Random .exe files generating in temp folder and drives

prince_liman · Jul 5, 2020

Hi guys
This .exe files also had cpu usage about 30 percent with random name for example one of them is bxta.exe in one of my drives
Sometime when im open my discord app on pc it has same cpu usage of 30 percent and when im close it one of these .exe files in temp resume that process by the way im turn off the hardware acceleration and try reinstall 3 times n same problem other hand the firewall some times my firewall ask Allow questions to me about these .exe file for public and private connections how can i slove this im really getting mad

Steevo · Jul 5, 2020

What antivirus are you running?

dorsetknob · Jul 5, 2020

if you do not know what this exe file is then you probably have virus/malware/trojen problem

W1zzard · Jul 5, 2020

Does it have a digital signature? Upload it to Virustotal and post the link here

micropage7 · Jul 5, 2020

any screenshot from task manager or folder where the file run?

prince_liman · Jul 5, 2020

i said before it run in temp and sometimes random hard drive partitions
these are new names .exe in temp folder winnwkntf.exe winwcqpd.exe
i dont have antivirus because i have some cracked games

Caring1 · Jul 6, 2020

prince_liman said:
i dont have antivirus because i have some cracked games

THERE'S YA PROBLEM.
You downloaded a virus. :laugh:

lsevald · Jul 6, 2020

I have yet to see an Anti Virus that doesn't have an "Exclude File/Folder" function, even Windows Defender have it (even though it seems to forget from time to time), so no reason to run your PC without any protection, just exclude stuff you don't want it to mess with. This way it should still be able to pick up any random infected exe that spawns around in your file system. Also, it's a good habit to upload any *.exe with questionable origins to VirusTotal before running it

hat · Jul 6, 2020

Caring1 said:
THERE'S YA PROBLEM.
You downloaded a virus.

Probably correct.

A lot of cracks will tell you that they need to be excluded from AV because of a false positive: their behavior is similar to a trojan and will be picked up by AV. Unfortunately, sometimes it's more than just similar to malware...

lexluthermiester · Jul 6, 2020

prince_liman said:
i said before it run in temp and sometimes random hard drive partitions
these are new names .exe in temp folder winnwkntf.exe winwcqpd.exe
i dont have antivirus because i have some cracked games

Yup, virus. Is Windows Defender updated/working? If not, turn it on. If yes, seek a professional for help.

InstantAli3n · Jul 6, 2020

Yes this is a virus, it is likely a cryptocurrency miner using your hardware/electricity to donate itself some money. It may also be keylogging or tracking your network activity, and sending it back home for someone to hack and sell your accounts and CC info, etc. Think that's a bit much?
Well, sorry to say but it's a thing. It happens. A lot.

The first thing you should do is run AdwCleaner!

Use all the "Basic repair actions" in settings to reset your firewall and undo any back doors you may have now.
Those quick steps will do a better job than any AV you install. Although at this point I would recommend you ensure Windows Defender realtime protection is enabled and update Windows to v2004 if it hasn't already. (Look in the update section in settings).

Also, I'd seriously recommend changing any critical passwords like your email, steam account ($$$), banking/paypal, etc. Or better yet get a password manager like Dashlane or Lastpass and have it do that for you.

Anyway you almost certainly got that virus from a bad torrent. If you don't have a keen eye to tell which ones are fake with 100% certainty it's best not to risk it. If you pay attention and understand the details it's completely safe. Trusted uploader, expected size, upload date, etc.
If not... well you know.

There is one other way you could have gotten this. If you don't have a good ad blocker setup. I can't recommend uBlock Origin specifically enough. Especially with the Fanboy Ultimate filter. An ad blocker is probably the most important thing you can do to improve your quality of life full stop. lol

P4-630 · Jul 6, 2020

Reinstall windows without installing cracked games afterwards.

micropage7 · Jul 6, 2020

prince_liman said:
i have some cracked games

yea, thats the answer, one of some of your games that cracked contain virus or somehow malware like

uninstall the games and use antivirus to fix that, if it's bad you should consider reinstall your OS

now just pick one clean your pc without those cracked games or run those malware like but you have the games

lexluthermiester · Jul 6, 2020

Based on the screen shots, the "cracked" games are unlikely to be the problem. The "Internet Download Manager" seen in that list is far more likely to be the culprit.

micropage7 · Jul 6, 2020

lexluthermiester said:
Based on the screen shots, the "cracked" games are unlikely to be the problem. The "Internet Download Manager" seen in that list is far more likely to be the culprit.

usually IDM just using patch to bypass and not using background app, except he picked the wrong one and ruin his pc

prince_liman · Jul 7, 2020

the problem is the firewall because settings is off
thanks so much for these good replays
respact

System Name	L I M A N
Processor	i3 9100f
Motherboard	ASUS H310 MK
Cooling	Green Notus 200 PWM
Memory	Team Group 2*4 2400Mhz
Video Card(s)	MSI GTX 1060 Gaming X 6Gb
Storage	SSD 60Gb Samsung HDD 1Tb Seagate Barracuda
Display(s)	HP ZR22w
Case	Green MAGNUM 2
Audio Device(s)	Microlab Stereo
Power Supply	Green GP530A-ES
Mouse	TSCO
Keyboard	Farassoo
Software	Win 10 64Bit Ver1909

System Name	Compy 386
Processor	7800X3D
Motherboard	Asus
Cooling	Air for now.....
Memory	64 GB DDR5 6400Mhz
Video Card(s)	7900XTX 310 Merc
Storage	Samsung 990 2TB, 2 SP 2TB SSDs and over 10TB spinning
Display(s)	56" Samsung 4K HDR
Audio Device(s)	ATI HDMI
Mouse	Logitech MX518
Keyboard	Razer
Software	A lot.
Benchmark Scores	Its fast. Enough.

