Processes

The Processes tab contains data about active processes on the scanned computer at the moment of the report generation.

The data is presented in the form of a table. For each process, the following information is available in the table:

•reputation: a suggested file status according to the internal Metawave service database, which contains information on previous detects.

Each table row is a drop-down block that contains a table of files utilized by the process. The table contains the following data:

You can sort the table data in descending/ascending order by clicking

in the column of the table containing the data you want the table to be sorted by.

You can search across the table. Enter your query into the

Search field above the process data table and press Enter.

You can view detailed information on processes and files by clicking the name of a process or file in one of the tables.

Tab

Available parameters

Process

•status;

•properties:

▪PID,

▪session,

▪address,

▪path,

▪command line,

▪current directory,

▪bitness,

▪PEB address,

▪debugged,

▪isolation level,

▪date created;

•resources:

▪kernel time,

▪user time,

▪priority,

▪handles;

•parent.

File

•path;

•status:

▪certificate,

▪file,

▪type,

▪cloud,

▪software type;

•hash:

▪SHA1,

▪SHA256;

▪a link to VirusTotal;

•properties:

▪size,

▪date created,

▪last modified,

▪last accessed,

▪date created;

•attributes:

▪value,

▪archive,

▪security;

•version:

▪description,

▪version,

▪company,

▪origin name.

Certificates

•status;

•date and time;

•certificates:

▪subject,

▪issuer,

▪valid from,

▪valid to,

▪SHA1 fingerprint,

▪SHA256 fingerprint,

▪serial number,

▪name.