Waiting for reply I have my first virus

This thread is waiting for a member reply to continue
Status
Not open for further replies.
L

lwik

New Member
Thread author
Mar 16, 2024
1
Hello, first post and first virus (that I know about) that I have questions about. I have a file that randomly appears in my Temp folder with different names each time like eftrusy.exe. I use Glasswire to make me aware of what is trying to reach the internet. Months ago it gave me a notification that Notepad+ wanted access and I let it. Shortly after that I would randomly have a Windows Command Process pop up that wanted to install an .exe file and would not let me cancel out, it would just pop up again. I would force shut off my computer, reboot and delete that file in my temp folder that it wanted to install. But something would keep recreating that file maybe 30 minutes to 3 days later. So something happened a week ago and the prompts stopped coming up, but now Glasswire is from time to time asks for permissions to allow Notepad+ to reach the internet again. I have run the build in malware that comes with Windows 10 but it finds no problem. Is there a way to find what original .exe file is used to create these .exe files thatget generated in my Temp folder? In the property details you can see the original file name that created it, but I can never seem to find it. Thanks!
virus details.jpg
 
Last edited:
nasdaq

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,599
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

We do not have a crystal ball. Additional Information is required in order to give you sound advice. Please follow these directiives. I will review the logs and advise,

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
L7kNU5y.jpg

Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Please attach the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
[img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]]

Let me know what problems persists.

Wait for further instructions

p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====
 
Status
Not open for further replies.

Similar threads

Lucan01
  • Locked
Solved Security Checkpoint
Replies
10
Views
772
Windows Malware Removal Help & Support
icotonev
icotonev
xonaxa
Waiting for reply Can someone help me
Replies
2
Views
1,594
Mobile Malware Removal Help & Support
lokamoka820
lokamoka820
Fuzzystrawberry
Solved Browser Hijack Virus is Stubborn...
Replies
9
Views
884
Windows Malware Removal Help & Support
icotonev
icotonev

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top