The Task Manager will list all apps and services that are currently running on your system. Some of these apps may be running in a suspended mode but Task Manager will list them nevertheless. For the most part, the Task Manager is easy to understand, even for end users and they often use it to check what’s eating up RAM, or dragging down the CPU, or just to see what’s running in the background.
If you see a suspicious process running in Task Manager, one that you did not start, you are likely to suspect it’s a virus. This may, or may not be true. Here’s how you can identify a process in Task Manager.
Check process EXE
A process’ name in Task Manager may not be user friendly or it may not be the same as the app it runs. While this is poor decision making on the developer’s part, it doesn’t necessarily mean the process is being run by a malicious app. Right-click the process and select ‘Open file location’ from the context menu.
This will open a File Explorer window that will show you the folder the process is running from. Check the folder that it’s in, and it will give you a clue as to which app it is from.
There will be some exceptions here. Not all items listed in the Processes tab are apps. Some are services and as such, you won’t see the ‘Open file location’ option in their context menu however, you will see an option to search for the service online, to view it in the Services app on Windows 10, or to stop it. In this case, you should select the ‘Open Services’ option, and in the Services app, read the description of the service.
View process properties
If the process’ folder location isn’t giving anything away, or you’re unable to access it, you can try looking at its properties. Right-click the process and select Properties from the context menu. In the Properties window, check the digital signatures tab, as well as the details tab. It should tell you which app owns the process.
Although the above two methods should work in most cases to identify a task manager process, there will nevertheless be exceptions. Some apps may run very oddly named processes and if they happen to run from your user folder, they will be harder to track down. In this case, it’s easiest to just Google the full name of the process. You will be able to find out which app it belongs to, and why it’s running. If it’s malicious, the search results will tell you as much.