\ "String Search Utility \"
Periodically, the "String Search Ultimate (GREP)" appears out of nowhere.Spoiler
It turns on at a random moment, does nothing, loads the processor from 60 to 100%. The only way out is to simply complete in the dispatcher, but after a while it may appear again (be it at least 1 hour, at least all day).
What is it and how do I disable it (permanently)?
ceptey8520
Look at task scheduler and startup. Autoloading can be checked by a third-party program Autoruns, try it.
Is there a Yandex Browser?
Solved the problem - it was a virus. I'll tell you in more detail:
Spoiler1) Not detected by utilities like Kaspersky Virus Removal Tool
2)
Most of them are folders: TrustedInstaller (In Program Filse (x86)) Such a folder (in theory) should not be there. It is removed without problems, but it is restored itself back after a system restart.
Reference Assemblies (!!! In the Program Filse (x86) folder, not in the regular Program Filse !!!). To verify that this is the virus, try removing it. I should write that the permission of the "TrustedInstaller" folder is needed.
Everyone has different ways, but in the end, the Flock folder is also involved (for some, it is just in "C:", for someone in programs that they did not install)
How exactly decided:
1) We go into safe mode (win + r, then type in msconfig, after "Download" and set safe mode. Then, on the first tab of the same window, uncheck the startup box).
2) Delete the "TrustedInstaller" folder (it is better not to clean it from the trash for now). Next, delete the "Reference Assemblies" (and "Flock" folders, if any). It's just that the system will not let you do this, I am attaching a video instruction:
Spoiler
3) Empty the trash, restart the PC and check if what we deleted was deleted (still safe).
4) If everything is deleted, then set the settings to "normal start", reboot again and check the task manager with folders. If the folders are deleted, and there are no more unnecessary processes, then congratulations on defeating the infection (if still not,