Process auditing has been available in Windows since at least NT 4.0. Once you turn it on (via local or group security policy) process creation and terminations are logged in the Security event log.
On 4/17/06, y0himba <[EMAIL PROTECTED]> wrote: > Hi. > > I lurk on this list not posting much and watching, learning from those of > you who do. I am in need of s suggestion. > > I run WinXP SP2. I am a sounds freak, so I have my system configured to > play a small sound when a program opens, and another when it closes. Over > the past week, I have noticed something starting and ending almost > instantaneously when I start certain programs, for instance, Skype. > Normally, I can use Dtaskmanager, Autoruns, and a few other process managers > to watch and figure out what is running, but whatever this process is > happens so fast I cannot catch it. > > What I would like to find is some type of Windows software that will log > processes starting and ending to a text file so I can review it and figure > out what exactly is going on. > > I have run multiple online virus and spyware scans, multiple local virus and > spyware scans, I have run rootkit revealer, HiJack this, and a few others. > They find nothing, so it is probably innocuous, but it is making me nuts > trying to figure out what ended up on this system. I am very obsessive > about keeping it clean and organized, and running great. > > Any serious help is welcome. I can do without the "run Linux" and Windows > sucks statements. > > Thanks for any and all constructive replies. > > > > -----BEGIN GEEK CODE BLOCK----- > Version: 3.1 > GCM/GIT/GO d- s: a C++++$ UL++++ P++++ L++++ E++++ W++++ N+++++ o++++ K++ w > O- M- V-- PS+ PE Y++ PGP++ t+ 5-- X+++++ R* tv++ b+++++ DI++ D++++ G++ e > h---- r+++ y++++ > ------END GEEK CODE BLOCK------ > Get Your Geek Code: http://www.geekcode.com > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/