• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Random .exe files generating in temp folder and drives

Joined
Sep 28, 2019
Messages
19 (0.06/day)
Location
iran gilan
System Name L I M A N
Processor i3 9100f
Motherboard ASUS H310 MK
Cooling Green Notus 200 PWM
Memory Team Group 2*4 2400Mhz
Video Card(s) MSI GTX 1060 Gaming X 6Gb
Storage SSD 60Gb Samsung HDD 1Tb Seagate Barracuda
Display(s) HP ZR22w
Case Green MAGNUM 2
Audio Device(s) Microlab Stereo
Power Supply Green GP530A-ES
Mouse TSCO
Keyboard Farassoo
Software Win 10 64Bit Ver1909
Hi guys
This .exe files also had cpu usage about 30 percent with random name for example one of them is bxta.exe in one of my drives
Sometime when im open my discord app on pc it has same cpu usage of 30 percent and when im close it one of these .exe files in temp resume that process by the way im turn off the hardware acceleration and try reinstall 3 times n same problem other hand the firewall some times my firewall ask Allow questions to me about these .exe file for public and private connections how can i slove this im really getting mad
 
Joined
Nov 4, 2005
Messages
10,558 (1.96/day)
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
What antivirus are you running?
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
20,738 (3.50/day)
Processor Core i7-4790K
Memory 16 GB
Video Card(s) GTX 1080
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 7
Does it have a digital signature? Upload it to Virustotal and post the link here
 
Joined
Mar 26, 2010
Messages
8,585 (2.27/day)
Location
Jakarta, Indonesia
System Name micropage7
Processor Intel Xeon X3470
Motherboard Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156)
Cooling Enermax ETS-T40F
Memory Samsung 8.00GB Dual-Channel DDR3
Video Card(s) NVIDIA Quadro FX 1800
Storage V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB
Display(s) Samsung 21 inch LCD Wide Screen
Case Icute Super 18
Audio Device(s) Auzentech X-Fi Forte
Power Supply Silverstone 600 Watt
Mouse Logitech G502
Keyboard Sades Excalibur + Taihao keycaps
Software Win 7 64-bit
Benchmark Scores Classified
any screenshot from task manager or folder where the file run?
 
Joined
Sep 28, 2019
Messages
19 (0.06/day)
Location
iran gilan
System Name L I M A N
Processor i3 9100f
Motherboard ASUS H310 MK
Cooling Green Notus 200 PWM
Memory Team Group 2*4 2400Mhz
Video Card(s) MSI GTX 1060 Gaming X 6Gb
Storage SSD 60Gb Samsung HDD 1Tb Seagate Barracuda
Display(s) HP ZR22w
Case Green MAGNUM 2
Audio Device(s) Microlab Stereo
Power Supply Green GP530A-ES
Mouse TSCO
Keyboard Farassoo
Software Win 10 64Bit Ver1909
i said before it run in temp and sometimes random hard drive partitions
these are new names .exe in temp folder winnwkntf.exe winwcqpd.exe
i dont have antivirus because i have some cracked games
 

Attachments

Joined
Oct 22, 2014
Messages
8,930 (4.23/day)
Location
Sunshine Coast
System Name Black Box
Processor Intel i5-9600KF
Motherboard NZXT N7 Z370 Black
Cooling Cooler Master 240 RGB AIO / Stock
Memory Thermaltake Toughram 16GB 4400MHz DDR4 or Gigabyte 16GB 3600MHz DDR4 or Adata 8GB 2133Mhz DDR4
Video Card(s) Asus Dual 1060 6GB
Storage Kingston A2000 512Gb NVME
Display(s) AOC 24" Freesync 1m.s. 75Hz
Case Corsair 450D High Air Flow.
Audio Device(s) No need.
Power Supply FSP Aurum 650W
Mouse Yes
Keyboard Of course
Software W10 Pro 64 bit
Joined
Nov 14, 2018
Messages
140 (0.22/day)
System Name 24/7 setup
Processor Intel I9 9900k@5.1GHz (Naked, Conductonaut on bare core)
Motherboard Gigabyte z390 Aorus Pro
Cooling Custom wc (2xThermochill PA360 rads, 2xDDC-1 pumps in series, Alphacool NexXxoS GPX, EK Supremacy)
Memory 4x8Gb G.Skill PC3600CL15@3900CL15
Video Card(s) Palit Jetstream 1080ti mining farm salvage (2100/1500, xoc BIOS, no powerlimit, 1.200Vgpu)
Storage Samsung 970 Evo Plus 500GB, Samsung 840Pro 256GB, Samsung 860Evo 500GB, Seagate Barracuda 2TB
Display(s) Samsung 27" LED C27JG50 144Hz VA
Case Lian Li PC343B
Audio Device(s) Onboard
Power Supply Corsair RM1000i
Mouse Logitech G Pro
Keyboard Corsair K70
Software Win10, Win7, Server 2016
I have yet to see an Anti Virus that doesn't have an "Exclude File/Folder" function, even Windows Defender have it (even though it seems to forget from time to time), so no reason to run your PC without any protection, just exclude stuff you don't want it to mess with. This way it should still be able to pick up any random infected exe that spawns around in your file system. Also, it's a good habit to upload any *.exe with questionable origins to VirusTotal before running it :)
 

