Displays most common suspicious processes running on Windows endpoints, showing process name, command line, executable path and more. |
Displays most common suspicious processes running on Windows endpoints, showing process name, command line, executable path and more. This free tool can help detect common bad processes that are viruses by matching is against known malicious process list. Use it to identify malicious processes and spot viruses on multiple workstations instead of using Windows Task Manager or utilities like pslist.
The technique of using task list to identify malicious processes can automate tracking of malware processes showing in Task Manager on Windows. Process names such as jusched.exe, CDProxyServ.exe, PopularScreenSavers.exe can point you to the potential indicators of compromise and remediate all affected systems.
Sign-up for Action1 Free Edition to receive real-time alerts and view instant data from your endpoints, such as alert on Suspicious Processes created, deleted or modified or run live or scheduled queries with the ability to export to CSV or Excel. Action1 Endpoint Security Platform is entirely SaaS, with online web interface (no management tools to install) and it has zero cost for basic functionality. Running in the Cloud, Action1 discovers all of your endpoints in seconds and you can query your entire network in plain English.
Endpoint configuration management in the Cloud
Manage endpoint configuration using plain English from the Cloud. Such as type 'Windows services' or 'reboot computer'.
Get results instantly from live systems and run automated actions.
Related Alerts and Reports:
Computers with Runtime and Memory Information
Shows computers with number of processes, number of users, free physical memory and free virtual memory
Local Time and Time Sync Issues
Checks time on remote computers and helps to diagnose Windows clock sync issues
Scans all Windows endpoints for processes with suspicious malware attributes and shows process names, activity and more.
Find more information on Suspicious Processes at Microsoft TechNet.