Which sysinternal tool to use to track a virus

33166389 0 Reputation points
2023-04-30T12:50:06.0666667+00:00

For a while now soon about 45 mins after I start up my computer a window appears towards the top left of the screen which is very small. So small that the minimise and maximise icons are very near the left hand corner of window; I cannot see the content of the window itself. The icon in the top left hand corner is the icon related to the application I was last using.

The computer then becomes unresponsive; then the screen goes blank. After a second or two the screen is restored except thatn in the bottom right there is a large black box. To get rid of this black box I press ctrl-alt-delete and then hit the cancel button; the screen is then restored.

I was using the procmon.exe to track what was happening on the system but this crashed just at the moment I needed it.

What tool can I use to record audit of applications starting and stopping on the laptop so that I can figure out whether I have a virus or not?

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,458 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. MotoX80 33,376 Reputation points
    2023-05-01T13:57:08.2033333+00:00

    You should first run scans to see if any virus is detected. Run a Defender full scan and also an offline scan.

    https://www.howtogeek.com/679263/how-to-scan-with-microsoft-defender-antivirus-on-windows-10/

    Then run the Malicious Software Removal Tool.

    https://www.microsoft.com/en-us/download/details.aspx?id=9905

    If the "small window" still appears use the Process Explorer to identify the process.

    https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer

    Click and hold the target icon, and drop it over the small windows. Procexp will then highlight which process that is,

    User's image

    0 comments No comments

  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.