hat

Enthusiast
Joined
Nov 20, 2006
Messages
21,099 (4.22/day)
Location
Ohio
System Name Starlifter :: Dragonfly
Processor i7 2600k 4.4GHz :: Athlon II x4 630 3.5GHz
Motherboard ASUS P8P67 Pro :: GIgabyte GA-770T-USB3
Cooling Corsair H70 :: Thermaltake Big Typhoon
Memory 2x4GB DDR3 1866 :: 2x1GB DDR3 1333
Video Card(s) 2x PNY GTX1070 :: none
Storage Plextor M5s 128GB, WDC Black 500GB :: Mushkin Enhanced 60GB SSD, WD RE3 1TB
Display(s) Acer P216HL HDMI :: None
Case Antec SOHO 1030B :: Old White Full Tower
Audio Device(s) Creative X-Fi Titanium Fatal1ty Pro - iLive IT153B Soundbar (optical) :: None
Power Supply FSP Hydro GE 550w :: something
Software Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores >9000
THERE'S YA PROBLEM.
You downloaded a virus. :laugh: :laugh: :laugh:
Probably correct.

A lot of cracks will tell you that they need to be excluded from AV because of a false positive: their behavior is similar to a trojan and will be picked up by AV. Unfortunately, sometimes it's more than just similar to malware...
 
Joined
Jul 5, 2013
Messages
10,002 (3.87/day)
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
i said before it run in temp and sometimes random hard drive partitions
these are new names .exe in temp folder winnwkntf.exe winwcqpd.exe
i dont have antivirus because i have some cracked games
Yup, virus. Is Windows Defender updated/working? If not, turn it on. If yes, seek a professional for help.
 

InstantAli3n

New Member
Joined
Jan 30, 2018
Messages
5 (0.01/day)
Yes this is a virus, it is likely a cryptocurrency miner using your hardware/electricity to donate itself some money. It may also be keylogging or tracking your network activity, and sending it back home for someone to hack and sell your accounts and CC info, etc. Think that's a bit much?
Well, sorry to say but it's a thing. It happens. A lot.

:) The first thing you should do is run AdwCleaner! :)

Use all the "Basic repair actions" in settings to reset your firewall and undo any back doors you may have now.
Those quick steps will do a better job than any AV you install. Although at this point I would recommend you ensure Windows Defender realtime protection is enabled and update Windows to v2004 if it hasn't already. (Look in the update section in settings).

Also, I'd seriously recommend changing any critical passwords like your email, steam account ($$$), banking/paypal, etc. Or better yet get a password manager like Dashlane or Lastpass and have it do that for you.

Anyway you almost certainly got that virus from a bad torrent. If you don't have a keen eye to tell which ones are fake with 100% certainty it's best not to risk it. If you pay attention and understand the details it's completely safe. Trusted uploader, expected size, upload date, etc.
If not... well you know.

