Windows – EXE files being deleted

executablewindows

I have a couple of Windows boxes (Windows XP and Windows Server 2008) where a few EXE files (unwise.exe – from Wise installation system – among others) simply disappear from time to time.

I tried to narrow down this issue by disabling antivirus, anti spyware, etc. (I started by looking at their log files and quarantine), but with no luck.
There weren't any clues in the event viewer either.

Any suggestion?

Best Answer

This sounds like a perfect job for Windows Sysinternals Process Monitor. This powerful tool allows you to monitor almost every activity on your system.

While it is powerful it can be also dangerous because when not using proper filters and logging methods it can have a considerable impact on your system (Virtual Memory exhaustion to name one).

In your case I'd do the following:

download Process Monitor, extract and run it as administrator
stop the initial capture by pressing Ctrl+E
change the backing file from Virtual Memory to a disk file to lower the possible strain on your system's RAM/Pagefile: File -> Backing Files... -> Use file named (a separate disk/partition is best for this)
apply appropriate filters to your situation: Filter -> Filter... select Event Class is File System then Include and press Add
to narrow the output even further you can specify paths to files you want to monitor: select Path is <path> then Include and press Add and OK
to eliminate all unnecessary events from the capture select Filter -> Drop Filtered Events
start capturing by pressing Ctrl+E

This should give you some hints about what exactly is happening to your files while having low impact on your system.

Best Answer

Related Solutions

Windows – Useful Command-line Commands on Windows

Windows – How to wait for an exe to complete in batch file

Related Topic