same time, or some unknown name that you suspect is a virus ~you can feel it... I can! Use your instinct peeps~, or a programme that you sure you have deleted or uninstall but still running... then there are high possibility that your PC is infected.

There are certain processes that you don't have to care about. They are just default processes that make your PC runs. Don't delete them unless you are really sure what you are doing!!!



Those that have been highlighted ARE NOT TO BE TERMINATED. There are also other default processes such as;


alg.exe
lsass.exe
msiexec.exe
services.exe
smss.exe
spoolsv.exe *(related to printing process. It can be terminated if this causes a problem)
svhost.exe
System
System Idle Processes
Taskmngr (if you are running this programme)
wmiprvse.exe
wuauclt.exe
~Aaaah... explaining this sure makes me lose my purpose of writing. Google it yourself~

A/N: It depends on the programmes  running on your system though, such as printer, antivirus or something alike. Any current applications that are running on your system are listed in the processes tab. Hope you get the idea.

If you notice foreign programme is running and you are certain that it is a virus, then don't hesitate to terminate the process. If you are unsure, you can look up the name in the internet.

Last but not least, terminate the unwanted programme by right-clicking the name and choose END PROCESS. When a windows pop ups, just click again on the END PROCESS.



Well, at least you can stop the virus temporarily from running on your system. But sometimes, the programme can launch itself and if I explain more, it will take forever so I stop here.

You might also want to check using REGEDIT, MSCONFIG, CMD. I think I will explain them more in my next post, if I am that kindhearted enough... to write.

P/S : I never thought this will take this long. Not to be sounded like a jerk, but if you have problems, feel free to leave comment/s or ask question/s and I might as well answer your Q or click here. 

1 comment:

Related Posts Plugin for WordPress, Blogger...
 

sum o' spies