Startup info on cli.exe
Anytime you come across a suspicious file, search the name using Google, The File Database
, File Research Center
or the Process ID Database
Determining whether a file is malware or a legitimate process depends on the location (path) it is running from. You can download and use Process Explorer
or Glarysoft Process Manager
to investigate all running processes and gather additional information to identify and resolve problems. These tools will show the process CPU usage, a description and its path location
The Process Explorer window shows two panes by default: the upper pane is always a process list and the bottom either shows the list of DLLs loaded into the process selected in the upper pane, or the list of operating system resource handles (files, Registry keys, synchronization objects) the process has open. In the menu at the top select View > Lower Pane View to change between DLLs and Handles.
If you cannot find any information or if the file has a legitimate name but is not located where it is supposed to be, then submit it to jotti's virusscan
. In the "File to upload & scan
" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.