Are you supposed to go through every process in the list hunting for your file? Process Explorer uses VirusTotal, a Google project that checks questionable processes against the databases of all the major antivirus companies.
Otherwise, it adds a VirusTotal column to Process Explorer. This column shows the number of antivirus services that have flagged that particular process as a potential virus. The higher the number, the more likely it is that the process is actually malware.
For more information, just click the numbers to open the VirusTotal website, where you can learn more. For example, Process Explorer itself is occasionally flagged as hazardous. Also, viruses may be too new to have been widely flagged, or they could be deploying any number of anti-antimalware techniques.
Process Explorer can help you out with that. Feedback will be sent to Microsoft: By pressing the submit button, your feedback will be used to improve Microsoft products and services. Privacy policy. Skip to main content. This browser is no longer supported. Download Microsoft Edge More info. Contents Exit focus mode. Process Explorer v If not, then choose the Procmon. This is the process tree view. To view this, just select the small document icon with an image of a tree diagram on it.
Some information you can see in this view includes the parent process and all of the processes it has launched. Back on the main screen process events window , right click any of the processes and choose Edit Filter to update the process filter. This window shows you how filtering works in Process Monitor. The first dropdown lets you select the object for your filter. The next dropdown is the operator like is, is not, less than, etc.
The field is where you can type or select your filter, and whether you want to Include or Exclude those entries. To create a new filter, select the Filter menu, and select Filter. This will open the same window but with the filter blank. Just select each dropdown, enter the filter item you want to exclude or include, and add it to your filter list. The most useful feature of Process Monitor is logging system events during some action. You can log system events as follows:. When you select specific events in Process Monitor, you can explore more details through the Event menu.
Select the event you want to examine. Then select the Event menu and select Properties. This shows all properties for the event. The Event tab shows mostly what was in the main Process Monitor window.
The Process tab shows you things like the path to the application and the launch command line, as well as modules used by the process.
0コメント