Just a little out of my league here I think, but hi anyways!

[ktb224]

Hi. I'm usually not much of a poster, but I do a lot of board-searching when I can't figure something out on my own. I don't have a tech/computer background at all, but about 2 years ago I discovered Firefox and add-ons and got sucked into wanting to customize/improve stuff on my computer.

Unfortunately, since I really don't know what I'm doing, I'll sometimes make stuff worse. Then I have to try and figure out how to fix whatever I did and along the way I discover new stuff I feel compelled to learn more about or try. I don't think I'm super reckless, but I know enough to know that just because I can't see that I messed something up, doesn't mean that I haven't.

Tonight, I'm trying to learn more about processes, CPU and stuff like that. I downloaded a utility that is showing me everything active and I was googling them to see what they were and if they were bad. I searched for "ielowutil.exe" and found this site and it seemed like an informative place.

So I registered, read the rules (kind of scary about the punctuation and formatting though), looked up "1337 speak", "flame war" and warez and then got a message telling me to post an introduction so here I am!

Now I'll be off to search this site in hopes I can figure out which, if any of these processes and scheduled tasks are bad news. There's one that's looking just a little bit fishy!

 

[malwarekiller]

Welcome to our headbangers clan :dash1::lol:

 

[bogdan]

It is interesting to see that it all started with Firefox.

Comodo made it easy to identify malicious/suspicious processes running on your computer. Their tool KillSwitch includes a "Verdict" column showing if a process is "Safe" or not. KillSwitch is part of Comodo Cleaning Essentials, and it is a process manager similar to Process Hacker and Process Explorer.

 

[ktb224]

Thank you very much. This is such a cool place and I've learned so much these past 30 minutes I don't know where to start. I think I like it here!

 

[McLovin]

Hello and welcome to MalwareTips.

Hope that you enjoy your stay.

The first stop that we recommend is the PC Security Configuration Wizard so that we can give you feedback on your configuration.

Have a look around the forum. You will learn quite a few new things here

Once again welcome

 

[bogdan]

We thank you for a very informative first post. It tells us how you got here, gives a little bit of feedback regarding the rules and also tells us what you are interested in.

Chiron, a moderator on our forum has an interesting article posted on techsupportalert.com called How to Know If Your Computer Is Infected. Another interesting related article is How to Tell if a File is Malicious. Both are worth a reading.

 

[WinAndLinuxTutorials]

Welcome to this site!

 

[Malware Maniac]

Welcome to MalwareTips. And don't worry about "1337 speak", "warez", and "flame war" I don't know the meanings of them. Enjoy your time on MalwareTips.

 

[jamescv7]

Welcome to MalwareTips :welcomewave:.

To have a long time happy community just follow the rules and regulations itself.

 

[Jack]

Welcome ktb224!:drinks:
I hope you'll be an active member! We love to share and learn so don't be afraid to post or share your opinion with us!!
Enjoy!

 

[illumination]

Hello and Welcome to MalwareTips!

 

[ktb224]

Thank you all very much for the warm welcome. I've been searching the forum and reading articles in hopes that I could answer some of my own questions but I've been stuck on the "PC Security Configuration Wizard" and I'm not sure where I should ask questions about basic stuff, or if that's even allowed. Anyway, my questions is, what do you do to get all your config info? Is there someplace you can go on your computer that tells you everything you have or do you just go to control panel and figure it out?

I'm not sure if this is the right way to go about it, but I"ve cut and pasted McLovin's and Umbrapolaris's config to a word document (since they had the most views) and I am trying to replace their answers with my own. I've made some progress but I'm sure it will take some time as it's no easy task for a novice. I'd feel pretty silly if there was some button to push that gave me all the info that I needed instead of me just kind of randomly searching.

Also, per Bogdan's suggestion I downloaded Comodo Cleaning Essentials. It came as zipped and I used winrar to open it but from there I didn't know what to click on to install it. There was just so much stuff in there.

Any suggestions of where to go or what to do to learn more will be much appreciated! Thank you!

 

[Deleted member 178]

In fact, when you go there http://malwaretips.com/Forum-Security-Configuration-Wizard then clicking on "New Thread" (your will-be config) you have some fields to fill (your knowledge, browsers, real-time, etcc..) after in "Your message" field you can add (or copy from my config ) some elements (like your browser addons, DNS setup, or any info you think is valuable to share). Anyway if you do some mistake , we will be there to gently correct you. ^^

 

[ktb224]

Okay, great. Thanks for the pep talk. Hopefully I will post one soon!

 

[Deleted member 178]

no problem. enjoy your stay

 

[MiamiBreeze545]

Welcome to MalwareTips! You're gonna learn a lot in here.Enjoy your stay

 

[bogdan]

Also, per Bogdan's suggestion I downloaded Comodo Cleaning Essentials. It came as zipped and I used winrar to open it but from there I didn't know what to click on to install it. There was just so much stuff in there.

You don't need to install it. It is a portable application. You can copy the folder where you want it and that's it. I have most of my portable stuff inside a D:\Apps folder. At this point you can start KillSwitch by double clicking on KillSwitch.exe in the folder where you extracted the contents of the archive. The icon looks like his:
[attachment=1382]
It is an advanced task manager that also has a Rating column. It will analyze applications running on your PC and return a verdict inside the rating column (highlighted in red in the screenshot bellow).
[attachment=1381]

I recommend that you do not delete any files using this program. A false positive on the wrong file could damage your Windows installation, even if you’re not infected. A false positive is another way of saying a 'mistake' of a security application. A false positive occurs when the security program mistakenly flags an innocent file as being infected. If you delete the file you obviously do so for no good reason and that file could be important for you operating system.

Also KillSwitch has a rating called "Unknown" this doesn't mean that the process is malicious, it only means that Comodo never analyzed the file and it can't tell if it is good or bad.

 

[illumination]

Also, per Bogdan's suggestion I downloaded Comodo Cleaning Essentials. It came as zipped and I used winrar to open it but from there I didn't know what to click on to install it. There was just so much stuff in there.

Any suggestions of where to go or what to do to learn more will be much appreciated! Thank you!

I may be wrong in stating this, but if you are a complete novice, which by reading, it seems is the case, messing with Comodo Cleaning Essentials is not a good idea for you, as you can completely cripple your system with this tool from not having knowledge of how it works, or how to use it.

 

[bogdan]

My recommendation to use KillSwitch came from this (from the first post):

Tonight, I'm trying to learn more about processes, CPU and stuff like that. I downloaded a utility that is showing me everything active and I was googling them to see what they were and if they were bad. I searched for "ielowutil.exe" and found this site and it seemed like an informative place.

I think that KillSwitch saves a lot of time if you want to see what's running on your computer and if anything running is potentially malicious. Unfortunately KillSwitch comes bundled with Comodo Cleaning Essentials that can produce some false positives but to this point I didn't recommend doing a scan with CCE and deleting what it finds. The only potential "dangerous" feature in KillSwitch is the "Delete" option in the right click menu so don't use it.

Learning by "messing around" is still learning but as Chiron mentioned in his guides (that I suggested in a previous post): I recommend that you do not delete any files using this program. A false positive on the wrong file could damage your Windows installation, even if you’re not infected.

Another issue is that if all this learning process is actually needed? In my opinion the answer is "yes". There is no other solution or remedy for all security issues especially on a Windows PC. Now, you can pass this responsibility to a third party like a techie friend or a computer shop and ask for help every time something happens. This is perfectly fine.

 

[Deleted member 178]

If he knows how to backup his system, i think he can do some "hazardous" experiments.