I'm a long-time Windows user, now on Win11 25H2, and lately, I've been suspicious that there might be malware on my system. Specifically, I've noticed an overwhelming number of processes running: 102 instances of wsl.exe and 54 instances of conhost.exe. Windows Explorer is acting up—icons aren't loading correctly, and sometimes it can't even display directory trees. I ran the 'Get-Process' command in PowerShell and confirmed those numerous wsl.exe processes.
Before all this, I had an issue with hundreds of git.exe processes running. I had to terminate them to regain control. Now, I'm worried something else is going on. I disabled Windows Defender ages ago because it slows down my development work, but I've read that could be risky.
Can anyone shed light on what's happening? Is it a sign of malware, or could my WSL installation be corrupt? Also, I'd like recommendations for good virus scanners that won't bog down my system. Any insights on how this might have happened would also be appreciated!
4 Answers
First off, running Windows without any security solution, even Windows Defender, can be really dangerous. You might have malware on your PC. Seriously, in the past, infections can happen in seconds. I suggest enabling Windows Defender and scanning your system. Plus, check out Malwarebytes; it's great for on-demand scanning. Make sure to download it from their official site! As for those processes, while I don’t use Windows 11 myself, having so many instances could indicate something weird going on, whether it's an issue with WSL or potential malware. Just to be safe, act quickly and scan your machine!
It sounds like you might just be experiencing some quirky behavior with WSL rather than malware. WSL can act up, especially if a script goes into an infinite loop. I recommend looking into recent updates or configurations that might cause this. Also, check out that GitHub issue linked earlier; it might provide some insight. I also suggest running a few more scans, but be cautious about jumping to conclusions regarding malware. Better safe than sorry, though!
I appreciate the calm perspective! I'll explore the GitHub issue and keep scanning. Thanks for your help!
If you're worried about malware, use a trusted computer to secure your accounts and make sure you've got 2FA enabled. Backup your important files and consider a wipe and reinstall if you're still nervous. Delay can lead to more severe problems down the line. Better to be proactive now than regret it later!
I agree, jumping to conclusions can be misleading. It could be a misconfiguration that's causing all those processes to spawn. WSL is heavy on resources, especially if you're using it with Docker; it might just be that. Crawling through your system and keeping your guards up is wise, but don't panic right away. It's probably something that can be sorted through settings or updates!
Thanks for the advice! I actually got ESET Home and ran a full scan; it came back clean. I plan to re-enable Defender for another look.