Computer Security & Viruses/malware?

Advertisement


Question
Hello
I run Windows 7 for the last 3 years and recently notices in the STARTUP - APPLICATIONS - a new program - PREFRENCES with a little blue e icon similar to Internet Explored but not exactly..  I also noticed that CPU sometimes runs high 50% 60% or even higher - sometimes, so than I restart Windows.  I tried to look this program PREFRENCES in the startup of CCleaner as well as Auslogic and it does not appear there...When I right click on it and Go to PROCESS, it always takes to IDRIVE TRAY, a legit program that back up my files.  Why would they use PREFRENCES???  

Could you please guide here.  ?

Thank you,  Gabe

Answer
Answering what you posted requires more information.  Perhaps I've answered the question you're asking yourself, below:

If there's malware on your box the only way to be certain efforts to remove it have been successful the only course of action is Nuke and Pave.  You'll need to wipe the disk and reinstall Windows.  This contradicts what Antivirus vendors and what Microsoft seem to want users to believe.  I'm not a fan if using absolutes like "never" and "only", but there is no way to use an infected system to uninfect itself (unless you know enough about the malware to re-write it yourself).

VirusTotal runs as many as 50 AV packages on uploaded files.  (You can go there an upload the file you think is a problem.)  But I mention this because of the malware I upload will usually be identified by less than 5 of them.  (The AV version they run, for any given vendor, may not always be the most recent).
This means that, when your gut tells you something is wrong but your AV doesn't confirm it, you may be safer following your gut for a while.

If the system in question isn't running anything critical (to your use) you can experiment by using tools to remove files, replace files, etc., and tracking performance and log file entries.

The most important concept is this:  You cannot clean an infected machine with an infected machine.  You cannot clean an infected machine using a clean machine if it has known vulnerabilities and there exists a way to exploit them.

A legit "preferences" file is text-only so is human-readable.  Some preferences files in Windows may not be.  

Computer Security & Viruses

All Answers


Answers by Expert:


Ask Experts

Volunteer


John Crout

Expertise

Linux, Windows, Open/Free BSD, OSX. Embedded MMU-less (firmware) devt.

Experience

Securing systems since 1982. Tip: Switching from a system that is (statistically) more prevalent to one that is less prevalent will help.

Organizations
Information Systems Security Association (ISSA) United States Coast Guard Auxiliary (USCG Auxiliary), ACM

Publications
Student Doctor Magazine EE Times Network World blog Navy CIO blog RTCA/DO-178B, "Software Considerations in Airborne Systems and Equipment Certification", (member of SC-167), RTCA/DO-160C, "Environmental Conditions and Test Procedures for Airborne Equipment", (member of SC-135)

Education/Credentials
Master of Public Health (Epidemiology and Biostatistics) Bachelor of Science in Electrical Engineering (Computer Engineering Option) Digital Forensics Basics, Texas Engineering Extension Secure Software, Texas Engineering Extension Network Security, Texas Engineering Extension Infosec Basics, Texas Engineering Extension Information Assurance Awareness, Department of Defense Information Systems Security, United States Coast Guard Online safety for parents and children, Fort Collins Police Department Spear Phishing, Defense Information Security Agency, DISA Spear Phishing, United States Coast Guard, USCG Meeting the Media, Testifying, Presentations, Arch Lustberg FEMA (ICS-100, -200, -210, -700, 800) United States Coast Guard Defense Information Systems Agency United States Coast Guard Auxiliary Crosby Quality Workgroup Facilitator Trainer Crosby Quality Education System Wisconsin University

©2016 About.com. All rights reserved.