The different types of malware are one of the main threats today for users. Usually, we notice a drop in performance when our devices become infected. This article will discuss how we can identify malware files and malicious processes on our computers.
Indeed, it has occurred to all of us that our computers have started to give us problems, taking longer than necessary to turn on, open a file, or download something from the Internet.
As a general rule, it’s probably because the computer is installing something and needs to “slow down” or that other house members are using our Internet connection, and we cannot browse or download at maximum speed.
However, on other occasions, it may be a virus or malware files that takes advantage of our computer to carry out malicious background processes, consuming the performance of our equipment.
Many threats could put our devices at risk, such as viruses, malware, malicious connections, web pages, etc. Even if we have an anti-malware tool, such as an antivirus, installed and correctly updated, some may be detected.
For this reason, we must know how to identify these malicious processes and how to act if we find one on our computer.
How to Identify a Malware Files in Windows (OS)
If we have a computer with the Windows (OS) operating system, we have a tool to manage the active processes on our laptop, called Task Manager. It is beneficial when we suspect that there may be a process running in the background and consuming a large part of our computer’s resources, such as malware that may have been installed, for example, by downloading pirated software or connecting an infected USB.
1. To access the tool, we can right-click on ‘Start’ and click on ‘Task Manager, although we can also access it using the ‘Ctrl + Alt + Del’ keys and then click on ‘Task Manager.’
2. Once opened, we will see a window with numerous tabs and information. In the first tab, ‘Processes,’ we will see the active processes running on our computer in real-time, along with the percentage of resources each process is consuming.
3. To identify an illegitimate process, we can follow the following recommendations:
The first thing is to ask ourselves the following questions:
- Are there any applications or processes that we don’t recognize?
- Is this application or process consuming more resources than the rest?
- Suppose we still have doubts and want more information. In that case, we can always right-click on the process and click ‘Properties.’ Inside, we will find information about the file or process, its location, when it was created, etc., that can help us identify it as legitimate or malicious.
- If we still have doubts and we find some process or application that we suspect on the Internet, we will see multiple tools that can help us. For example, File.net is a website where you can search by the name of the process and find out if it is a legitimate or malicious process.
4. Finally, if we have identified a malicious processor, or at least one that seems suspicious, we must proceed to its termination. To end a process or application, we will have to click on it and click on ‘End task’ or right-click on it and click on ‘End task’:
If it is malware file, we should notice an improvement in the computer’s performance. However, it is recommended to scan our system with the antivirus immediately to erase any traces of the virus or malware.
Suppose it is a legitimate process, and we have ended it by mistake. In that case, it is possible that an application closes or that the system ignores the action and notifies us that it is a fundamental process for the computer
Here is the simple process, step by step, follow it to find a malware files or program in a Windows OS:
1. Use Task Manager
- Press Ctrl + Shift + Esc or right-click Start → Task Manager
- Go to the Processes tab
- Look for:
- Unknown programs
- Processes using high CPU, Memory, or Disk
- Right-click the suspicious process → Open file location
- If the file opens from a strange folder, it may be malware
- Right-click again → End task
2. Check Startup Programs
- Open Task Manager → Startup
- Disable:
- Unknown apps
- Apps from unknown publishers
- Malware often adds itself to startup
3. Scan Using Windows Security
- Go to Settings → Update & Security → Windows Security
- Click Virus & threat protection
- Run a Full Scan
- Use Scan options → Microsoft Defender Offline scan for stronger detection
4. Check Program Files
- Open these folders manually:
- C:\Program Files
- C:\Program Files (x86)
- C:\Users\AppData
- Delete unknown or strange folders (only if you are sure they are malicious)
5. Use Command Prompt (Optional)
- Open CMD as Administrator
- Type:
- tasklist
- Search the file name online to confirm if it is malware
- Check if any unknown .exe files are running
How to Identify a Malicious Files on MAC
In our Apple brand devices, it is also possible to control the running processes and applications. If we look at the menu bar at the top right, we will see an icon for each running application. However, as with Windows, some processes are running in the background, and we are unaware of it.
These processes consume the resources of our system, and when it comes to techniques or applications that we do not use, they can slow down our computer and prevent us from enjoying its total capacity. On the other hand, these processes can cause a virus or malware infection, and we should eliminate them as soon as possible.
To do this, the first thing we need is to access the activity monitor on our computer.
1. We must open the Activity Monitor application to enter this list of processes. Doing so will display a list of all active applications, and producers will display a list of all functional applications and procedures.
2. We can learn more about them by clicking on them and then the “i” icon at the top. Then, a window will open where we can identify, for example, the path of the application linked to said process or the percentage of memory used.
3. If we detect a suspicious process, we can terminate it by clicking on said process and the cross icon at the top left of the ‘Activity Monitor’ window.
4. Even if we do not observe any suspicious processes, our computer may still be malfunctioning, indicating a potential problem. In that case, the gear icon, located next to the two previous icons, will allow us to run a system diagnostic and inform us of a malicious processor that we should finish.
As a recommendation, monitoring the applications and processes of our equipment will help us maintain some control over its activity and improve its performance if we observe that one is consuming too many resources or has been blocked. If we find a suspicious process, Whether it is malware or a virus, it will help us diagnose and protect our computers
Simple process to find malware in a Mac Device:
1. Check Activity Monitor
- Go to Applications → Utilities → Activity Monitor
- Look for:
- Unknown processes
- Processes using too much CPU or memory
- Select the suspicious process → Click X (Quit/Force Quit)
2. Check Login Items
- Go to System Settings → General → Login Items
- Remove unknown apps from:
- Open at Login
- Allow in Background
3. Scan with XProtect (Built-in)
- Mac automatically scans for known malware using XProtect
- Restart your Mac to trigger background scans
4. Check Applications Folder
- Go to Applications
- Look for newly installed or unknown apps
- Right-click → Move to Trash
5. Check Library Folders
- Open Finder → Go → Go to Folder
- Check these folders for suspicious files:
- ~/Library/LaunchAgents
- /Library/LaunchDaemons
- ~/Library/Application Support
- Malware often hides here
- Delete files only if you are sure they are harmful
6. Run Malware Scanner (Optional but recommended)
Free tools like:
- Malwarebytes Free for Mac
- Bitdefender Virus Scanner
- These detect hidden or stubborn malware files.