How to Recognize a Malicious Process in a Computer's Task Manager

by Thomas King
Pixland/Pixland/Getty Images

A process is simply a program that is running on your computer. A process that comes from a malicious application, such as spyware, adware, Trojans, malware and worms, can compromise the security and performance of your computer. To end a malicious process, you simply right-click on the process and select “End Process.” Unfortunately, determining which processes are malicious is a bit more difficult.

Step 1

Close all the programs on your computer.

Step 2

Press "Ctrl + Alt + Delete."

Step 3

Click on "Start Task Manager."

Step 4

Click on the "Processes" Tab.

Step 5

Click on "Show Processes From All Users."

Step 6

Scroll down the list of processes looking for any suspicious processes. A process is particularly suspicious if it is taking up a lot of memory--despite the fact that you closed all of your computer programs--and the name is not familiar to you.

Type the name of any suspicious process into the process library located at the link below. The process library will tell you what the process does and if it is malicious.


  • Note that many malicious processes are intentionally named after legitimate processes. Thus, you cannot simply determine if a process is malicious based on whether it "sounds" malicious or not.


Photo Credits

  • Pixland/Pixland/Getty Images

About the Author

Thomas King is a graduate of the University of Pittsburgh School of Law where he served as managing editor of the "Pittsburgh Journal of Environmental and Public Health Law." He currently lives in Aberdeen, Washington where he writes and practices law.

More Articles