How to find a virus in the list of Windows processes. How to hide a process in the task manager without additional software Hide a process windows 7 x64

There are situations when you need to install and use a program in secret from another person who understands computers and often glances at the task manager processes when the device freezes or is unstable. Sometimes you need to activate tracking of your computer so that it is not cluttered with unnecessary files. In other cases, you need to follow the person. There can be a lot of reasons, everyone has their own.

What are processes?

A process is a program that runs on a computer and occupies a certain space in RAM.

Processes are divided into:

System(programs and utilities that are components of the operating system and any emergency termination of one of them can lead to negative consequences, such as a crash in Windows).

Anonymous(they are extremely rare, they are program files that are launched as auxiliary due to user manipulation, without requesting permission to launch).

Network/Local(Task Manager processes related to LAN, Internet, and Registry are important Windows programs and components).

Custom(programs that are launched by the user).

Is it possible to define a "left" process?

It is not always possible to determine the “left” process. If the person who created it and thoroughly disguised it, it is unlikely that even an experienced computer engineer will be able to calculate it, without receiving a hint of this fact and a detailed study of the behavior of each process.

However, a person who is sure that there is an extra program hanging on the computer, and even a poorly disguised one, will be able to figure it out in a matter of minutes.

How to hide a process in task manager?

The easiest option for hiding a process is to rename the main executable file. But it is worth considering how the program works and whether it creates additional processes that issue it.

If there are no unnecessary processes, then you can proceed:

1. Open the folder with the executable file. This can be done in several ways: if you know where the file is located, you can go to the folder with it, or right-click on the process and select “Open file location.”

2. After going to the folder, find the executable file, it should match the name of the process in the manager.

3. Rename the file so that it is difficult to determine the name change. You can perform renaming through the context menu item of the same name. The file extension must still be executable (.exe).

4. Go to the task manager and look at the process that you yourself changed.

Everything went fine, but the process is visible and should be disguised so that no one will guess its real purpose? To do this, it’s worth considering a few nuances that may allow you to hide a process in the task manager without anyone’s help.

The process should be similar to a program that creates many copies of itself and is always on. A clear example of this is all browsers based on the Crome engine, or on a constantly running Windows program that will not arouse suspicion.

Names can be changed by switching Russian-English letters, for example, replacing English with Russian and correcting foreign letters: a, b, d, e.

Finally, it should be noted that you may need to rename a few more files that are “sub-processes” of the program.

We hope you understand how to hide a process in Windows. Experiment, hide, learn.

You can view a list of all programs running on your computer using Windows Task Manager. To do this, press the key combination on your keyboard. You will see a list of processes, and the question will immediately arise: why is each specific process in this list needed? Let's figure out what it is processes and how they can be managed.

Processes- this is everything that happens at a given moment in time in the system. IN Task Manager The “Processes” tab displays all currently running programs. Processes can be “spawned” either by the user or the system. System processes start when Windows boots; user processes are programs launched by the computer user himself or launched on his behalf. All system processes run as LOCAL SERVICE, NETWORK SERVICE or SYSTEM(this information is available in the Task Manager in the “Username” column).

The task manager only allows you to view a list of processes and terminate their work. To do this, select the process name in the list and click the “End Process” button. This means the program that owns the process is terminated. However, it is not possible to view information about a particular process in the Task Manager.

To manage Windows processes, I would recommend using a more powerful utility called . This is an excellent free program that also does not require installation. Download it, then run the file from the folder and select the “Processes” tab at the top.
shows all processes in real time, providing comprehensive information on each of them. By right-clicking on the process of interest to us and selecting “File Properties”, we can find out the manufacturer of the software module, version, attributes and other information. The process context menu also allows you to go to the program folder, end the process, or find information about it on the Internet.

How to get rid of viruses on your computer using Starter?

Very often, viruses and other malicious programs are disguised as various processes. Therefore, if you notice that something is wrong with your computer, run an antivirus scan. If this does not help or your antivirus refuses to start at all, open Task Manager and view all running processes.

Pay special attention to a process if it is running as a user and is consuming too many resources (the “CPU” and “Memory” columns). If you find an obviously suspicious process in the list, end it and see how your system works after that. If you are in doubt or don’t know which program the running process belongs to, it’s better to go to Google or Yandex, enter the name of the process in the search bar and find information about it.

