It has become an item of common knowledge that you shouldn’t take your Windows system online without first putting it under heavy protection. Research results show that an unprotected Windows XP SP2 system will get infected with worms and other malware within a few seconds of connecting to the Internet. Yes, it’s that bad.

A further piece of bad news is that all the latest firewalls, antivirus programs and other protective measures cannot guarantee your total immunity from infection. Near-total immunity is not possible until you are ready to give up the familiar comforts of Windows and embrace the obscure charms of Linux. And while you’re mulling over the implications of that, sundry programs will continue to infiltrate your PC every now and then, with harmful intent. If you’re experiencing frequent glitches, errors, crashes and freeze-ups on your Windows system, you have probably become infected. What should you do about these?

The first step is, of course, to identify what’s good and what’s not.

Many infecting programs run as processes on your Windows system. The problem is, there are so many legitimate processes running at the same time on a normal system, that it’s well nigh impossible to determine what’s good and what’s bad, unless you have a very good idea about Windows internals. But fear not – there are tools to help you.

One of the best tools for this sort of work, called Process Explorer, can be downloaded for free from here.

Unzip, extract and double-click on the executable to run it.

In the window that opens, right-click on any one of the columns and check if all the column names are switched on. If not, switch them on. You shall need all the information you can have, in order to diagnose the problem. Also switch on the option for displaying the DLL path and the lower pane.

Now you can see all the processes currently active on your system, and also the name of the company that made it (don’t expect that to reveal much), the place on your hard drive where the program lives, the DLLs it uses (in the lower pane; you switched that on, didn’t you?) and so forth. You’re now equipped to judge which processes may be harmful for you.

One way to earmark rogue processes is by their location. No self-respecting bona fide executable lives in the C:\Windows\Temp folder; that is only for temporary files, and for fly-by-night programs that wouldn’t dare to show their black faces in broad daylight, in a more prominent location! So as soon as you see a process that was launched by a program that resides in the Temp folder, in your mind put the mark of death on it, so to speak. Same goes for any process that uses a DLL from the Temp folder. That was one of the easiest checks for malignant processes, using this powerful system tool. As with riding a bicycle, the best way to learn more advanced techniques is to stumble an fall a few times. So keep using it, and try to avoid killing any process that you aren’t sure about. You’ll blow it a few times and perhaps even crash Windows temporarily, but unless it’s a production system, that won’t do any harm. Keep getting up on the seat till you’ve become a power user.