Is it possible to detect a virus with taskmanager?
If I would have a running virus on my system, would I be able to see the process in taskmanager? I mean, would it be possible for a running virus to circumvent the taskmanager so the process doesn't appear in the tasklist of windows7?
Or in other words. If I really now all the processes in taskmanager to be secure, I also know that my PC is clean?
No, not usually. It is possible for Task Manager (and other parts of the operating system) to themselves be compromised, thus hiding the virus. This is called a rootkit.
If I really now all the processes in taskmanager to be secure
You can never know all the processes in taskmanager to be secure. Viruses use names of system components for a reason, sometimes even displacing them.
Use an antivirus.
An antivirus detects only so and so much ("During 4Q11, 33 percent of Web malware encountered was zero-day malware not detectable by traditional signature-based methodologies at the time of encounter", source: http://blogs.cisco.com/security/cisco-4q11-global-threat-report/ ).
With a bit of training you can detect some malware because they behave in a certain way that is a bit off to whats usual on the OS. It might be more network traffic, more cpu usage, strange disk accesses or something else. Malware are not only available as single binaries which are detectable via a taskmanager but also as dynamic libraries (dll) attached to other processes.
You can get clues about what is running on your system with a taskmanager like Process Explorer from the Sysinternal Suite, and you can watch things happen on your system with something like Process Monitor of the same suite. Get used to the tools and watch for signs of "strangeness":
- Unsigned binaries (executables or dlls)
- Strange writes to strange files
- Strange network activity
(The "strange" part is the training you need in order to distinguish between "that's normal" and "that is strange")
The author of the Sysinternal Suite shows some clever ways to use the above mentioned tools:
https://www.youtube.com/watch?v=7heEYEbFim4
So, yes, you can detect some of the malware with a decent task manager. The less sophisticated the malware is, the easier it will be to detect. If the malware tries to detect the use of task managers like Process Explorer you might need to even take advanced steps such as using a different "Session" to detect strange behavior but it is still possible.
It is not possible to detect virus from task manager.
There are several kind of virus. Virus, Trojan, rootkit, adware/puk etc. Some virus hide themselves from task manager.So, it doesn't appear in task manager.
I would suggest you to stop looking in task manager and install antivirus.
How can I: Access Windows® Event Viewer?
- Press Image+ R and type “eventvwr.msc” and click OK or press Enter.
- Expand Windows Logs, and select Security.
- In the middle you’ll see a list, with Date and Time,Source, Event ID and Task Category. The Task Category pretty much explains the event, Logon, Special Logon, Logoff and other details.