When you experience or encounter strange behavior, always check for new, unknown or suspicious processes in Task Manager
Most of the processes in Task Manager will be legitimate as shown in these links.
Anytime you come across a suspicious file or one that you do not recognize, search the name using Google or the following databases:
Determining whether a file is malware or a legitimate process sometimes depends on the location (path) it is running from. One of the ways that malware tries to hide is to give itself the same name as a critical system file. However, it then places itself in a different location on your computer. Another techinique is for the process to alter the registry and add itself as a Startup program
so that it can run automatically each time the computer is booted. A file's properties may give a clue to identifying it. Right-click
on the file, choose Properties
and examine the General and Version tabs.
Tools to investigate running processes and gather additional information to identify them and resolve problems:These tools will provide information about each process, CPU usage, file description and its path location If you right-click on a file and select properties, you will see more details.
If you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to Jotti's virusscan
. In the "File to upload & scan
" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
-- Then post back with the results of the file analysis.