Pages

.

Wednesday, 8 January 2014

Checking for virus/malware : using MSCONFIG


Now let's continue with the easiest part. Here, we are going to play with MSCONFIG a.k.a MICROSOFT SYSTEM CONFIGURATION UTILITY. ~This wouldn't be long as my previous posts. I swear~

You can use msconfig to enhance your PC performance where you can select which programs can and cannot run in your system during startup.

If your computer runs slow during the startup, it might be caused by several programs loading took up quite a lot of memory during the process. So, this utility is helpful in that matter to boost up the speed of your PC.

Sometimes, when your PC starts to run slow during the startup, there is a possibility that a virus might also "working" during the start up. 

And sooo you need to check what type of programs run in your startup, a software or a virus ~ I think, it will take long too. I take back my previous promise~  as well as terminating the programs/virus forever.

* There'll be a virus... the stubborn one... that will always get in your way. You'll understand what I mean once you find one.

While msconfig did not delete the virus, it is very helpful in order to terminate and prevent the virus from running in your system every time you run your PC or laptop.

**Again with that lot of BS~ let's get down to business.**

First, open MSCONFIG.

Go to RUN and type msconfig in the empty field. Hit OK.

A System Configuration windows will pop up.

Select ''services" tab to see list of services that operate in your system. You can select "disable" to stop unnecessary services from running in your PC.



In my case, I stopped the Google Update. It's not that necessary as it would take up necessary resources that sometimes will make my laptop runs slow.

***Just a reminder!! sometimes google update is a malware/ virus. So, you need to be familiar with its activity. That's why you need to also check in in your taskmanager and regedit.

Move on, go to "startup" tab.

Here, you can select which programs should load during the startup.

Since there are lot of unknown stupid programs running in my system, I disabled all those that you can see in the lists. Two of them are virus namely HJRUDZ5DT2 and PDFCreator (was infected).




Since you can detect it, run your antivirus on that specific location. If your antivirus could detect it as one, it'll be automatically removed.  If not, then you have to do it manually by locating the virus in the said location given.

Picture below showed the exact location of the virus in my registry editor.



Since I know where it is now, I went and proceed to delete it using regedit ~soon will be posted~

**Just a note;
HKCU - HKEY Current User
HKLM - HKEY Local Machine

See, isn't that easy?

If you are unsure, well... google | yahoo | bing it!

Link/s;-
> Using CMD - Part 1 <
> Using CMD - Part 2 <


P/S : Woah! I never thought that I'll be able to post all those methods here. I'm sooo amazing!

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...
 

sum o' spies