Look through the list for unusual items. Granted, most will look unusual but a hint: An item with out a description should be a red flag of a undesirable service.
Double click the item and see what it is. If you're unsure, Google the file name (example below is smu.exe) and see if it's a legitimate file. (As always, be careful what sites you navigate to.) Be sure to look in scheduled tasks as some of this stuff just re-enables itself on boot!
A few we have seen are:
- Any Facebook stuff. Facebook does NOT have to do things at certain times or with certain events. If that's the case, get off Facebook!
- Font CC
- MailMerge Gb
- Optimizer Pro Crash...
- SProtection (suspect but not yet confirmed bad). You can always turn it back on.
- Update Mega Browser
- Universal Update Service
- Utl Mega Browser
- Utility App Bud (you cannot stop but you can disable then reboot)
- Update Check
- Wink Handler
- vxlsnya...64 or anything that's not readable words.
We found www.threatexpert.com to be fairly safe and accurate.
If you find an item that you do not want active, change the Startup type to Disabled. Notice in this example, the stop button is unavailable. With these, you must disable then reboot to kill the service...