How many of you can hit Ctrl Alt Del and know what everything is doing that you see in the process list? Probably not many people can do this or even care to and thats why people get infected with trojan and virus’s and the like. The less you know about what your machine is doing in terms or what its running the less secure you will be.

So if I’m a new user how do i combat this type of situation well for starters its not going to be easy. For one thing you got to do some research and find out what all them things do that you see in the process list. Some of the stuff in the list has to be there in order for windows XP to even run other stuff though don’t have to be there. The big question is whats what and what should stay and what should go. My answer to this is google and the web in general. Here is a web page here that will show a lot of the default services or process’s and what they do. http://www.blackviper.com/WinXP/servicecfg.htm

If you goto that link and scroll down you will see a chart and it shows a lot of services and if you click on a name it will tell you what it is and how use full it is. Do note before screwing around with any of this stuff i suggest you read carefully what all the things are and what they do. If you turn the wrong thing off that could cause issues with other software on your machine or XP. To see all the services running on your machine go to to the control panel and click on the Administrative icon once that comes up then click on services. When you do that you will see a big list of stuff and if you right click on any of the service names and select properties you will see you can disable and change a few other settings.

Now the web site i gave you may not cover everything you have running on your machine in that case type the file name of the service / process in to google and that may come back with some information. Do Note if you type a file name in google it may come back and give you a list of hits and some of the hits may be saying the file you typed in is a virus / trojan. This is where it gets tricky you basicly have to figure out if it is or not. Don’t ever assume that because you have a virus scanner that you can’t be infected with a virus / trojan. The virus scanner is only as good as its last up date. On top of that if a virus is really new or not very well known your virus scanner may not even see it as a virus. Keep in mind the only way for the virus software to know if it is a virus is if someone at say Norton or Mcaffee get a hold of it and examine it for malicious code.

There is no mistake about it doing this sort of investigation on your machine will take time and it will be a pain in the ass to figure everything out but i can’t stress enough how important this is. The sooner you can identify everything in the service list and everything running under the process tab of Ctrl Alt Del the better off you will be in the long run.

When you do have your machine figured out then you have some options. First there is a small utility called startup monitor the software is free. On the same web site you get that from the same guy also makes another program that will show you the most important parts of the registry where files can be run from and anything else that loads on boot up. Start up monitor once its run just does its thing by itself it doesn’t even put a icon in the system tray its invisible basicly. However if something should try and install itself on your machine while start up monitor is running it will notify you right away and ask you if you want to allow such an action. This program is really good and it will keep an eye on anything trying to add itself to your boot process that you don’t know about.

Keep in mind when you install this start up monitor you will see it in your services list or in the process list when you hit Ctrl Alt Del. So the web site you want to get the 2 programs off of is…
http://www.mlin.net/StartupMonitor.shtml That link will give you startup monitor and this other link will give you the other program that monitors what gets loaded up when you boot your machine and thats at this link.. http://www.mlin.net/StartupCPL.shtml So hop over there and grab the software. Both programs are free so if you like them and find them useful donate a few bucks to the guy who made them in his own free time. One thing about startup monitor the one that runs in the background may give you hassle if your doing certain windows XP updates from microsoft. A lot of windows updates require rebooting and all that so the startup monitor may get in the way of that. If it does get in the way just disable it till the windows update is done then re activate it again afterwards. You may also want to disable it before doing a windows update.

Other then what i have said above i can’t say much more it just takes time to get to know the machine. When you do though you will be proud of the fact you know whats going on and whats doing what. Unfortunately the only true way to know whats going on the machine when its not infected with stuff is to do what I’m talking about after a fresh format of the drive and a clean install of Windows XP. Formatting and re installing Windows XP is a pain in the ass but it gives you a chance to see what gets modified on your system after you install each program.

And that reminds me thats a good habit to get into any time you install something always check your system files and see what the program added or changed. If you do this for every program you install you will know whats what in terms of processes running and what services belong to what.

If you don’t want want to install any of the software i mentioned you can use msconfig.exe that comes with XP just goto your start button and then select the run option and type in msconfig and hit enter. That program will tell whats being loaded on startup and what services are being loaded on boot up. I don’t think the msconfig one is as good as the other program i mentioned above though that monitors startup files. The program above that monitors start up files also monitors important parts of the system registry witch is where a lot of programs are run out of.

So in closing my point to all this is get in your machine and see whats going on , the more you learn the better off you will be. You may even screw something up and thats all part of learning as well. At least next time you will know what not to touch lol. If your careful though and just don’t start turning things off at will you should be all right. Also if you can do a complete backup of your system before you start playing around that could save you if something goes wrong.

WolfManz611..