Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

taskmanager shows process at location I'm unable to find in regedit


  • Please log in to reply
8 replies to this topic

#1 chappie99

chappie99

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 01 January 2017 - 06:49 AM

Hi all,

 

Hoping some of you clever bods can help. Have been having a few network/wifi issues with my Windows 7 Home Premium. I'm fairly tech-savvy, so no direct problem with viruses, malware etc. as far as I'm aware.

 

After some recent odd behaviour e.g. my browser seeming to take forever to look up a request, I did a bit of googling and ended up running "netstat -ba" which in turn led me to look at running processes.

 

I have an Asus laptop and Taskmanager shows a process "FBAgent.exe" running. This is distributed by Asus and is their "fastboot" application. So, going to the location in /system32/ folder, I right click on the exe and a number of odd things appear. One, it is much smaller than the listed size on Asus own website. Two, in the properties window it says "Chinese language version". So naturally I was a bit suspicious.

 

Here's where I don't understand: I thought I might just delete it. Okay, perhaps I should use a more structured approach, but figured I could delete it and then install the version downloaded directly from Asus. But it doesn't delete because it says

 

"The action can't be completed because the file is open in AFBAgent"

 

And where in my computer does AFBAgent live? Nowhere apparently. Turned on folder options to show hidden files, plus show system files. Did a search at root level i.e. at "C:" and nothing found.

 

Trying a different approach, I ran msconfig.exe and looked at my start items. While I didn't find any app or process that matches the above, I did find that a driver for a now defunct USB wifi extender was running, and knowing that the drivers were from a Chinese/Asian company (Ralink) I decided to remove them. Msconfig lists this driver as being installed at

 

HKLM/SOFTWARE/Wow6432Nove/Microsoft/Windows/CurrentVersion/  etc. The weird thing is - this directly DOES NOT EXIST anywhere on my computer that I can find, nor does a search in Regedit, starting at top level, find anything.

 

So firstly - any and all help appreciated. Secondly, where would I find AFBAgent? How can I remove traces of this "Wow6432" folder from registry/computer?

 

Anything else I need to be doing. Many thanks in advance :0)



BC AdBot (Login to Remove)

 


#2 opera

opera

  • Members
  • 969 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:38 AM

Posted 01 January 2017 - 07:02 AM

http://www.file.net/process/fbagent.exe.html



#3 chappie99

chappie99
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 01 January 2017 - 07:08 AM

@opera many thanks for the link. Had already been there, and guess what? No such program shows up under the Uninstall manager.

I have since found and disabled AFBAgent, so am about to manually delete offending FBAgent, but I still left with the issue of start items located in places that apparently don't exist!



#4 chappie99

chappie99
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 01 January 2017 - 07:12 AM

Even more weird...

 

Turned off a few startup items, rebooted, and now in the uninstall manager, the Fastboot program appears! So, I've uninstalled it from there... Another reboot, check files etc. Odd!



#5 opera

opera

  • Members
  • 969 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:38 AM

Posted 01 January 2017 - 07:16 AM

Glad you seem to have got things sorted now.

 

Sometimes you end up having to be being like a detective!!



#6 chappie99

chappie99
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 01 January 2017 - 07:28 AM

Not entirely sorted yet. There's still the issue of startup software being located in a place that I can't find, but thanks for the help :0)


Edited by chappie99, 01 January 2017 - 07:28 AM.


#7 hamluis

hamluis

    Moderator


  • Moderator
  • 55,554 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:38 PM

Posted 01 January 2017 - 11:32 AM

Startup entries originate in two places...files and the registry.  Sounds to me as if you have only checked files.

 

Louis



#8 chappie99

chappie99
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 01 January 2017 - 12:00 PM

@hamluis apologies if my original post wasn't clear. There were a number of potential issues that arose simultaneously. While I've since found and removed the original offending software, and having searched the registry - I'm still left with the slight unease of having had startup software hooks but that COULD NOT be located in the registry. I've no idea how that could happen. Perhaps there's some sort of ghost directory somewhere? Or simply an obselete link? In any event I'd be very happy to just clear this up entirely, even while I've since replaced the FBAgent.exe with the version downloaded from Asus



#9 hamluis

hamluis

    Moderator


  • Moderator
  • 55,554 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:38 PM

Posted 01 January 2017 - 02:39 PM

You can view all startup items (files and registry) by using any one of several startup managers.

 

IMO, Autoruns for Windows is the best but also can be confusing to those who don't bother to read the directions.

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users