Answer the question
In order to leave comments, you need to log in
How to find malware that has recently entered the system?
There are windows 7. I have not been using any antiviruses for about 5 years. To control the system, I use utilities from sysinternals and some other standard and not very programs. Sometimes I download X Internet Security. (x is an arbitrary manufacturer of anti-virus software), I do a full database update, a full scan and delete it.
So - today I turn on the computer and I immediately see 50% processor load. I look and see that it is ctfmon.exe that loads it. I think it's ok, it'll close soon. But no - I wait another 20 seconds and nothing is going to leave. This load of the process usually indicates that the process is not working properly. I end the process and literally after 2-3 seconds another process comes out, which also has a 50% load, I reset it, I get 1 more new process, which has the same load, by fighting with randomly starting processes, the following was revealed:
processes with names are created automatically - ctfmon.exe, SearchIndexer.exe, wuaclt.exe, dwm.exe, dwmHost.exe and others, process names like SearchIndexer and dwm are assigned new letters on the right and start, i.e. the process name is dynamically generated.
Everyone is 50% loaded.
In addition, if you try to quickly drop them all, then conhost.exe and taskhost.exe are
also
launched
. it started so many times and I dumped it.
by resetting only the process that gives a load of 50%, you can achieve almost 0 load others.
If you try to reset all of them, then processes will inevitably pop up that give a load of 50%
So far, I just went through this case using avz, I did not find anything.
Question to experts, how to investigate the system and find the culprit?
Answer the question
In order to leave comments, you need to log in
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question