0

Hi guys For diagnostic reasons I think it would be really useful to be able to somehow get a log showing each file accessed when running anything in XP. The TASK MANAGER seems to go a little way towards this but I don't want to get a defined output such as processes, tasks or application or security files only, just quite simply a list of each & every file accessed, ideally realtime so I can start & stop recording this information at any time whilst running programs within XP
Any ideas?

5
Contributors
12
Replies
13
Views
8 Years
Discussion Span
Last Post by coolin333
0

Thanks very much for suggestion. Perhaps I should explain more what I am trying to do- I have malware on my PC & every time I try to update AVG or access a webpage , it attempts to redirect to another page with ads. Having used HiJackThis with 3 or 4 anti-mal scans the problem was temporarily removed only to come back, so I would like to get to the root of the problem rather than keep scanning again if possible. Now when I try to update AVG the problem seems to be very logical in that 'access to the server is deined' & this is most likely caused by a program accessing a file outside AVG. So I need a 'snapshot' of all file access from when I click the 'Update' icon in AVG up to 3 or 4 seconds later when the denied access message comes up. I can't seem to get this type of 'snapshot' in Process monitor/Task Manager & I'm not clear if ALL files used are shown under Processes there, which can be viewed so far as to see when CPU usage goes up but when only for a split second, it's not easy to establish exactly which file's are accessed.

0

Wow! Thanks FlamingClaw That looks good Sorry, didn't see your post till after I submitted my last one I'm busy offline for 2 days but will definitely give this a try & post back

0

"So I need a 'snapshot' of all file access from when I click the 'Update' icon in AVG up to 3 or 4 seconds later when the denied access message comes up. I can't seem to get this type of 'snapshot' in Process monitor" You are kidding... or else you do not know how to use the tool. ProcMon will, if you so wish, log everything that happens from & to whenever you wish, including from as the kernal loads. And you can split out the file accesses with one click.

0

OK. Seems I must have mis-understood Process Monitor without a link as a part of Task Manager- Processes. But then hey that's why I asked the question as I didn't know the answer. Thanks for informed answers all round, the Procmon Process Monitor download is indeed just the job.

0

Ah, sorry, Coolin.. sometimes I take things for granted. Yes, it is indeed the tool you needed.

0

Can I move this post to mentioned forum64? Wondering if anyone else has successfully used ProcMon to remove Malware. Seems there's a huge number of files to check through. Also I've XP SP2 but kept IE6 so I can do some unrelated compatibilty checks but now wondering if IE6 is weak against malware...

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.