Virus issue

Cyber-Mav

Cyber-Mav

Cyber-Mav

Soldato
Joined
30 Jul 2005
Posts
20,120
Location
Midlands
convinced iv got a virus some how.
some sort of miner since its got high cpu usage.
virus.jpg

also these 3 entries in defender keep auto reappearing after removing them so something fishy there.

malwarebytes keeps picking up trojan.malpack.generic with a dodgy named exe file in c:\program data\
virus2.jpg


so 100% this thing keeps coming back and adding the exclusions to defender too.
reinstall of whole os is out of the picture its just got way too much on it.
this is a work pc i do have a backup image but would like to see if this virus can be removed before restoring backup image.
 
ok will reinstall malware bytes and run in safe mode.
im pretty sure this is the virus:

Trojan:PowerShell/Bynoco.RR​

its picked up by defender but keeps coming back
 
And trying to get into safe mode it's bricked itself. Issue with windows exe.
Gonna try restore my backup image, looks like it's more recent than I thought at 3 days ago. Will need to scan it once restored to check for viruses
 
i would always go back to a known good restore or a clean install after having something infect your machine. Never know what it’s wrangled its way into.

Kill it with fire.
 
You can use PE tools for virus removal
Even if can't get into safe mode
PE tools probably better than safe mode anyway
Since OS isn't even running then

Spare hard drive/ssd/m2/flash drive
I shove ventoy on there
And a few PE isos
 
restored the image from 3 days ago and all is fine, no viruses in scans although in my haste i think i may have lost my save progress in far cry 6. i has just got off the first island after blowing up the ships so now got to do all that again at some point.
 
Cyber-Mav said:
restored the image from 3 days ago and all is fine, no viruses in scans although in my haste i think i may have lost my save progress in far cry 6. i has just got off the first island after blowing up the ships so now got to do all that again at some point.
Click to expand...
On a work PC? Tut, tut. :p
 
need to build up a set of tools to check for these sorts off things in future.
anyone got any recommendations for free scanner tools to have, portable or ones you dont need to install would be handy
i think kaspersky has one
 
Eset makes a PE
Kaspersky not really recommend
Nowadays due to being Russian
Or something
I know banks withdrew giving you
Free kaspersky due to it

Like I mentioned earlier
Use a spare usb/flash drive/old spare ssd etc
Put ventoy on it
Internal drives useful as ssd or m2 is
Faster ,cheap for a small one,saves hunting
for where you put the flash drives
And drop your isos on there
Would do something like eset as specifically
An anti virus
But also some full PE with multiple
Other tools
Hirens boot Cd
Sergei street PE etc

Those also let you copy data off
Unbootable system
Test drives,ram etc

Edit
Ventoy allows as many isos as can fit
In the drives available size
Much better than having a bundle of
Flash drives with just 1 tool
On each

Yumi multiboot also does

2nd edit
Custom PE like strelec have multiple
Anti virus scanners on there
And Internet connection to update
The definitions
A tool with outdated definitions
Is only slightly better than nothing
 
Last edited:
Cyber-Mav said:
Ventoy I will have a look at.
Can't believe hiren boot cd is still in operation I used that probably 20 years ago
Click to expand...
It wasn't maintained after about 2012
By the original guy
Think members of his forum
Took the project over

Can drag and drop
Or copy and paste with ventoy
No need to even extract your isos
It can also do a load more stuff
But I have never looked into that as
Didn't need to

There's quite a few other PE too
Just Google and you can find
Loads
Ventoy is definitely a good use for
Old 120,250,512gb ssds
That might otherwise get slung
In a drawer
Could be wrong but I don't know
Of any other tools
That can make bootable internal drives
For this kind of stuff
 
i got separate usb sticks for memtest, one for partitioning drives, one for backup software etc. so this ventoy can consolidate them all? thats insane if it works
 
Mcnumpty2323 said:
Eset makes a PE
Kaspersky not really recommend
Nowadays due to being Russian
Or something
I know banks withdrew giving you
Free kaspersky due to it

Like I mentioned earlier
Use a spare usb/flash drive/old spare ssd etc
Put ventoy on it
Internal drives useful as ssd or m2 is
Faster ,cheap for a small one,saves hunting
for where you put the flash drives
And drop your isos on there
Would do something like eset as specifically
An anti virus
But also some full PE with multiple
Other tools
Hirens boot Cd
Sergei street PE etc

Those also let you copy data off
Unbootable system
Test drives,ram etc

Edit
Ventoy allows as many isos as can fit
In the drives available size
Much better than having a bundle of
Flash drives with just 1 tool
On each

Yumi multiboot also does

2nd edit
Custom PE like strelec have multiple
Anti virus scanners on there
And Internet connection to update
The definitions
A tool with outdated definitions
Is only slightly better than nothing
Click to expand...
cant thank you enough for pointing out ventoy to me. this is fantastic, iv just tested it now with few isos and it works perfectly.
 
Cyber-Mav said:
cant thank you enough for pointing out ventoy to me. this is fantastic, iv just tested it now with few isos and it works perfectly.
Click to expand...
You're very welcome mate
Its a great software

If using a large enough drive it can do double duties
You can still shove other stuff on there
That isn't isos
That doesn't stop it functioning
I have a load of PE tools
Windows isos etc on there but I also
Shove text files on there as an extra backup space

I also shove a second copy of my latest
Image backup on there
So I have my recovery image on same drive
As my bootable recovery tool
Have learned over the years to expect the worst
So multiple backup plans never hurts
 
You must log in or register to reply here.
Back
Top Bottom