1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

What processes will not be shown in Task Manager?

Discussion in 'General Security' started by GeoRanger, Jul 5, 2009.

Thread Status:
Not open for further replies.
Advertisement
  1. GeoRanger

    GeoRanger Thread Starter

    Joined:
    Mar 22, 2009
    Messages:
    27
    Hello:

    Concerning Windows XP... In working on a MalWare infection, I found references (some in advertising) to the notion that Task Manager will not show all of the processes running on your system.

    1. Are there any processes other than rootkit-type MalWare which would not be shown in Task Manager? Or to put it another way, would any legitimate process not be shown in Task Manager? If so, is there some common name for such processes?

    2. If legitimate processes wouldn't show, why not?

    3. Would a legitimitate process like this (assuming there are any) show up in a program that finds rootkits? If not, are there any programs which will show them?

    I no longer trust my Windows installation and am going to rebuild it from the ground up. I want to keep track of each and every process that runs on the rebuild so I'll have a leg up if/when something goes wrong next time.

    Thanks for any info :)
     
  2. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    9,720
    Sysinternals has 2 free programs which may interest you, Process Explorer and RootKitRevealer. Google for them. The company is so good that MS bought them.
     
  3. Elvandil

    Elvandil

    Joined:
    Aug 1, 2003
    Messages:
    51,988
    Rootkits use drivers to take control of the kernel at boot. They can hide anything that you can see in Windows. There are also ways of hiding legitimate programs.

    Offline scans can see and detect these infections.

    Process Hacker (Allows editing memory, shows hidden processes, similar to Sysinternals Process Explorer with more features - can replace normal Task Manager) can also find hidden processes by checking each PID and comparing it to the Task Manager list. Look under "Tools".
     
  4. Sevvie

    Sevvie

    Joined:
    Dec 15, 2008
    Messages:
    18
  5. Elvandil

    Elvandil

    Joined:
    Aug 1, 2003
    Messages:
    51,988
    Your link does not exist as a web site.
     
  6. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,761
  7. perfume

    perfume Banned

    Joined:
    Sep 12, 2008
    Messages:
    2,011
    Dear Elvandil,
    Thanks for the Process Hacker!(y)
     
  8. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    111,830
    There was a typo in the actual link and I've fixed it. :)
     
  9. Elvandil

    Elvandil

    Joined:
    Aug 1, 2003
    Messages:
    51,988
    Thanks. I missed that "s" when I first glanced at it.

    You're welcome. It is a great tool. Keep up to date since it is getting better all the time.

    Download and install all (or your chosen) Sysinternals tools automatically with the Sysinternals Installer.
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/840784

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice