Windows

How to spot problems in Windows Task Manager

Windows Task Manager can take you beyond monitoring and into detection of unusual activities. Let's see how it works.
J
  • Jim Richards,
  • 3 months ago
  • Editor Informer Technologies, Inc.

How to spot problems in Windows Task Manager How to spot problems in Windows Task Manager

In the previous piece, we’ve given you the basics of Windows Task Manager and a list of essential processes better left alone. This piece considers the built-in tool from a different perspective: not just a monitor but a diagnostic instrument. Ultimately, most if not all noteworthy processes going on under the hood of your computer are reflected here. If it feels like something about the performance of the machine is off, Windows Task Manager may be your first stop on the path of finding the problem and eliminating the root causes thereof.

Symptoms of abnormalities that can be seen in Task Manager

Windows Task Manager isn’t hard to read even for non-techie users. Here are some telltale signs that something in your system is off.

High usage of CPU, memory, network

When you hear the fans kick in at top speed when they aren’t supposed to, or feel that the computer is dragging through a task that previously took milliseconds, open Task Manager and look for:

  • processes that consume an unusually large amount of CPU or RAM without any apparent reason;
  • processes that stir up too much network activity.

While there may be legit reasons behind any such occurrences, it is a good idea to look up the names of such processes online and learn what they actually do (here is the list of essential Windows processes for your convenience). If it looks fishy, save everything important you have going on, and kill them.

Inexplicable names and multiple instances of processes

Most, if not all, legitimate processes you see in the Task Manager’s window have names that suggest some logic or are easily understandable. Thus, a process titled “qwfax8994.exe” or something similar is suspicious and should be investigated. The same goes for processes the names of which look like “expl0rer.exe,” mimicking a trustworthy entry.

As for multiple instances, it’s perfectly fine to see many svchost.exe processes running at the same time, but several identical lines reflecting the operation of a program that is not instantly recognizable should raise a red flag.

Lack of process window and/or proper publisher

The very name of the operating system implies that programs have their windows, even when they run in full screen mode. So, if you see a process in Task Manager but can’t attribute it to a window, this may signal a malicious intrusion attempt or some undercover activity you definitely don’t need in your computer. Please note that this one goes for processes you see in the Apps section of the Task Manager’s table. For those below it, not having a window is perfectly fine.

The publisher of a process can be seen in the Properties window. While there, check Digital signatures and Details for anything suspicious. This one, as opposed to the first piece of advice in this section, pertains to background apps.

Automatic relaunch of a terminated process and improper location

Some malware or rootkits automatically restart after you forcefully shut them down. This may apply to legitimate processes, but if you do see a program that restarts instantly or shortly after being killed, it is a good idea to look up what it is. Moreover, after terminating a suspicious process, come back to Task Manager after several minutes to check whether it has relaunched or not.

As for location, you can see where the process has been launched from in the Properties menu (this applies to Background processes). Most of the legitimate instances originate in Program Files or the Windows folder. If you see a process you don’t recognize, and its location is unknown to you, consider the red flag raised.

How to check apps and processes that look illegitimate in Task Manager

To recap:

  1. Check the name, publisher, location, and digital signatures of the process that looks out of place.
  2. Google the exact name of the respective process; you may add “virus” or “malware” to the query, but it’s not necessary, if there’s a problem, the search engine will fetch you exactly the info you need to remedy it.
  3. Run a full system scan, even if your suspicions proved to be groundless. Find good antivirus software here:

    Informer catalog – Antivirus software

  4. If you want an even better understanding of what’s going on, consider getting Process Explorer, Process Monitor, Autoruns, and TCPView from the Sysinternals package. Please be warned that this exercise may leave you either confused or hooked on the subject and wanting to go down the rabbit hole learn more about how Windows works under the hood.

Author's other posts

Great AI-driven résumé builders (2025)
Article
Great AI-driven résumé builders (2025)
Most people on this planet have to hunt for a job, many of them — repeatedly. Here are five great AI-powered resume builders that simplify the process and offer other useful tools.
Eight things to do after upgrading from Windows 10 to Windows 11
Article
Eight things to do after upgrading from Windows 10 to Windows 11
Ultimately, you will have to upgrade from Windows 10 to Windows 11. Here are the steps you need to take after the migration.
Apple Glasses, revisited: what’s known in the middle of 2025
Article
Apple Glasses, revisited: what’s known in the middle of 2025
Meta's Zuckerberg and OpenAI's Altman see eyewear as the future AI assistant. Apple Glasses might emerge by 2026 with top-notch AI features.
Personal AI assistants: visions by Meta and OpenAI
Article
Personal AI assistants: visions by Meta and OpenAI
Mark Zuckerberg pitches "Personal Superintelligence" AI glasses, aiming to empower users with style and tech. How do they compare to OpenAI's voice-controlled earbuds?