Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Hidden process since last Windows update

25 Nov 2014   #1
Read Only

Windows 7 Professional x64
Hidden process since last Windows update

This is a thread addressed to security experts willing to help.

Ever since I installed the latest windows security updates, my firewall is detecting a hidden process acting as a medium when I try to go online with some applications. I call it hidden process because my firewall is unable to tell the app name and its location, which is quite unusual.

If I refuse internet access to that hidden process, then certain applications fail to go online.

This is quite worrying because it happens with an encrypted sandbox and encrypted openoffice documents. So since the latest windows update, both virtualbox and openoffice can no longer go online without that hidden process acting as a medium.

Could somebody give me indications about how I could identify that process? My system is Win 7 x64 SP1 up to date and nothing was detected by a full scan from a leading antivirus software.

My System SpecsSystem Spec
25 Nov 2014   #2

W7 Prof 64 bit

Maybe Microsoft's Process Explorer can help you.

Process Explorer
My System SpecsSystem Spec
25 Nov 2014   #3
Read Only

Windows 7 Professional x64

I wish it was that easy, but I wouldn't need to post about it then.

The process is completely hidden to regular tools, it is probably located in the RAM and encrypted. I will need something a lot more advanced to identify it.
My System SpecsSystem Spec

25 Nov 2014   #4

Windows 7 Pro 32

Does the firewall log not even show a Process ID?
My System SpecsSystem Spec
25 Nov 2014   #5
Read Only

Windows 7 Professional x64

Log of the process



APP: Blocked



My System SpecsSystem Spec
25 Nov 2014   #6

Windows 7 Pro 32

And if you compare that to a log entry for another not "hidden" file, can you see the PID?

Don't know what firewall you have but Windows Firewall that I use shows a blocked connection like this:
Hidden process since last Windows update-fwblock.png

My System SpecsSystem Spec
25 Nov 2014   #7
Read Only

Windows 7 Professional x64

I have a very basic firewall, no it does not show process id unfortunately, but it does its firewall job with high reliability, and unlike other "advanced" firewalls such as comodo, it has never failed preventing an app going online.
My System SpecsSystem Spec
25 Nov 2014   #8

Windows 7 Pro 32

Then IMHO it's not a good firewall. Detailed logs are as important as the functionality in my world, especially for firewalls.

I suggest you scan with other products, for example Malwarebytes | Free Anti-Malware Detection & Removal Software and the more aggressive
warning   Warning
Norton Power Eraser is known for showing many false positives!
My System SpecsSystem Spec
26 Nov 2014   #9
Read Only

Windows 7 Professional x64

I doubt anything an antivir is going to help, I have already tried that, first I'm going to uninstall the windows security updates one by one to identify the one that is inserting the hidden process, then I'll look for a security expert site.

Thank guys see you.
My System SpecsSystem Spec
27 Nov 2014   #10


Hello Read Only:

I would be appropriately surprised if any of your computer's hidden Internet activities could elude monitoring by

Good hunting.
My System SpecsSystem Spec

 Hidden process since last Windows update

Thread Tools

Similar help and support threads
Thread Forum
Google chrome running any hidden process ?
Hello Folks, I came across an issue which is affecting the performance of my system. After i close chrome, it closes but it is running an undected process in the background in the form of a service maybe, which does not stop after chrome has stopped. I have stopped the google update...
Browsers & Mail
Windows Update Process Auto-run after stopping
Hi, Why can't windows update stop when it is stopped? I tried changing the settings to "only check for updates but let me decide when/if to install them" but clicking OK does not respond. When I stopped its process from task manager under "processes" tab, it will reappear by itself after a few...
Windows Updates & Activation
Hidden Windows update SES driver Disappeared
Hidden Windows update Western digital SES driver Disappeared. The Western digital SES driver is for external backup hard drive. Is there away to find where it went? Windows update history cache was recently emptied.
Backup and Restore
Windows Update - Hide or Restore Hidden Updates
How to Hide or Restore Hidden Windows Updates in Windows 7 and Windows 8 This tutorial will show you how to either hide or unhide Windows Updates to have them listed or not listed as available to install again in Windows 7 and Windows 8. To Hide a Windows Update 1. Open the Control...
How to make explorer see/process a hidden desktop link at startup
I'm sure I can safely assume nobody has ever asked this question before (or probably even thought of why one might want such a thing!). You see, I have this program that I made which I use to send running apps to the system tray. I use the program exclusively through explorer's desktop link...
General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 08:08.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App