Jump to content

Suspicious file and folder at system root


Recommended Posts

Its been some time when I connect a newly device with windows OS(10) installed to my wireless router,  windows go through some updates reinstall windows without my prompt, creates windows.old. If I'm not exaggerating you'll see about 200 task host running . I believe not only my OS devices but also myself are being controlled by a virtual server, I am an IT person  myself but not that much knowledge of system security I ran security scan with Eset-nod32,  it says my system is clean but i also see that scanner couldn't even open and access so many files. I believe another Virtual OS installed at root   

sys drivers.txt running task.txt services.txt network proctocal.txt network adapter.txt

Link to comment
Share on other sites

  • Administrators

There are numerous svchost.exe processes running but that's normal. Moreover, it appears that ESET is not installed, however, nortonsecurity.exe is among running processes. That said, if you are having any malware-related issues please contact the maker of your AV.

Link to comment
Share on other sites

  • Most Valued Members
10 hours ago, Jason_beh said:

Its been some time when I connect a newly device with windows OS(10) installed to my wireless router,  windows go through some updates reinstall windows without my prompt, creates windows.old. If I'm not exaggerating you'll see about 200 task host running . I believe not only my OS devices but also myself are being controlled by a virtual server, I am an IT person  myself but not that much knowledge of system security I ran security scan with Eset-nod32,  it says my system is clean but i also see that scanner couldn't even open and access so many files. I believe another Virtual OS installed at root   

sys drivers.txtUnavailable running task.txtUnavailable services.txtUnavailable network proctocal.txtUnavailable network adapter.txtUnavailable

Also just to add eset won't scan any password protected files and files locked by the OS. There is an option to run the scan as an administrator which may help but you'll always get files that cannot be scanned

Link to comment
Share on other sites

14 hours ago, Jason_beh said:

Its been some time when I connect a newly device with windows OS(10) installed to my wireless router,  windows go through some updates reinstall windows without my prompt, creates windows.old. If I'm not exaggerating you'll see about 200 task host running

It appears that Windows Update did a Feature Upgrade which installed a new Win 10 release version on your device. There have been reported instances of this occurring without user consent; e.g. current Win 10 version not supported anymore. It can also happen by applying the update out of set normal operating hours and the PC is left powered up.

As far as all the tasks you observed running, that is normal after a Feature Upgrade has been installed and the device has rebooted to the desktop. Windows is doing house-keeping and clean-up activities related to the Feature Upgrade installation.

As far as the system.old folder you are concerned about, the Feature Upgrade backs up the current installed version of Win 10 in this directory. This allows you to "roll back" to the previous Win 10 version if the recently installed version is problematic. This system.old folder will be automatically deleted by Windows in approximately 10 days.

BTW - all this Feature Upgrade activity is documented in multiple places on the web. You should search this out for further details.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...