Error message dialog boxes usually have title bar text containing the application or process name that generated the error. However, you may sometimes encounter a pop-up window with no text in the title bar, making you guess which program has caused the error.
Let’s say 100+ processes are showing up in the Task Manager. Terminating each one at a time to narrow down the process is cumbersome. To track down the respective app easily, use Process Explorer. Use Process Explorer’s “Find Windows’ Process” button (with the crosshair icon) to know a currently open window’s process name.
Find Which Program Owns a Window or Dialog
Using Process Explorer – “Find Windows’ Process” button
- Download Process Explorer and run it as administrator. If Process Explorer is already running unelevated, elevate it by clicking on the File menu and then click “Show Details for All Processes“. This relaunches the program as administrator.
- Restore down the Process Explorer window size. Or keep the error message window and Process Explorer side by side.
- Drag the Window finder (crosshair icon) button in the toolbar area and drop it on the target window — i.e., the error message dialog or the application window you want to track.
Process Explorer will select the corresponding Process name in the list.
- Double-click it and look at the “Image” tab to learn more about that process.
Check VirusTotal.com if suspicious
If the executable file name is suspicious, you can submit the hashes to VirusTotal.com (VT) using the “Check VirusTotal.com” context menu for that process.
Right-click on the offending process and click “Check VirusTotal.com”.
Enable the VirusTotal column if it’s not already enabled. You’ll see the hyperlink to the VT results, as in the screenshot below.
Clicking on the hyperlink leads you to the VirusTotal analysis page which contains details about the binary — Here’s a sample link.
(1/70) in the above example means 1 scanner (out of the total 70 scanners) has classified the executable as malware. FYI, 1/70 is usually a false-positive, but please exercise caution anyway.
Now you know which application had raised that error message.
You can also use Window Inspector and Spy++ to track the application that created the window or dialog.
One small request: If you liked this post, please share this?One "tiny" share from you would seriously help a lot with the growth of this blog. Some great suggestions:
- Pin it!
- Share it to your favorite blog + Facebook, Reddit
- Tweet it!