Do You Really Know What's Running on Your PC?

Getting critical information to help you secure your computer before it's too late

Question: Is there a sure-fire method to prevent security threats that have been missed out by anti-virus, anti-spyware products or firewall?

In this article I will answer this critical question by sharing a recent experience with you. I will also give you the sure-fire method to prevent grave security threats that have been missed out by your anti-virus, your anti-spyware or firewall software.

I am not saying that you should do away with these crucial components of your security: just that sometimes malicious code (malware) may be insidious enough to trick all or one of these components and reside itself on your system. And, it becomes almost impossible to remove.

To top it all, the rate of development and proliferation of malware is always greater than the rate of updates of your anti-virus and anti-spyware (usually on a weekly basis). You just don't know what is brewing on the Internet. Your firewall and antispyware/virus software isn't always enough.

When you suspect that your computer is running slower than usual, you should immediately see what processes are running on your computer. As suggested in last month's article (Maximising PC Security with WinTasks and Processlibrary.com), your first instinct is to call up Windows Task Manager.

Despite the short-comings of this in-built Windows utility, you may still use Windows Task Manager to identify the name of the processes. The next step should be to look up these processes on processlibrary.com (read also Information is King: What are Process Libraries).

A few weeks ago, I remember battling with my computer's CPU and MEM Usage resting at 100% all the time. Running any application was a nightmare - I just felt like kicking my notebook out of the window (and that's only four floors up!). I downloaded and run the latest Trend Micro anti-virus and Adaware anti-spyware programs.

My PC was infected and I managed to clear most of the stuff I had contracted through the Internet. However, my computer was still as slow as ever. I said it just can't be - do you have to upgrade my memory? The computer was just fine a couple of days ago. Wasssup?!!

I noticed about 30 processes running while my computer was officially not running any applications whatsoever. I logged on to processlibrary.com and started searching them one by one (for the ten most common processes running on your computer read "Lsass.exe, cidaemon.exe: Invisible Threats or Legitimate Processes?").

One by one the processes seemed legitimate enough until I found MSAA.exe. MSAA.EXE is registered as the Dldr.WinSh.AC.02 downloader. This process came bundled with a virus and its main role is to do nothing other than download other viruses to your computer. Great! To make matters worse googling "MSAA.EXE" returned only results from process library sites and none from anti-virus sites.

Does this mean that anti-virus software does not completely remove this component of a virus? My case seems like it. This has made me wonder what is really happening and how safe I would be with my anti-virus alone. To be sure, if I didn't know about processlibrary.com, I would have surely reinstalled my system.

I will keep my anti-virus and other security software I have installed in my system because process library only gives you information on which you have to act. However, I need that information to have a sure-fire method of securing my system before it is too late - do you?