[Web4lib] finding invisible processes on a PC

Bob Craigmile bcraigmile at yahoo.com
Mon Jul 7 15:57:45 EDT 2008 

IIRC, rootkits aren't listed as processes in taskman and are therefore hard to detect/eliminate.

http://en.wikipedia.org/wiki/Rootkit seems to agree and has some links to helpful sites.



----- Original Message ----
From: Mark Sandford <sandfordm1 at wpunj.edu>
To: John Fitzgibbon <jfitzgibbon at galwaylibrary.ie>; web4lib at webjunction.org
Sent: Monday, July 7, 2008 3:25:01 PM
Subject: Re: [Web4lib] finding invisible processes on a PC

I'm assuming that when you look at the Task Manager (using
ctrl+alt+del) you're looking at the Applications tab only.  If you
click on Processes, you'll see a list of all the things running in the
background that haven't created a window on the screen.  Clicking on
CPU will sort by percentage of the processing power the program is
taking up.  You can also look at Mem Usage.  It's entirely possible
you have a bad memory chip that's causing an unusual amount of caching
of memory (where the system writes information to the hard disk that
would normally live in RAM).

Sorry if I'm misunderstanding, and you're already checked the
Processes tab... I'm taking what you said literally.

Mark Sandford
Special Formats Cataloger
William Paterson University
(973)270-2437
sandfordm1 at wpunj.edu


On Mon, Jul 7, 2008 at 11:52 AM, John Fitzgibbon
<jfitzgibbon at galwaylibrary.ie> wrote:
> Hi,
>
> I have a PC that is suddenly running incredibly slowly. It is an OPAC machine which is set up to access only one Web site using Public Web Browser. It also runs Win U Desktop. When I turn off both of these applications the machine continues to run very slowly. It is constantly writing to the hard disk (I can hear it and the green light is flashing). When I check using Ctrl + Alt + Del there are no applications running.
>
> The Anti Virus software shows nothing. Is there a way to check if there is an invisible process running on the PC? If somebody planted a root kit on the PC where would it show up? The PC runs Windows XP.
>
> Any help would be much appreciated.
>
> Regards
> John
>
>
> w: www.galwaylibrary.ie
>
> e: info at galwaylibrary.ie
>
> p: 00 353 91 562471
>
> f: 00 353 91 565039
>
>
> #####################################################################################
> This e-mail message has been scanned for  Content and cleared
> by MailMarshal Hosted  at Galway County  Council
> #####################################################################################
> _______________________________________________
> Web4lib mailing list
> Web4lib at webjunction.org
> http://lists.webjunction.org/web4lib/
>
>


_______________________________________________
Web4lib mailing list
Web4lib at webjunction.org
http://lists.webjunction.org/web4lib/

More information about the Web4lib mailing list