My Processes in Task Manager Does Not Show Any Suspecious File is Running ... Is This Enough?

Is proccess tab in task manager, shows all the processes that are running in real-time? Is there a possibility a hacker plant a trojan in my pc and doesn't make it appear in task manager?

You do ask alot of questions :D. The answer is no. you are not safe with any information that microsoft gives to you through the task manager. You need a more advance system monitor. Also download an anti-virus and an anti-spyware program. Probably even a firewall. Also don't use Ie. Download Firefox. Ie6 is terrible with rights permission. I am not for sure with ie7, but I wouldn't take my chances knowning why ie6 is so bad with exploits.

I will tell you why the task manager isn't reliable. It doesn't show all injected dlls in run32.exe ;). I very common approach would be to run the run32.exe at bootup(look at msconfig) and let it load up the dll that has the code to spy on you. It isn't a process, so it won't show in your task manager at all, except for run32.exe which has the dll loaded in it dynamically. Is that scary enough? Try this, I virus appends its contents to a common win32 exe application and runs with it? There is no way to tell whether you are safe without knowing how the os works and how to prevent such an occurrence.

You kind of embarresed me now, :-P just kidding....

You are right i ask alot of questions, even at college :-) ....

Thanks for your answer!

lol. I haven't even went to college.. yet :) isn't that ironic :confused:

Create your own type of keylogger that records the time it takes you to type something a few times.

Record it as a program, and run it at any time. If it takes any longer to process keystrokes, you'll know about it.

It doesn't show you the cause, but can definitely show a pattern that you can use to investigate further.

Maybe You can use some software to check out how many process is running on your computer.

I suggest you use IceSword software.

And others : ProMonitor, RegMonitor ..

Create your own type of keylogger that records the time it takes you to type something a few times.
Record it as a program, and run it at any time. If it takes any longer to process keystrokes, you'll know about it.
It doesn't show you the cause, but can definitely show a pattern that you can use to investigate further.

I basically agree with that strategy, as we talked about this controversial issue before.
We can't really go into explicit detail about it, since then it may be easier for someone to defeat it.
Your personal keylogger can also not pass on the hook chain, thus eliminating the chance for another keylogger to pick it up, since your hook would be first in line.
Again, the timing will be much different in most cases, and it should be easy to identify possible keylogging.

You'll want to do a search for Paul Kimmel's article for keyboard hooking here at the codeguru.
Master that first, and understand it fully, then you can take the next step to make your own anti-keylogger.

Create your own type of keylogger that records the time it takes you to type something a few times.

Record it as a program, and run it at any time. If it takes any longer to process keystrokes, you'll know about it.

It doesn't show you the cause, but can definitely show a pattern that you can use to investigate further.

Will that be a fool-proof way to determine for keyloggers? I have also been digging into determining keyloggers though I am out of ideas and left it just hanging...

Will that be a fool-proof way to determine for keyloggers? I have also been digging into determining keyloggers though I am out of ideas and left it just hanging...

There is NO foolproof way.

The suggestion given is a reasonable one.

Another suprising thing is that many keylogger and related send the recorded keys as clear text over the network.

One thing EVERYONE (technical) should do is keep an IP monitor/logger running that tracks ALL outbound IP packets. If you see something going to an IP that you dont recognize then "something" is up.....