pabiyhf.exe virus?

[NosajAbihs]

Does anyone know anything about this exe? It's in my app roaming file, when I delete it, it reappears and is eating resources and reaching out to IP addresses.

Attached is a screen shot of what its doing to my system, any help would be great.

 

[centaur78]

Please use this tool to update your profile specs

And then use this tool to post all the files here

Please run Autoruns and then click on File> Save.. Save the file in .arn format and upload here. Will have a look

 

[britny]

NosajAbihs


I have never heard about this virus. Use best antivirus to delete this
Try this solution may be it will help you

-Open that .exe file in notepad and delete everything and save the file.
-Now change the file status back to read only mode.
-so that the virus could not get access again

Best of luck

 

[Golden]

NosajAbihs


I have never heard about this virus. Use best antivirus to delete this
Try this solution may be it will help you

-Open that .exe file in notepad and delete everything and save the file.
-Now change the file status back to read only mode.
-so that the virus could not get access again

Best of luck

This ^ is really poor advice!

Please follow centaurs suggestion. In addition, you may also seek opinion by uploading the file to dedicated online virus scanners. Use this tutorial to help you with that:

http://www.sevenforums.com/tutorials/277740-online-scanners-scan-suspicious-files-your-pc.html

Regards,
Golden

 

[Jacee]

Right click to start Task Manager. In the processes, click on the bad file, then end the process.

Next, clean out all temporary files, don't reboot.

Now, Download AdWareCleaner AdwCleaner Download to your desktop
1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
2.Click on Delete button.
3.Confirm each time with OK.
4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Check to see if the bad file has re-appeared in Task Manager process. If it has, end the process again.


I'd like you to scan your machine with ESET OnlineScan

1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
   ESET OnlineScan
2. Click the
   
   button.
3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
   1. Click on
      
      to download the ESET Smart Installer. Save it to your desktop.
   2. Double click on the
      
      icon on your desktop.
4. Check
   
5. Click the
   
   button.
6. Accept any security warnings from your browser.
7. Check
   
8. Push the Start button.
9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
10. When the scan completes, push
    
11. Push
    
    , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
12. Push the
    
    button.
13. Push
    

 

[britny]

NosajAbihs


I have never heard about this virus. Use best antivirus to delete this
Try this solution may be it will help you

-Open that .exe file in notepad and delete everything and save the file.
-Now change the file status back to read only mode.
-so that the virus could not get access again

Best of luck

This ^ is really poor advice!

Please follow centaurs suggestion. In addition, you may also seek opinion by uploading the file to dedicated online virus scanners. Use this tutorial to help you with that:

http://www.sevenforums.com/tutorials/277740-online-scanners-scan-suspicious-files-your-pc.html

Regards,
Golden

When I searched for above problem and i found the solution more suitable that i have posted above.
Anyways thanks for the guidance

 

[NosajAbihs]

So I think I figured it out. I believe the exe above was tied to either Windows Defender or McAfee. I recently downloaded both in response to information from my ISP and sluggish performance from this pc. After uninstalling both and switching to Norton, the pabiyhf.exe disappeared or was stopped by Norton. Now I have cotuh.exe doing similar tasks yet when I shut down Norton, the cotuh.exe ends and doesn't start until I restart Norton. So its either part of Norton or a virus that only runs when Norton is on. Now I'm trying to figure out what igheh.exe is for and what Notekope is in my roaming apps data.

 

[centaur78]

Holly crap !!!!

Somebody ... just shoot me in my head !!!! :shock:

 

[centaur78]

It took you 2 days to come up with that answer ??? :banghead::banghead::banghead:

 

[x BlueRobot]

Have you followed Jacee's or Golden's suggestions?

 

[Jacee]

I already told you that you have a Backdoor Trojan. cotuh.exe is part of your origial topic ..
pabiyhf.exe
See what the Virus Total scan says about this file when it was uploaded https://www.virustotal.com/en/file/...752e786f4d513d364152bfc783538396015/analysis/