Close

This site uses cookies. You can read how we use them in our privacy policy.

   

How To Quickly Identifiy Running Malicious Processes


Sometimes you may wish to know what processes are slowing down your computer, which usually means you are infected with some kind of malware, such as virus, trojan, rogue application. It is fairly easy to do so using Windows Task Manager. There are quite a few ways to open it:
  • With CTRL+ALT+DELETE (Windows XP or earlier) or CTRL+SHIFT+ESCAPE key combination
  • By right-clicking an empty taskbar area and choosing “Start Task Manager” from the context menu
  • By typing “taskmgr” in Windows Start Menu search field (Windows Vista/7) or Start->Run window and pressing ENTER key
  • By pressing CTRL+ALT+DELETE key combination and choosing “Start Task Manager” (Windows Vista/7 only)
If none of these methods invoke Windows Task Manager, it is most likely that your computer is infected with malware and requires additional methods to halt and remove the infection. Once it’s open, select “Processes” tab to view all currently running processes on your computer. We also advise that you click “Show processes from all users” button in order to see system processes as well (which are usually core Windows processes). The window should look like this: If you want to find out which particular process is using most of your computer’s processor, click on the “CPU” column to sort the list by CPU usage. In this screenshot there is a malicious process called “Live Security Platinum.exe” (the first one in the list). Malicious processes usually either do not have any description under “Description” column, or the description matches the process name (which is our case). In order to kill any suspicious process, right-click on it’s name in Windows Task Manager and select “End Process” from the context menu. Be aware that even if the process is no longer running, malicious files are still residing on your computer’s hard drive and they will most likely reactivate the next time you start your computer. Therefore, you MUST remove all files related to the infection. You can follow manual instructions for the specific parasite posted on this site, but automated removal using antispyware application is highly recommended (it takes care it all for you: stops processes, removes all malicious files and their startup entries, so that the infection will no longer start with your system). Please do a search on this site for the name of the suspicious process to get manual removal instructions.

Article written by Adam G.

Adam is a computer security enthusiast, web developer and Windows/Linux geek. Loves metal music, chess and Starbucks.

2 Responses

  1. mike
    mike November 30, 2012 at 10:52 pm | | Reply

    How do I clean my windows vista

Please comment with your real name using good manners.

Leave a Reply