I have 10 devices that keep getting recurring infections at the same times every day. It is always trojans, luckily my AV is catching them and quarantining them but I need to find what is causing them to download in the first place. When the download fails a process called setup.exe crashes the workstation. I have checked all the common places for unknown programs or entries, registry, start up folder, task scheduler, and ran a process scanning utility to check for malicious processes. I am at a loss. See screenshots/output for details.
System Crash Event Log
- System
- Provider
[ Name] Microsoft-Windows-Kernel-Power
[ Guid] {331C3B3A-2005-44C2-AC5E-77220C37D6B4}
EventID 41
Version 2
Level 1
Task 63
Opcode 0
Keywords 0x8000000000000002
- TimeCreated
[ SystemTime] 2019-03-05T19:49:19.209600000Z
EventRecordID 460301
...