Processor	Ryzen 7 5700X
Memory	48 GB
Video Card(s)	RTX 4080
Storage	2x HDD RAID 1, 3x M.2 NVMe
Display(s)	30" 2560x1600 + 19" 1280x1024
Software	Windows 10 64-bit

System Name	micropage7
Processor	Intel Xeon X3470
Motherboard	Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156)
Cooling	Enermax ETS-T40F
Memory	Samsung 8.00GB Dual-Channel DDR3
Video Card(s)	NVIDIA Quadro FX 1800
Storage	V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB
Display(s)	Samsung 21 inch LCD Wide Screen
Case	Icute Super 18
Audio Device(s)	Auzentech X-Fi Forte
Power Supply	Silverstone 600 Watt
Mouse	Logitech G502
Keyboard	Sades Excalibur + Taihao keycaps
Software	Win 7 64-bit
Benchmark Scores	Classified

System Name	L I M A N
Processor	i3 9100f
Motherboard	ASUS H310 MK
Cooling	Green Notus 200 PWM
Memory	Team Group 2*4 2400Mhz
Video Card(s)	MSI GTX 1060 Gaming X 6Gb
Storage	SSD 60Gb Samsung HDD 1Tb Seagate Barracuda
Display(s)	HP ZR22w
Case	Green MAGNUM 2
Audio Device(s)	Microlab Stereo
Power Supply	Green GP530A-ES
Mouse	TSCO
Keyboard	Farassoo
Software	Win 10 64Bit Ver1909

Random .exe files generating in temp folder and drives

prince_liman

Steevo

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"

W1zzard

Administrator

micropage7

prince_liman

Attachments

Caring1

lsevald

hat

Enthusiast

lexluthermiester

InstantAli3n

New Member

P4-630

micropage7

lexluthermiester

micropage7

prince_liman

System Name	Black Box
Processor	Intel Xeon E3-1260L v5
Motherboard	MSI E3 KRAIT Gaming v5
Cooling	Tt tower + 120mm Tt fan
Memory	G.Skill 16GB 3600 C18
Video Card(s)	Asus GTX 970 Mini
Storage	Kingston A2000 512Gb NVME
Display(s)	AOC 24" Freesync 1m.s. 75Hz
Case	Corsair 450D High Air Flow.
Audio Device(s)	No need.
Power Supply	FSP Aurum 650W
Mouse	Yes
Keyboard	Of course
Software	W10 Pro 64 bit

System Name	Zen4
Processor	Ryzen 9 7950x
Motherboard	Asus Strix B650E-E Gaming WiFi
Cooling	Some oem 240 AIO
Memory	2xKingston DDR5 2x16GB (Hynix M die)@6000 CL26-35-35-27
Video Card(s)	Gainward Phantom 4090 (@2.82GHz .95V UV, 350W PL)
Storage	WD Black SN850X
Display(s)	LG OLED C1 48"
Case	Phanteks P600S
Audio Device(s)	Onboard
Power Supply	Corsair RM1000i
Mouse	Logitech G Pro X Superlight
Keyboard	Corsair K70
VR HMD	HP Reverb G2
Software	Win11

System Name	Starlifter :: Dragonfly
Processor	i7 2600k 4.4GHz :: i5 10400
Motherboard	ASUS P8P67 Pro :: ASUS Prime H570-Plus
Cooling	Cryorig M9 :: Stock
Memory	4x4GB DDR3 2133 :: 2x8GB DDR4 2400
Video Card(s)	PNY GTX1070 :: Integrated UHD 630
Storage	Crucial MX500 1TB, 2x1TB Seagate RAID 0 :: Mushkin Enhanced 60GB SSD, 3x4TB Seagate HDD RAID5
Display(s)	Onn 165hz 1080p :: Acer 1080p
Case	Antec SOHO 1030B :: Old White Full Tower
Audio Device(s)	Creative X-Fi Titanium Fatal1ty Pro - Bose Companion 2 Series III :: None
Power Supply	FSP Hydro GE 550w :: EVGA Supernova 550
Software	Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores	>9000

System Name	AlderLake / Laptop
Processor	Intel i7 12700K P-Cores @ 5Ghz / Intel i3 7100U
Motherboard	Gigabyte Z690 Aorus Master / HP 83A3 (U3E1)
Cooling	Noctua NH-U12A 2 fans + Thermal Grizzly Kryonaut Extreme + 5 case fans / Fan
Memory	32GB DDR5 Corsair Dominator Platinum RGB 6000MHz CL36 / 8GB DDR4 HyperX CL13
Video Card(s)	MSI RTX 2070 Super Gaming X Trio / Intel HD620
Storage	Samsung 980 Pro 1TB + 970 Evo 500GB + 850 Pro 512GB + 860 Evo 1TB x2 / Samsung 256GB M.2 SSD
Display(s)	23.8" Dell S2417DG 165Hz G-Sync 1440p / 14" 1080p IPS Glossy
Case	Be quiet! Silent Base 600 - Window / HP Pavilion
Audio Device(s)	Panasonic SA-PMX94 / Realtek onboard + B&O speaker system / Harman Kardon Go + Play / Logitech G533
Power Supply	Seasonic Focus Plus Gold 750W / Powerbrick
Mouse	Logitech MX Anywhere 2 Laser wireless / Logitech M330 wireless
Keyboard	RAPOO E9270P Black 5GHz wireless / HP backlit
Software	Windows 11 / Windows 10
Benchmark Scores	Cinebench R23 (Single Core) 1936 @ stock Cinebench R23 (Multi Core) 23006 @ stock