Which sysinternal tool to use to track a virus

33166389 0 Reputation points
2023-04-30T12:50:06.0666667+00:00

For a while now soon about 45 mins after I start up my computer a window appears towards the top left of the screen which is very small. So small that the minimise and maximise icons are very near the left hand corner of window; I cannot see the content of the window itself. The icon in the top left hand corner is the icon related to the application I was last using.

The computer then becomes unresponsive; then the screen goes blank. After a second or two the screen is restored except thatn in the bottom right there is a large black box. To get rid of this black box I press ctrl-alt-delete and then hit the cancel button; the screen is then restored.

I was using the procmon.exe to track what was happening on the system but this crashed just at the moment I needed it.

What tool can I use to record audit of applications starting and stopping on the laptop so that I can figure out whether I have a virus or not?

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
6,819 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. MotoX80 29,446 Reputation points
    2023-05-01T13:57:08.2033333+00:00

    You should first run scans to see if any virus is detected. Run a Defender full scan and also an offline scan.

    https://www.howtogeek.com/679263/how-to-scan-with-microsoft-defender-antivirus-on-windows-10/

    Then run the Malicious Software Removal Tool.

    https://www.microsoft.com/en-us/download/details.aspx?id=9905

    If the "small window" still appears use the Process Explorer to identify the process.

    https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer

    Click and hold the target icon, and drop it over the small windows. Procexp will then highlight which process that is,

    User's image

    0 comments No comments