The built-in Task Manager in Windows, of course, allows you to disable processes, but, unfortunately, it provides very little information about them, and therefore it is quite difficult to understand whether a process is viral. The Starter program is much more useful in this regard.

So, to find and remove a virus process from your computer, do the following::

1. Launch the program and go to the “Processes” tab.
2. We find a process that makes us suspicious. Right-click on it and select “File Properties”. For example, I chose the file svchost.exe. In the window that opens look at the manufacturing company of this application:
The fact is that practically any process is signed by its developer. But virus applications are usually not signed.
In my case the file svchost.exe signed by the company Microsoft Corporation and therefore we can trust him.
3. If the selected process turns out to be unsigned by anyone or signed by some strange company, then again right-click on the name of this process and select “Search on the Internet” - “Google” (the Internet on the computer must be connected).
4. If the sites suggested by Google confirm that this process is a virus, then you need to go to the folder of this process (to do this, in Starter, in the context menu, select the item “Explorer to process folder”). Then, after completing the process, delete the file here this process.
If you still doubt whether it is a virus or not (perhaps you were unable to look up information about it on Google due to the lack of Internet), then you can simply change the extension of this file (for example, from .exe to .txt) and move it to another folder .

That's all. Today we learned what Windows processes are and what utilities can be used to manage them. In addition, we now know how to get rid of viruses masquerading as various processes.

Processes are divided into:

System(programs and utilities that are components of the operating system and any emergency termination of one of them can lead to, like, a crash in Windows).

Anonymous(they are extremely rare, they are program files that are launched as auxiliary due to user manipulation, without requesting permission to launch).

Network/Local(processes in Task Manager related to Local Network, Internet and Registry are important Windows programs and components).

Custom(programs that are launched by the user).

Is it possible to define a "left" process?

However, a person who is sure that there is an extra program hanging on the computer, and even a poorly disguised one, will be able to figure it out in a matter of minutes.

How to hide a process in task manager?

The easiest option for hiding a process is to rename the main executable file. But it is worth considering how the program works and whether it creates additional processes that issue it.

Learn how to hide the Windows Task Manager process

Of course, the anonymity of the execution of some programs will make it possible to track those who excessively clutter up a personal computer. Such surveillance is especially important when several users have access to the PC.

Also, the desire to hide the process arises among those who install their own program and strive to prevent advanced users from being able to detect its presence in simple ways.

Any program execution is a process that requires a certain part of RAM. Processes are divided into:

systemic;
anonymous;
custom;
Internet related.

It is not recommended for those who do not have practical experience and the necessary technical knowledge to interfere with system processes, since such unreasonable implementation can provoke extremely undesirable consequences. One of these consequences may be the failure of the subsequent startup of the operating system.

You can learn to hide any user programs, and you don’t need to make a huge effort, just carefully read our recommendations. We draw your attention to the fact that even an advanced engineer who is unaware of your “creative deeds” will not simply notice the “left” process.

Algorithm of actions

If you need to hide a software application, you first need to figure out whether it is simple, whether it launches additional processes that can simply give it away, no matter how you try to hide the program.

If, indeed, your program is simple, if it appears in the Task Manager as a single line, we suggest the simplest way to hide the process. To do this, you just need to rename it.

So, we will help you figure out how to rename the process in the Task Manager so that the program continues to function perfectly in anonymous mode.

Step 1

Initially, you should go to the folder where the execution file of a specific program is located. If you know where it is located, then use your usual “route” by opening the “Computer” window, going to the system drive C, and then going to its root folder.

If you don’t know where the execution file is hidden, it doesn’t matter, you just need to find this process in the list displayed in the Task Manager, right-click on it, and then select the line “Open file storage location” in the window that opens.

Step 2

After these actions, the folder you are looking for will open, in it you only need to find the execution file. It will not be difficult to search, since this file has exactly the same name as in the list of processes in the Task Manager. In addition, this file has the extension “exe”.

Step 3

To rename a file, right-click on it again, and then select the “Rename” line. Now that you have managed to assign a new name to your software application, open “Task Manager”, See that this renaming is displayed there too.

Of course, the name you come up with will determine how “veiled” your program will become for other PC users. An unfamiliar process with a new name will arouse suspicion even faster and force a technical engineer to figure out what kind of program is running on the PC.

For this reason, many experienced users recommend coming up with names that do not arouse any suspicion at first glance.

