Question Suspicious Program Taking Screen Shots or also/acting as a Keylogger Pops up Top Left of Screen

Toggle sidebar Toggle sidebar
T

tranceman

Reputable
Jul 21, 2018
3
0
4,510
Hey everyone....
I installed a suspicious program; long story short, I now see this window open and close about every 1-2 minutes, on an ongoing and consistent basis, and I believe it is taking screen shots or also/acting as a keylogger. I scanned with two anti-virus programs and found nothing. I am a pretty savvy PC user, but I am not sure what to do in this case.
I see it at top left, something on my screen in like 1/8 of a second opens and closes, unfocuses whatever app I am in messes stuff up. it opens and closes very fast at top left of my monitor.

Any ideas on how to catch this?
 
Sort by date Sort by votes
Gam3r01

Gam3r01

Titan
Jan 12, 2013
25,417
976
115,440
Restore your backup from before you downloaded said program.
But, since you havent done that already, Im going to assume you dont have any backups. In that case, you are better off wiping the install and doing a fresh install of windows. You are never going to be certain you got rid of whatever this is.
 
Upvote 0 Downvote
Ralston18

Ralston18

Titan
Moderator
Oct 11, 2014
34,801
3,305
146,290
I will add the suggestion that you try to discover "what" it is....

Likely something launching at startup and running in the background. Or being triggered via Task Scheduler.

Use Task Manager, Resource Monitor, Process Explorer, Task Scheduler, Reliabilty History, and Event Viewer to look for some pattern of behavior that matches the 1-2 minute pattern of the Window's opening. Or anything else that happens with that 1 - 2 minute pattern.

That is all quite a bit to look at but no immediate need to rush.

Simply run each tool one at a time, leave the tool Window open and dragged aside so you can watch for whatever changes (may be quick) when the mystery window opens and closes.

Use the sorts (Column header arrows) to arrange the viewed output as applicable. Idea being that whatever is causing the the problem will spike some resource.

Process Explorer (Microsoft, free) may prove the most helpful.

https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer

If too quick to catch then Reliability History and/or Event Viewer may be capturing some related error code, warning, or informational event that corresponds with the opening and closing.

Likely you will learn a few other things about your system during the observations and "troubleshooting" efforts.

In any case, even if you discover the culprit, a fresh Windows install will certainly ensure that the cause is gone for good.
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom