If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
how do I find out what's running before I login?
That's my question for the morning: what's running? When I get up in the morning, I feed the cat, turn on the computer, and go make coffee. After coffee I come back in the computer room, and can hear the drive "doing something" Lots of reading and writing. Or maybe just reading. But I can't tell, because when I click on Owner account and "log in" - it stops. So, what was running before I started using the computer? Any idea for finding out what all is busy before I am? tschus pyotr -- pyotr filipivich The question was asked: "Is Hindsight overrated?" In retrospect, it appears to be. |
Ads |
#2
|
|||
|
|||
how do I find out what's running before I login?
pyotr filipivich wrote:
That's my question for the morning: what's running? When I get up in the morning, I feed the cat, turn on the computer, and go make coffee. After coffee I come back in the computer room, and can hear the drive "doing something" Lots of reading and writing. Or maybe just reading. But I can't tell, because when I click on Owner account and "log in" - it stops. So, what was running before I started using the computer? Any idea for finding out what all is busy before I am? tschus pyotr Windows Defender. Search Indexer. You can use Sysinternals Process Monitor to do a boot trace. After you reboot, the procmon23.dll (hidden) DLL the program injects, it causes the OS to collect ETW events for later in the session. After you've fed the cat, you enter the computer room, and run Process Monitor (procmon64.exe) for the first time that day. It'll ask to save the trace it's already collected while the cat was eating, and you can review that trace to see if the Search Indexer is running or MsMpEng is running. Now, if it's actually a mysterious third-party application, it will likely use a descriptive executable name for you to look up. There is also a service called SuperFetch, which can get a bit carried away. But I don't know if that one features "Back-off" behavior like the two examples above do. When you click or move the mouse, that's enough to cause back-off services or programs to stop playing around on you. It's possible SuperFetch is removed (or renamed) in 1809. But the behavior is very annoying, since you can never tell (without using additional tools), what the heck was going on. I mean, the activity could be Ransomware encrypting the entire hard drive, and you'd never know for sure by looking at the screen. You can't tell if the hard drive light flashing, is "good" flashing or "bad" flashing. Paul |
#3
|
|||
|
|||
how do I find out what's running before I login?
On Sun, 21 Oct 2018 12:47:03 -0400, Paul wrote:
Windows Defender. Search Indexer. You can use Sysinternals Process Monitor to do a boot trace. [snip] Basically, all services whose Startup-Type is configured as Automatic. Including scheduled tasks which are configured to run at computer startup. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|