Hi guys For diagnostic reasons I think it would be really useful to be able to somehow get a log showing each file accessed when running anything in XP. The TASK MANAGER seems to go a little way towards this but I don't want to get a defined output such as processes, tasks or application or security files only, just quite simply a list of each & every file accessed, ideally realtime so I can start & stop recording this information at any time whilst running programs within XP
Any ideas?
coolin333 0 Newbie Poster
Recommended Answers
Jump to PostProcess Monitor.
Jump to Posthere is a solution FileMon
quote from bottom of the page in link you provided !
"Note This tool has been replaced by Process Monitor".
Jump to Post"So I need a 'snapshot' of all file access from when I click the 'Update' icon in AVG up to 3 or 4 seconds later when the denied access message comes up. I can't seem to get this type of 'snapshot' in Process monitor" You are kidding... or else you …
All 12 Replies
gerbil 216 Industrious Poster
Process Monitor.
FlamingClaw 98 Posting Pro
coolin333 0 Newbie Poster
Thanks very much for suggestion. Perhaps I should explain more what I am trying to do- I have malware on my PC & every time I try to update AVG or access a webpage , it attempts to redirect to another page with ads. Having used HiJackThis with 3 or 4 anti-mal scans the problem was temporarily removed only to come back, so I would like to get to the root of the problem rather than keep scanning again if possible. Now when I try to update AVG the problem seems to be very logical in that 'access to the server is deined' & this is most likely caused by a program accessing a file outside AVG. So I need a 'snapshot' of all file access from when I click the 'Update' icon in AVG up to 3 or 4 seconds later when the denied access message comes up. I can't seem to get this type of 'snapshot' in Process monitor/Task Manager & I'm not clear if ALL files used are shown under Processes there, which can be viewed so far as to see when CPU usage goes up but when only for a split second, it's not easy to establish exactly which file's are accessed.
coolin333 0 Newbie Poster
Wow! Thanks FlamingClaw That looks good Sorry, didn't see your post till after I submitted my last one I'm busy offline for 2 days but will definitely give this a try & post back
FlamingClaw 98 Posting Pro
Salem 5,265 Posting Sage
gerbil 216 Industrious Poster
"So I need a 'snapshot' of all file access from when I click the 'Update' icon in AVG up to 3 or 4 seconds later when the denied access message comes up. I can't seem to get this type of 'snapshot' in Process monitor" You are kidding... or else you do not know how to use the tool. ProcMon will, if you so wish, log everything that happens from & to whenever you wish, including from as the kernal loads. And you can split out the file accesses with one click.
coolin333 0 Newbie Poster
OK. Seems I must have mis-understood Process Monitor without a link as a part of Task Manager- Processes. But then hey that's why I asked the question as I didn't know the answer. Thanks for informed answers all round, the Procmon Process Monitor download is indeed just the job.
gerbil 216 Industrious Poster
Ah, sorry, Coolin.. sometimes I take things for granted. Yes, it is indeed the tool you needed.
coolin333 0 Newbie Poster
Can I move this post to mentioned forum64? Wondering if anyone else has successfully used ProcMon to remove Malware. Seems there's a huge number of files to check through. Also I've XP SP2 but kept IE6 so I can do some unrelated compatibilty checks but now wondering if IE6 is weak against malware...
coolin333 0 Newbie Poster
Footnote: May end up re-installing OS as unable to do Restore.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.