Windows XP running processes

O

onetitfemme

Hi,
..
I need to know what processes the OS is running in the (back or)
foreground as well as the applications or utilities that started them
in Windows XP and also it would be even better knowing that these
applications/utilities haven't changed and/or to which extent if they
do.
..
tripwire checks the file system, but not the running processes
..
Using Linux/Unix you could do in a relatively simple way using "ps
aux" , "grep", "which", "ls" and "md5sum"
..
Could you also somehow check that the process in memory after being
loaded hasn't changed?
..
thanks
onetitfemme
 
S

Shenan Stanley

onetitfemme said:
I need to know what processes the OS is running in the (back or)
foreground as well as the applications or utilities that started
them in Windows XP and also it would be even better knowing that
these applications/utilities haven't changed and/or to which extent
if they do.
.
tripwire checks the file system, but not the running processes
.
Using Linux/Unix you could do in a relatively simple way using "ps
aux" , "grep", "which", "ls" and "md5sum"
.
Could you also somehow check that the process in memory after being
loaded hasn't changed?
Click to expand...

Command Prompt...

TASKLIST /SVC
 
T

Ted Zieglar

Here's what I do if I want to know "what processes the OS is running in
the (back or)foreground as well as the applications or utilities that
started them": I open Task Manager and click on the Processes tab. Then
I take each process in turn and put it into an internet search engine.
This gives me all the information I need.

Exactly what do you mean by a process that has 'changed'? What kind of
change are you interested in?
 
A

Alec S.

Ted Zieglar said:
Here's what I do if I want to know "what processes the OS is running in
the (back or)foreground as well as the applications or utilities that
started them": I open Task Manager and click on the Processes tab. Then
I take each process in turn and put it into an internet search engine.
This gives me all the information I need.

Exactly what do you mean by a process that has 'changed'? What kind of
change are you interested in?
Click to expand...

Obviously Trojans, viruses, etc.
 
O

onetitfemme

Ted said:
I open Task Manager ...
Click to expand...
..
it amazes me how much people like their TV sets ;-)
..
Ted, for example, what about if you are running a server and don't
even load a windowing-GUI system?
..
otf
 
A

Alec S.

onetitfemme said:
it amazes me how much people like their TV sets ;-)
Click to expand...

I do!


onetitfemme said:
.
Ted, for example, what about if you are running a server and don't
even load a windowing-GUI system?
.
Click to expand...

Then you use the same procedure that people used to use on displayless, keyboardless server terminals back before the pyramids were
built. :)
 
A

Alec S.

Ted Zieglar said:
If that's your situation, why are you posting in Windows XP newsgroups?
Click to expand...

Because she needs to make sure that XP's system files are unmodified, and she runs it as a server without loading Explorer.


Oh, and onetitfemme, you can use "sfc /scannow" to check system file integrity.
 
R

ross

Command Prompt...

TASKLIST /SVC
Click to expand...


To Shenan Stanley
tks for the answer you gave. It finally gives me an inkling into
the multiple and different svchost listings and what they may be for.
Microsoft's explanation is incomprehesible to this mere mortal.

ross
 
A

Alec S.

ross said:
To Shenan Stanley
tks for the answer you gave. It finally gives me an inkling into
the multiple and different svchost listings and what they may be for.
Click to expand...
Microsoft's explanation is incomprehesible to this mere mortal.
Click to expand...

That's because you're not supposed to know. Microsoft could make it much clearer if they want, but you're not supposed to screw
around with the OS internals, so they purposely obfuscate some parts, and leave a lot of parts undocumented. Of course that just
drives reversers even more.
 
F

Fuzzy Logic

Hi,
.
I need to know what processes the OS is running in the (back or)
foreground as well as the applications or utilities that started them
in Windows XP and also it would be even better knowing that these
applications/utilities haven't changed and/or to which extent if they
do.
.
tripwire checks the file system, but not the running processes
.
Using Linux/Unix you could do in a relatively simple way using "ps
aux" , "grep", "which", "ls" and "md5sum"
.
Could you also somehow check that the process in memory after being
loaded hasn't changed?
.
thanks
onetitfemme
Click to expand...

Take a look at Process Explorer:

http://www.sysinternals.com/Utilities/ProcessExplorer.html

It won't do all that you want but it will certainly give you a better idea of what's going on.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Unnecessary processes XP 9
52 running processes ??? 7
Creating new profile with limited processes? 4
What windows processes need to be running? 12
System32 Applications/Processes Stopped 4
What minimum "Processes" are required for XP Home to operate correctly? 3
33 processes and then...... 4
ATM machines using XP 1

Top