Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojans and Coin Miners Have Taken Over


  • Please log in to reply

#16
BMiles

BMiles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

And from Rogue Killer

 

RogueKiller Anti-Malware V14.8.0.0 (x64) [Nov 17 2020] (Free) by Adlice Software
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : BevPC [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20201130_103621, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/12/01 11:05:48 (Duration : 00:05:47)
Switches : -minimize
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
  [PUP.Outbyte (Potentially Malicious)] (X86) HKEY_LOCAL_MACHINE\Software\Outbyte -- N/A -> Found
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Outbyte (Potentially Malicious)] (folder) Outbyte -- C:\ProgramData\Outbyte -> Found
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,472 posts
  • MVP

Link doesn't work for some reason.


  • 0

#18
BMiles

BMiles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Link doesn't work for some reason.

 I will try again


  • 0

#19
BMiles

BMiles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

https://www.userbenc...serRun/36220376


  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,472 posts
  • MVP

Benchmark looks good.


  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,472 posts
  • MVP

Go ahead and let Rogue Killer remove the two entries it found.


  • 0

#22
BMiles

BMiles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Benchmark looks good.

I'm a little bit concerned with the performance of my SSD, it's only 2 weeks old. Should it be performing in the 9th percentile?


  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,472 posts
  • MVP

You can try Optimizing the drive and see if that gives any improvement.  Open File Explorer and click on This PC then right click on C: and select Properties.  Then on Tools then hit Optimize then Optimize.  It may not need it since the process is supposed to run once a month or so on its own. 

 

We can also check your hard drive to see if it is up to speed:

HD Tune

https://www.lifewire...-review-2624561


Actual download is at:


http://www.hdtune.co.../hdtune_255.exe


Download, Save, right click and Run As Admin.  Run the Benchmark test and report your min, max & average transfer times.  Ideally the graph would be flat or slightly tilted to the right.  On a bad drive you will see sharp drops.  The fewer programs running at the same time the better.  Pause your anti-virus.

 

This is from my Samsung EVO SSD:

hdtune.jpg

 


  • 0

#24
BMiles

BMiles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Go ahead and let Rogue Killer remove the two entries it found.

Rogue Killer has removed the two entries


  • 0

#25
BMiles

BMiles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

It's not looking so good. I will give optimization a go

 

Capture.JPG

 

 


  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,472 posts
  • MVP

Could also be something using the CPU or writing to the disk that is interfering with the test.


  • 0

#27
BMiles

BMiles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

I dont think it's the CPU as it remains quite stable. I did check the resource monitor from the task manager and appears to be constantly writing from the Registry, Windows Defender, and System.  I'm currently upgrading to the most recent version of Windows 10. 


  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,472 posts
  • MVP

Version 2004 has a problem with SSD PCs.  It can't remember when it last did a trim so it does one every day which will weae out your SSD faster.  Search for

task scheduler

hit Enter

click on the arrow in front of:

 

Task Scheduler Library

then Microsoft

then Windows

Find Defrag and click on it.

Right click on the task in the next pane to the right and Disable.

 

You can see what is writing to the drive:

 

Right click on the clock and select Task Manager
(More Details)
Select Performance
Open Resource Monitor
Disk
Make it full screen
Look in the top pane and find the process with the highest Total (B/Sec)
and check the box in front of the process.
Wait 1 minute and then
Take a screenshot and post it.


  • 0

#29
BMiles

BMiles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

And this is precisely why you guys are amazing! I have disabled the task

 

Here's my screenshot from Resource Monitor

 

Capture.JPG


  • 0

#30
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,472 posts
  • MVP

Disk does not appear to be very busy.  I need to update my instructions to have you expand the middle pane before making the screenshot.  That way if you click on the biggest user you get more details on what it is doing.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP