Use Process Explorer to Identify Malware Infection
Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. Process Explorer much better then Windows Task Manager it can help to identify malware infection on your system.
Configure Process Explorer to detect malware infections. From Options menu select Verify Image Signatures if this is checked then images corresponding to processes are checked for trusted signatures automatically when you view a process properties and the result is shown next to the company field in the process properties dialog. "(Verified)" next a company name means the file is signed by a trusted root certificate authority and "(Unable to Verify)" means the file is either unsigned or signed by an untrusted authority. From Options menu click VirusTotal.com and place check marks on Check VirusTotal.com and Submit Unknown Executables.
The information Process Explorer displays in its main window is fully configurable. You can reorder columns by dragging them to their new position. To select which columns of data you want visible in each of the views and the status bar, choose View --> Select Columns or right-click on a column header and use Select Columns from the resulting context menu. A column selection editor opens that let's you pick the columns you want to enable, place a check mark on Verified Signer and Virus Total check boxes.
Edited by FreeBooter, 13 June 2016 - 02:53 PM.