Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo
- - - - -

Use Process Explorer to Identify Malware Infection


  • Please log in to reply
No replies to this topic

#1 FreeBooter

FreeBooter

  • Members
  • 3,137 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Turkey - Adana
  • Local time:05:48 PM

Posted 13 June 2016 - 02:51 PM

Use Process Explorer to Identify Malware Infection


Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. Process Explorer much better then Windows Task Manager it can help to identify malware infection on your system.

Configure Process Explorer to detect malware infections. From Options menu select Verify Image Signatures if this is checked then images corresponding to processes are checked for trusted signatures automatically when you view a process properties and the result is shown next to the company field in the process properties dialog. "(Verified)" next a company name means the file is signed by a trusted root certificate authority and "(Unable to Verify)" means the file is either unsigned or signed by an untrusted authority. From Options menu click VirusTotal.com and place check marks on Check VirusTotal.com and Submit Unknown Executables.

 


U0mGXVx.png

 

 

The information Process Explorer displays in its main window is fully configurable. You can reorder columns by dragging them to their new position. To select which columns of data you want visible in each of the views and the status bar, choose View --> Select Columns or right-click on a column header and use Select Columns from the resulting context menu. A column selection editor opens that let's you pick the columns you want to enable, place a check mark on Verified Signer and Virus Total check boxes.

 


IYO9PRS.png


Edited by FreeBooter, 13 June 2016 - 02:53 PM.

Posted Image


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users