Keep an eye on processes
Virtually all malicious activity happens via processes running in the background.
As part of your active security management plan, you should keep an eye on the running processes on your machine and immediately take action against any suspicious processes. You can use the top command to list all the running processes and highlight how they’re consuming the available resources on your computer. If you want a more user-friendly version of the running processes, install the htop utility from the repos.
Every process is assigned a process ID, or PID, which helps identify and keep track of individual processes. Use the pgrep command to list the PID if a process, such as pgrep vlc . To kill a process you can use the kill command followed by the PID (Process ID) of the unrecognised program.
For example, will instruct the Linux kernel to shut down the kill -9 1934 program associated with the specified PID. You can also kill a process from within the top utility. Press K and then type the PID of the process to terminate it.