Inactive Acer V5-571P-6642 no boot to Bios/UEFI/Windows/USB/CD ''' Neshta A Trojan, rootkit, virus''

[Neshta]

The only thing I can find that match my symptoms are::Evilduino - similar to PHUKD/URFUKED, but uses Arduino microcontrollers instead of Teensy. Also works by emulating a keyboard/mouse and can send keystrokes/mouse cursor movements to the host according to a preloaded script

I have no idea what to do and I can get no reply or answer from Acer , bleeping or here.

 

[Neshta]

https://ufile.io/s6v1o

another video. This is did deep scan with windows defender. The virus boots with it, spams mouse and on screen keyboard

 

[Cycloid Torus]

Sorry for all the trouble you are having.

It sounds like it has now spread to your phone. Hopefully, you have been able to copy your data to safe storage on non-bootable media (write once CD is best) which you can scan on another machine.

Perhaps it is time to consider replacing all of the infected machines and to donate the problem to a security research effort. Brian Krebs at https://krebsonsecurity.com/ or the folks at Bleeping might help with that. Please do not donate it elsewhere like Goodwill. It sounds like this one is quite dangerous.

Again, sorry for all the misery.

 

[Neshta]

Yeah. At bleeping they responded quickly, but when I listed the issue, I got no response after "as soon as I'm approved I will be helping you", that said; I have a strong feeling this gaming mouse I bought from China off eBay. It doesn't make sense to me. What I did should get rid of a virus. So I did the exact same steps, but this time I am not plugging in the mouse and I'm installing from CD. If it's not there when I restart I would like to donate the mouse. I'm installing windows now. Ill let you know.

 

[Neshta]

https://www.welivesecurity.com/2018/09/27/lojax-first-uefi-rootkit-found-wild-courtesy-sednit-group/

 

[Neshta]

So I installed windows from legacy mode. This time the setup didn't have the virus. When the computer restarted. It restarted to "no operating system found" and without the legacy mode options. And f2 was disabled to where I couldn't enter bios. I put in windows 10 USB, and the virus was there; after a few trys I got it to boot to uefi, where I switched it back to legacy mode. Where windows started and the installation was still virus free. Each time my computer restarts I need to do this to get into windows. My mouse suspicion was correct as I plugged it into a windows tablet, and my tablet was infected. At first sign of it. I shut down the tablet. Chkdsk started and repaired, the tablet doesnt appear to have it even after restarting. I don't think this is due to chkdsk, rather the manufacturers security for the firmware. The uefi root kit flashes your firmware, and installs itself to it. You can read about it in the above article and here: https://www.eset.com/int/uefi-rootkit-cyber-attack-discovered/ this is the first time I have ever heard or thought possible a mouse could infect a computer; but it's real, and really nasty.

 

[Neshta]

I'm really disappointed with the lack of even a suggestion on any forum I posted. Seems the issue is easy ignore. That said; "The recent discovery of LoJax, the first-ever UEFI rootkit detected in a real computer attack shows that, unfortunately, UEFI rootkits may become a regular part of advanced computer attacks".... I suggest you not ignore it before your forum fills with alot of people your ready to ignore

 

[Neshta]

How it's won

 

[Neshta]

I was able to flash the bios. From clean install confirming my suspicions about the firmware on the mouse being infected

 

[Neshta]

I have no virus.

 

[Neshta]

The mouse however is not done. I plugged it into my tablet and it got the rootkit. I'd like to donate the mouse.