There is one other way you could have gotten this. If you don't have a good ad blocker setup. I can't recommend uBlock Origin specifically enough. Especially with the Fanboy Ultimate filter. An ad blocker is probably the most important thing you can do to improve your quality of life full stop. lol
 
Last edited:
Joined
Jan 5, 2006
Messages
10,544 (1.98/day)
System Name Desktop / Laptop
Processor Intel i7 6700K @ 4.5GHz (1.270 V) / Intel i3 7100U
Motherboard Asus Z170 Pro Gaming / HP 83A3 (U3E1)
Cooling Noctua NH-U12A 2 fans + Thermal Grizzly Kryonaut + 5 case fans / Fan
Memory 16GB DDR4 Corsair Vengeance LPX 3000MHz CL15 / 8GB DDR4 HyperX CL13
Video Card(s) MSI RTX 2070 Super Gaming X Trio / Intel HD620
Storage Samsung 970 Evo 500GB + Samsung 850 Pro 512GB + Samsung 860 Evo 1TB / Samsung 256GB M.2 SSD
Display(s) 23.8" Dell S2417DG 165Hz G-Sync 1440p + 21.5" LG 22MP67VQ IPS 60Hz 1080p / 14" 1080p IPS Glossy
Case Be quiet! Silent Base 600 - Window / HP Pavilion
Audio Device(s) SupremeFX Onboard / Realtek onboard + B&O speaker system
Power Supply Seasonic Focus Plus Gold 750W / Powerbrick
Mouse Logitech MX Anywhere 2 Laser wireless / Logitech M330 wireless
Keyboard RAPOO E9270P Black 5GHz wireless / HP backlit
Software Windows 10 / Windows 10
Reinstall windows without installing cracked games afterwards.
 
Joined
Mar 26, 2010
Messages
8,585 (2.27/day)
Location
Jakarta, Indonesia
System Name micropage7
Processor Intel Xeon X3470
Motherboard Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156)
Cooling Enermax ETS-T40F
Memory Samsung 8.00GB Dual-Channel DDR3
Video Card(s) NVIDIA Quadro FX 1800
Storage V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB
Display(s) Samsung 21 inch LCD Wide Screen
Case Icute Super 18
Audio Device(s) Auzentech X-Fi Forte
Power Supply Silverstone 600 Watt
Mouse Logitech G502
Keyboard Sades Excalibur + Taihao keycaps
Software Win 7 64-bit
Benchmark Scores Classified
i have some cracked games
yea, thats the answer, one of some of your games that cracked contain virus or somehow malware like

uninstall the games and use antivirus to fix that, if it's bad you should consider reinstall your OS

now just pick one clean your pc without those cracked games or run those malware like but you have the games
 
Joined
Jul 5, 2013
Messages
10,002 (3.87/day)
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
Based on the screen shots, the "cracked" games are unlikely to be the problem. The "Internet Download Manager" seen in that list is far more likely to be the culprit.
 
Joined
Mar 26, 2010
Messages
8,585 (2.27/day)
Location
Jakarta, Indonesia
System Name micropage7
Processor Intel Xeon X3470
Motherboard Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156)
Cooling Enermax ETS-T40F
Memory Samsung 8.00GB Dual-Channel DDR3
Video Card(s) NVIDIA Quadro FX 1800
Storage V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB
Display(s) Samsung 21 inch LCD Wide Screen
Case Icute Super 18
Audio Device(s) Auzentech X-Fi Forte
Power Supply Silverstone 600 Watt
Mouse Logitech G502
Keyboard Sades Excalibur + Taihao keycaps
Software Win 7 64-bit
Benchmark Scores Classified
Based on the screen shots, the "cracked" games are unlikely to be the problem. The "Internet Download Manager" seen in that list is far more likely to be the culprit.
usually IDM just using patch to bypass and not using background app, except he picked the wrong one and ruin his pc
 
Joined
Sep 28, 2019
Messages
19 (0.06/day)
Location
iran gilan
System Name L I M A N
Processor i3 9100f
Motherboard ASUS H310 MK
Cooling Green Notus 200 PWM
Memory Team Group 2*4 2400Mhz
Video Card(s) MSI GTX 1060 Gaming X 6Gb
Storage SSD 60Gb Samsung HDD 1Tb Seagate Barracuda
Display(s) HP ZR22w
Case Green MAGNUM 2
Audio Device(s) Microlab Stereo
Power Supply Green GP530A-ES
Mouse TSCO
Keyboard Farassoo
Software Win 10 64Bit Ver1909
the problem is the firewall because settings is off
thanks so much for these good replays
respact
 
Top