Is there a way to find out what process created certain file?

windows-7 virus process
5,378

Process Monitor, from SysInternals, might be what you're looking for. It can be filtered to show just filesystem changes, and then you have the enviable task of filtering it manually to exclude the usual things like Windows Explorer.

EDIT: As a side-note, you may be able to eliminate the malware completely with ComboFix. This is available from BleepingComputer (but does not work on 64-bit Windows).

Share:
5,378
MK_Dev
Author by

MK_Dev

Updated on September 17, 2022

Comments

  • MK_Dev
    MK_Dev over 1 year

    I have a virus file that gets re-created by some other infected file/process. Antivirus catches it, but the file still gets created once in a while.

    Is there a way to figure out/catch which process created the file? I'm open to any solutions. If it requires a 3-rd party app, so be it. This is all happening on a Win7 32-bit MacBook Pro. Thanks!

  • heavyd
    heavyd over 13 years
    You can also add a filter to show only the CreateFile operations (and derivatives) to help you narrow it down.
  • Admin
    Admin over 13 years
    The newest version (it updates very frequently) does work on Vista and 7, but only 32-bit.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What can I do to resolve a cng.sys error while booting?
Whenever I open a program, Internet Explorer opens and tries to download it
What is non-existent process in windows?
How to clean Defo virus in the MBR sector?
dwm.exe stopped working message every few minutes
What to do if virus not detected by current anti virus program?
deleted Win7 files do not show up in recycle bin
How to unhide folders hit Win32/Dorkbot.D worm?
Multiple explorer.exe processes consuming large amounts of memory
Computer going to sleep while being used