When I start my pc, (Nobara 43) Memory is up to 70% usage. I dual boot, but use Windows like 5% of the time. I have a Swap partition (64gb), but I don’t know if that is causing this. Is it safe to kill the windows process? Can anyone shed some light into whats going on? I was starting to think this is sketchy lol

you dual boot, why would there be a ‘windows’ process running on linux side? this doesn’t make sense. unless there’s some program you use on linux that is named ‘windows’ i’m inclined to believe this is a malware of some sort, maybe a crypto miner if it uses that much resource.

yeah thats what i thought :/ how tf do i get rid of this?

Assuming this is malware, depending on the complexity it might be really hard to remove. The best course of action is much like on Windows; Backup your personal files, figure out how the malware got on your PC (so you can avoid it next time), then reinstall the operating system. For backing up personal files, stick to documents, media, etc. Do not include executables (like installed games), and be very careful with config files (and system files), basically only back these up if you know what’s in them is legitimate. You can find more about the process in the /proc/4212/ directory (this is the number on the left in top). By running ls -l, you should be able to see where the exe symlink points to, which tells you where the program is installed. This might give you a clue as to where it came from (or it might not, depending on how the malware is made). If you suspect it is not malware, due to information on your system, look it up online before trusting it. I have personally never seen a root-owned ““windows”” process, which is why I’m heavily leaning towards this being malware. If you feel like you know where the malware came from, or you’re stuck and are struggling to find out more, you should reinstall your operating system to get rid of the malware. Malware can have different levels of complexity, what you’re seeing on the surface might be the whole thing, or it could have more complex systems to reinstall itself after removal. Which is why reinstalling your operating system is the safer option.

Thanks, this is useful info. It doesnt appear to be restarting itself after I killed the process. Is this a good sign?

This doesn’t really say much; this could be legitimate software thinking it crashed, or it could be malware trying to hide itself.

Try seeing if sudo find / -type f -name windows tells you anything about where it’s installed. This command searches through / (all files) to find a file (-type f) that is named windows (the same as the process name).