Advanced review of program activity

If the Task Manager does not give you a definitive answer, there are other programs that can help. One of the limitations of the Task Manager is that it lists programs in their pure form (for instance, “svchost.exe”) without supplying the necessary details about the origin of the program, its exact location on the disk, or any idea as to whether it is legitimate or not.

To fill that gap, there is a very useful program called Process Explorer. Its author has recently been invited to work for Microsoft, so it can be almost considered a native Windows application. It has none of Task Manager’s limitations and offers to show running programs’ exact locations as well as what binary components are attached to the main listed applications (components like DLL files can be malicious as well).

Another handy utility is ProcessScanner from Uniblue. This program will scan all running processes and display a web page summarizing the application environment on your PC. Additionally, it maintains a large database of known processes, along with sufficient information for you to determine whether particular programs are benign.