: Right-click the process in Task Manager and select "Open file location." Legitimate system files are usually in C:\Windows\System32 , while malware often hides in AppData\Roaming or Temp folders [5].

: You can upload the specific file to VirusTotal to see if multiple security engines flag it as malicious [5].

is not a recognized standard Windows system file or a known legitimate application process [1, 2].