Inactive Virus or rootkit on Windows and Linux

Status
Not open for further replies.
I

ivano

Posts: 6   +0
Hello everyone. My computer has a virus / malware that could not be eliminated. I have tried everything. It affected two hard drives. I formatted with Windows and also Kali Linux using its services to search for the malware but could not find it. The virus has full possession of the computer, it controls the internet, makes browser windows pop up, surfing is impossible because nine times out of ten it appears I don't have privileges, and when I start a virus scan it shuts down my pc! Since it runs both on Windows and Linux I think that it's lodged in the motherboard and maybe it is a bootkit. Please, help. Grazie
 
ivano said:
Hello everyone. My computer has a virus / malware that could not be eliminated. I have tried everything. It affected two hard drives. I formatted with Windows and also Kali Linux using its services to search for the malware but could not find it. The virus has full possession of the computer, it controls the internet, makes browser windows pop up, surfing is impossible because nine times out of ten it appears I don't have privileges, and when I start a virus scan it shuts down my pc! Since it runs both on Windows and Linux I think that it's lodged in the motherboard and maybe it is a bootkit. Please, help. Grazie
Click to expand...
I forgot to mention that I used Safe Mode on Windows, and despite the computer shutting down, some scans with virus removal programmes, malware, rootkits, etc., were successful but no threats were detected. How is this possible?
 
Hello Broni. Thank you for the feedback. Unfortunately, I can no longer connect as an error is returned regarding thebnetwork password which I enter correctly. More, any operation I try to do, the computer shuts down and restarts. Kindly, I'd like to know if it's possible that the virus has crept into the motherboard or somewhere else, since formatting with file overwriting carried out even with Linux has not solved the serious problem, thanks again
 
Broni said:
Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Click to expand...
New update. I removed the infected hard disks. I connected a new hard disk via usb. Result: in no time, also this hard disk was infected (any window shakes, taskbar is compromised, impossible to use any browser, administrator password has been changed). More, the computer keeps rebooting, so it's impossible to do anything! I really don't know what to do.
 
It doesn't look to me like an infection. It looks to me more like some serious hardware issue.
I suggest new topic in Windows forum.
 
And so, after everything I described, you think it's a technical problem. Honestly, it would be better, I could solve it in a short time. I don't think that's the case. I repeat that this virus / malware has destroyed three hard drives and it runs on both Windows and Linux. Thanks anyway for your feedback
 
Virus is just a piece of code, so it can't destroy any hardware. It can destroy hard drive content but not hard drive itself.
Since you replaced your hard drive, I don't see how the new one could be infected. Assuming you didn't move any files form the old to the new one.
 
You are not up-to-date.
From the internet: "Security researchers have found a nasty new virus that borrows in to a computer's motherboard, infects PCs as soon as they boot up, and is particularly difficult to detect and dispose of".
You'd better inform yourself before writing your answers
 
First of all, I don't consider your reply being too polite.
Secondly, so called UEFI malware is extremely rare.
www.bleepingcomputer.com

CosmicStrand UEFI malware found in Gigabyte, ASUS motherboards

Chinese-speaking hackers have been using since at least 2016 malware that lies virtually undetected in the firmware images for some motherboards, one of the most persistent threats commonly known as a UEFI rootkit.
www.bleepingcomputer.com www.bleepingcomputer.com
Then, if you still worry, it may be your case, you can install a trial version of one of Eset products, which is able to detect such malware.
www.eset.com

UEFI Rootkit cyber attack - first-ever discovered | ESET

Some UEFI rootkits have been presented at security conferences as proofs of concept; some are known to be at the disposal of governmental agencies. However, until August 2018, no UEFI rootkit was ever detected in a real cyber attack.
www.eset.com www.eset.com
[HEADING=2][/HEADING]
 
Status
Not open for further replies.

Similar threads

Z
Windows Insiders can now use Sudo just like they do on Linux
Replies
3
Views
193
bviktor
B
E
Linux could have been brought down by backdoor found in widely used utility
2
Replies
31
Views
467
ZedRM
ZedRM
midian182
Windows and Microsoft Office are being replaced with Linux and LibreOffice in this German state
Replies
20
Views
210
amghwk
amghwk

Latest posts

Back