Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.



Troubleshooting Q&A - February 11, 2005

What Windows Task Manager Won't Tell You

Many malicious programs are capable of hiding from the Windows Task Manager, but a third-party utility called Securty Task Manager, which performs a threat assessment of every running process on your PC, can help.

By Ron Pacchiano

Q. Over the last few weeks I've notice a dramatic decrease in my system's performance. It's actually gotten so bad that I'm starting to think that it somehow became infected with a virus or some other piece of spyware. Proceeding under that assumption I verified that my anti-virus definitions where up to date and ran a virus scan on the entire system. I also scanned the system using spyware removal tools Ad-aware and Spybot: Search and Destroy; but neither program discovered anything.

I then started examining system performance using the Windows Task Manager. I noticed that the CPU usage was fluctuating a bit, but nothing I deemed too far out of the ordinary. Next, I began examining all of the running system processes. Again, I didn't really see anything that seemed to be monopolizing CPU time. To be honest, though, once we start discussing Windows systems processes, we tend to get a bit above my head. I'm not really sure, which processes belong there and which ones might be questionable. Also, I'm not sure how to identify them. Some I recognize from other systems, but most I don't. I've also been told that some spyware is capable of hiding from the Task Manager altogether. So if one was running on my system, I still wouldn't be able to see it.

This brings me to my question. Is there anyway for me to easily find out what application these processes belong to, what they are doing and if any of them can be considered a threat to my system? As it stands now, the only thing I can think of doing is a Google search for the process in hopes of identifying it. This works, but it's slow, time consuming and not always accurate. Thanks for your help and suggestions.

A. This is a very good question. Don't be embarrassed by having difficulty identifying all the processes displayed in the Task Manager. I've know a lot of guys who have been doing this for 10 or more years (myself included) who have to sometimes resort to the Google search method for identifying some unknown process running on their systems. And your concern is justified. There are, in fact, many malicious programs capable of hiding from the Windows Task Manager. Up until recently, I would have said that doing a Google search was probably the most efficient, if not the quickest or easiest way of doing this. Now, however, I found a better way.

The Security Task Manager from Neuber.com is an enhanced version of the Windows Task Manager and has got to be one of the most useful utilities I've come across in quite sometime. In addition to the basic information the Windows Task Manager provides you with, the Security Task Manager displays almost everything else you could ever want to know about a process.

This information includes the file name and directory path of the process along with a description, the CPU usage, the type of process (application, DLL, drivers, and so on.), whether the process is configured to start with Windows and who the manufacturer is. That would be good enough, but it gets better. It can also recognize virtual driver software, services, Browser Helper Objects (BHO) and other processes normally hidden from the Windows task manager. It can even identify hidden functions like keyboard loggers as well. Best of all, the Security Task Manager actually performs a threat assessment of every running process on the system and graphically displays the results. So you immediately know which processes you should be concerned about.

For example, I was looking through my running processes and found one that I didn't recognize called BTStackServer.exe. Anything with the word "Server" in it has the potential to be bad, so I wanted to investigate it. As you know the Windows Task Manager tells you nothing about it. The Security Task Manager on the other hand gave me this information:

Information about BTStackServer.exe process 

--------------------------------------------------------------------------------

Process description: Bluetooth Stack COM Server

Product: Bluetooth Software 1.4.1 Build 5 SP4

Company: WIDCOMM Inc.

File: BTStackServer.exe


All comments about BTStackServer.exe: -------------------------------------------------------------------------------- andrysh - Your WIDCOMM Bluetooth server program. It is essential for using Bluetooth. Don't remove it is safe. See also: Link geoprek - Blue Tooth Server jays240 - Not the best driver and not satisfying with SP2 for Windows XP

In addition, it told me where on my computer the file was located, exactly how much memory it was using and, most importantly, assigned it a security rating. In seconds it had completely alleviated my concern on the subject. Since then it has become one of my favorite utilities.

The Security Task Manager is free for 30 days and then $29 to activate. The $29 activation fee also buys you SpyProtector for protecting your computer and Internet privacy. It prevents keyboard and mouse monitoring, warns you when the registry has changed; like when a Trojan adds an autostart key. It even eliminates the traces of your internet activity; like cookies, cache, history, typed URLs and temporary files.

To try out the Security Task Manager for yourself, visit http://www.neuber.com/taskmanager/index.html. I don't know if this will help your slowdown problem, but at the very least it should put your mind at ease regarding the possible threat of spyware. Good luck!

Use our feedback form to submit your questions on home or SOHO networking issues. We cannot guarantee to answer every question we get, but we’ll consider them all.



Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums