Solved

how to tell what is launching processes

Posted on 2004-09-29
9
157 Views
Last Modified: 2012-05-05
I am having some problems with some processes that are named "00pxb7.exe" or some such garbage. I am sure it is virus related, but cannot tell what is launching the process. Trendmicro officescan is not picking this one up.  I would like to know if there is a way to find out what application or executable launched this nasty process. The process is never named the same between reboots. thank you
0
Comment
Question by:ironorion
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 12184523
Could be spyware related and not virus related - try running a spyware scanner - I recommend spybot - http://www.safer-networking.org/en/index.html
0
 

Author Comment

by:ironorion
ID: 12184669
Spybot and Ad-aware both came up negative. They both were updated to their latest respecitve patternfiles.
I now believe this to be related to wind32.exe virus issue. I'm still having trouble making the random generated process names go away and stay away.
0
 
LVL 8

Expert Comment

by:Sam Cohen
ID: 12186853
did you check in you registry under run?
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 10

Expert Comment

by:Longbow
ID: 12188044
Run msconfig.exe from Start / Run
Open the Startup tab.
All the startup processes are there.
You can disable suspicious processes and restart.
Maybe you will find wich is the responsible.
0
 

Author Comment

by:ironorion
ID: 12189984
I've gone through all the standard virus/malware/spyware manual registry crawls looking for anything suspicious. No luck.
0
 
LVL 6

Accepted Solution

by:
nomi17 earned 125 total points
ID: 12191931
Try this free tool called Process explorer:
(scroll to the bottom of page for download links)

http://www.sysinternals.com/ntw2k/freeware/procexp.shtml

This will list your processes with a description that will most likely help you determine which programs are using it.
0
 
LVL 8

Expert Comment

by:Sam Cohen
ID: 12192081
get this free dowload called Ace Utilities located here:

 http://www.download.com/3000-2086-10145494.html
*******************************************
0
 

Author Comment

by:ironorion
ID: 12199610
Thanks nomi17. While not a direct fix for my problem it is the tool I was looking for! All4artz, I gave the app you pointed to a try as well, not what I was looking for but something I will add to my bag o tricks just the same. Thanks all for your help.

0
 
LVL 6

Expert Comment

by:nomi17
ID: 12202056
glad I could help in some way...
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question