I have seen entries in my DNS logs suggesting that I have a small but significant number of hits to some questionable domains on a daily basis from one particular client machine. This was seen on a previous Windows Vista machine which has now been retired and been replaced by a Windows 10 build which is now exhibiting the same symptoms. I'd like to get to the bottom of this by identifying/logging from the client machine which process(es) is making said DNS queries.
Given the nature of DNS transactions, it's unlikely I'm going to pick much up with built-in Resource Monitor and the likes.
Can anyone make any suggestions?