In particular, when the Chrome browser is open, it creates multiple processes simultaneously, just like Windows. It is advisable to take the same process name, but since the system will not allow two processes of the same name to function simultaneously, it is recommended to use a little trick when renaming. Instead of some English letters in the name, it seems as if it was by accident that Russian letters were written. Outwardly, it is impossible to distinguish Russian letters from English ones, but the system will distinguish, and therefore will allow programs with conditionally identical names to work.

Results

So, as you have noticed, you can make some software application anonymous without much difficulty. Of course, there are still quite advanced methods that allow you to more reliably hide any process, but they are based on writing complex codes and programming skills. If you don't have such complex goals in mind, then hiding running software applications by renaming them is a perfectly acceptable option.

Most users, noticing that their trusty computer is slow, open the Task Manager and try to figure out what process is causing such a load on the system. But seeing the following picture, they are perplexed - what’s wrong?

However, upon careful inspection, the problem is quite easy to detect.

To do this, just look at the status bar of the Task Manager.

The number 77 somehow does not fit with the number in the list of processes presented above. It turns out that the Windows operating system has the ability to hide processes in the list and, of course, various programs with not very good functionality (Trojans, adware, etc.) could not help but take advantage of this. To view the full list of running processes, you will have to use third-party software. There is quite a lot of it on the Internet, but I used the program Spyware Process Detector . It is shareware, but the 14-day trial period is quite enough for our purposes. After launching this program, the picture is no longer so rosy.

The list of running processes expanded sharply and very suspicious entries appeared in it (Zitenop, Mail.Ru, makecab, etc.). Pay special attention to supposedly system names: the same makecab or DCHP (correct spelling D HC P). Carefully look at the path of the file to be launched - its atypical location can also reveal a malicious process. We will try to get rid of all this.
To begin with, I would advise checking your computer for viruses using an anti-virus cleaning utility, for example Dr.Web CureIt! . The utility does not require installation and can be launched regardless of whether you have another antivirus or not. If threats are detected, we neutralize them.

Then you need to try to remove the installed “left” applications. In the standard Control Panel applet Installation and removal of programms or Programs and components(depending on the system version) malicious programs have also learned to hide, so we will again use third-party software - CCleaner . Install the program, go to the section Tools > Uninstall programs. Here the list of installed software will be more impressive. We remove all suspicious programs by selecting it in the list and clicking the button Uninstallation.

After that, go to the Startup section and remove all suspicious items in this list by highlighting it and clicking the button Delete. But it’s better if you doubt some point or are afraid to delete something you need instead of a button Delete click Switch off. In this case, you can always turn back the item that was mistakenly disabled, and you can delete it later when you are sure that everything was done correctly.

Half the job is done. Now we need to check the list of running services. Services– these are applications that are automatically launched by the system at startup and do not depend on the user. Let's go Control Panel > Administrative Tools > Services and in the window that opens we see a list of all services installed on the computer.

Here the notorious DCHP, Bamcof, Dripkix Service, System Tester Service, Zitenop are immediately noticeable... As you can easily see, these services do not have descriptions. These are the ones you should always pay attention to first. But do not forget that even quite useful services may lack descriptions, so everything described below should only be done if you are confident in your actions. Otherwise, it is better to contact a specialist.

In the next article we will talk about how to permanently remove malicious or unnecessary services that you previously disabled.

I repeat once again: watch what you do carefully! If in doubt, it’s better not to touch it and contact a specialist. If possible, first choose the disabling option, and only then, after checking the system’s functionality, use deletion.

Programs that are active on your computer can always be viewed by opening “Task Manager”. However, sometimes it may happen that you need to make the execution of a program invisible. If you also have such a desire, you will probably start looking for the answer to the question of how to hide a process in the Windows Task Manager.

Learn how to hide the Windows Task Manager process

Also, the desire to hide the process arises among those who install their own program and strive to prevent advanced users from being able to detect its presence in simple ways.

Any program execution is a process that needs a certain part of RAM. Processes are divided into:

systemic;
anonymous;
custom;
Internet related.

Algorithm of actions

If, indeed, your program is simple, if it appears in the Task Manager as a single line, we suggest the simplest way to hide the process. To do this, you just need to rename it.

So, we will help you figure out how to rename the process in the Task Manager so that the program continues to function perfectly in anonymous mode.