Which sysinternal tool to use to track a virus

33166389 0 Reputation points

For a while now soon about 45 mins after I start up my computer a window appears towards the top left of the screen which is very small. So small that the minimise and maximise icons are very near the left hand corner of window; I cannot see the content of the window itself. The icon in the top left hand corner is the icon related to the application I was last using.

The computer then becomes unresponsive; then the screen goes blank. After a second or two the screen is restored except thatn in the bottom right there is a large black box. To get rid of this black box I press ctrl-alt-delete and then hit the cancel button; the screen is then restored.

I was using the procmon.exe to track what was happening on the system but this crashed just at the moment I needed it.

What tool can I use to record audit of applications starting and stopping on the laptop so that I can figure out whether I have a virus or not?

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
6,819 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. MotoX80 29,446 Reputation points

    You should first run scans to see if any virus is detected. Run a Defender full scan and also an offline scan.


    Then run the Malicious Software Removal Tool.


    If the "small window" still appears use the Process Explorer to identify the process.


    Click and hold the target icon, and drop it over the small windows. Procexp will then highlight which process that is,

    User's image

    0 comments No comments