Find if that Windows Process is Legitimate or a Virus?

Start the Windows Task Manager at any point of time and you’ll find that dozens of processes are running in your system. Some of these process names are obvious – if there’s iexplore.exe in the list, you have Internet Explorer open on your desktop – but other processes like csrss.exe or dwm.exe will often make no sense to most of us.

Is that Windows Process a Virus?

The first thing that will help you determine if any particular process is a legitimate Windows process or a virus, is the location of the executable itself. For instance, a process like explorer.exe should be running from your Windows folder and not anywhere else.

To confirm, open task manager, go to View – > Select Columns and select “Image Path Name” to add a location column to your task manager. If you spot any suspicious-looking directory here, it may be a good idea to investigate that process further.

NoVirusThanks, an online virus scanning service, offers a portable desktop uploader that will make it easy for you to check if any of the Windows processes are legitimate or a virus /worm in disguise.



When you run this tool, it will automatically generate a list of all your running processes just like Windows Task Manager. You can right-click on any process name and upload* the corresponding file online for virus analysis.