Use Process Explorer to Identify Malware Infection


Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. Process Explorer much better then Windows Task Manager it can help to identify malware infection on your system.


Configure Process Explorer To Detect Malware Infections

1. From "Options" menu select "Verify Image Signatures" if this is checked then images corresponding to processes are checked for trusted signatures automatically when you view a process properties and the result is shown next to the company field in the process properties dialog. "(Verified)" next a company name means the file is signed by a trusted root certificate authority and "(Unable to Verify)" means the file is either unsigned or signed by an untrusted authority.

2. From "Options" menu click "VirusTotal.com" and place check marks on "Check VirusTotal.com" and "Submit Unknown Executables".



The information Process Explorer displays in its main window is fully configurable. You can reorder columns by dragging them to their new position. To select which columns of data you want visible in each of the views and the status bar, choose "View --> Select Columns" or right-click on a column header and use "Select Columns" from the resulting context menu. A column selection editor opens that let's you pick the columns you want to enable, place a check mark on "Verified Signer" and "Virus Total" check boxes.