Platypus,
Your case might be different but my unknown task did not appear in NirSoft's TaskSchedulerView or anywhere else except that task summary page you posted a diagram of.
I don't know how we could use Process monitor to track things down either. I've used Process monitor for other things but can't see how to use it for this particular job.
Denis
It creates a log of everything that ran on boot. Then open the log and check it.
@PlatypusKnight
As you seem to be using an HP machine check this out:
HP Comm Recovery - HP Support Community - 6598136
I guess that if you can find a service - HP Connection Optimizer - then you could temporarily disable it to test.
https://www.shouldiremoveit.com/HP-C...5-program.aspx
Do bear in mind that the unknown task and the signtool thing might be unrelated.
I agree with Callender that Process monitor is appropriate for tracking down the source of the signtool thing.
[My earlier, "I don't know how we could use Process monitor to track things down" comment was because I was thinking about the unknown task and had forgotten about the signtool thing.]
Denis
You guys are the best.
Indeed signtool.exe was unrelated to the malware.
I still don't know what those tasks are.
Signtool.exe was related to HP Comm Recovery - HP Support Community - 6598136
Thank you Callender.
Try3 that Nirsoft tool is fantastic.
This is why I come here.
Marking this as solved.
edit: spellings
There have been a lot of discussions of this problem in Andy Bruin's thread Hidden Task Revealer - TenForums aka Ghost Task Revealer - TenForums
A fully-functioning fix has been posted in that thread at post #56
GhostTaskSuppressor v1.3
Denis
Quote