[SOLVED] Malware remains after format ?

[cybercore]

My pc is infected with RAT which remains after low level format and BIOS flashing.
I've also tried to scan with those boot AV programs,but with no success :
-Kaspersky
-Nod32
And it seems it's not being detected by any AV/Firewall.
What to do guys?
Any help will be hightly appreciated.

 

[rgd1101]

Why do you think you have it?

 

[MrLitschel]

Doing a low level format of your drive and re-flashing the BIOS always works. If it is the only drive in your system then I would tend to think that you may have an issue with your installation media of your operating system. If you have more than one drive, the malware is probably on those additional drives as well.

 

[white.a.drew]

My pc is infected with RAT which remain after low level format and BIOS flashing.
I've also tryed to scan with those boot AV programs,but with no success :
-Kaspersky
-Nod32
And it seems it's not being detected from any AV/Firewall.
What to do guys?
Any help will be hightly appreciated.

If there is a virus that formating the bios and drivers at once dosnt work it's time to rebuild. It's at a level of you have no idea if wormed into the cpu log files the gpu log files or anything else so rebuilding is the only option is to rebuild. Stay of the dark web this won't happen its almost impossible to get these viruses unless doing things you shouldn't. It's almost 96% of the time a government of some sort tracking your system because your doing highly suspicious <Mod Edit>.... unless you have info on there someone really wants.

 

[cybercore]

Why do you think you have it?

Someone is just controling my pc :


-open random browser pages


-restart my pc


-eject my dvd writer


-some of my accounts were compromised


-pc is so slower at moments


-sometimes just close my games when i play


-someone installs programs without i even notice etv etc

And i think im infected with some nasty bootkit.
I also have only 1 HDD on my pc.

 

[MrLitschel]

What installation media are you using? If you formatted the drive and reinstalled the OS, then I would suggest creating a new USB install device with Windows Media Creation and start all over.

https://support.microsoft.com/en-us...-windows-99a58364-8c02-206f-aa6f-40c3b507420d

 

[cybercore]

What installation media are you using? If you formatted the drive and reinstalled the OS, then I would suggest creating a new USB install device with Windows Media Creation and start all over.

https://support.microsoft.com/en-us...-windows-99a58364-8c02-206f-aa6f-40c3b507420d

Im using Linux DVD iso downloaded from offcial site and created on clean pc.

 

[rgd1101]

Someone is just controling my pc :


-open random browser pages


-restart my pc


-eject my dvd writer


-some of my accounts were compromised


-pc is so slower at moments


-sometimes just close my games when i play


-someone installs programs without i even notice etv etc

And i think im infected with some nasty bootkit.
I also have only 1 HDD on my pc.

I mean after the clear format and install

 

[rgd1101]

Im using Linux DVD iso downloaded from offcial site and created on clean pc.

and you didn't install anything after that

 

[cybercore]

and you didn't install anything after that

Yep,only have installed firefox and steam.

 

[MrLitschel]

When you installed Linux, did you delete any and all partitions?

 

[punkncat]

Do you have an extra keyboard and mouse on hand? New?

I had an issue at one point with a keyboard that I tried to clean and ended up having an issue with the "board/traces/contact points" inside and it would do all manner of random things.

 

[cybercore]

When you installed Linux, did you delete any and all partitions?

Yes,i deleted everything and then i installed.

 

[cybercore]

Do you have an extra keyboard and mouse on hand? New?

I had an issue at one point with a keyboard that I tried to clean and ended up having an issue with the "board/traces/contact points" inside and it would do all manner of random things.

Nope,i don't have any new keyboard or mouse.
It's a virus maaan.

 

[MrLitschel]

The last thing I can suggest is to scan the Linux Installation Media (CD/USB Stick) created from the ISO image to see it is infected with something.

 

[Zerk2012]

Unless your installation USB drive has the virus if you do a complete format and reinstall their really no way anything can be their.

I have never seen or heard of one that can attach to your BIOS.

 

[USAFRet]

Try this with a whole new, brand new, hard drive or SSD.
Full clean install, with only that one drive connected.

 

[cybercore]

Try this with a whole new, brand new, hard drive or SSD.
Full clean install, with only that one drive connected.

Is there any other way.?
I can't afford to buy new HDD or SSD right now.

 

[USAFRet]

Is there any other way.?
I can't afford to buy new HDD or SSD right now.

Well...it seems nothing else has worked so far.

 

[ex_bubblehead]

Im using Linux DVD iso downloaded from offcial site and created on clean pc.

Which specific release and what specific site?

It's extremely unlikely (to the point that it's laughable) that you have a Linux distribution harboring a virus or trojan or other malware unless this was obtained from a questionable source.

 

[cybercore]

Which specific release and what specific site?

It's extremely unlikely (to the point that it's laughable) that you have a Linux distribution harboring a virus or trojan or other malware unless this was obtained from a questionable source.

I was on Windows 10 before i post here and then installed the Linux.
I'm starting to think that im infected with some kind of UEFI virus...

 

[white.a.drew]

I was on Windows 10 before i post here and then installed the Linux.
I'm starting to think that im infected with some kind of UEFI virus...

Again this only happens if you have info someone one wants and you let leak you have or you did something you shouldn't have on a government site and they are no tracking your system files..... or faulty hardware. Causing what seems to be a uefi virus. So at this point I'm not really going to help on this one all I can say best of wishes to get rid of it without rebuilding a new system in hole because uefi virus will worm its way into every bios of the system gpu cpu ram cache everything and and thing it can find to hide will be infected.

 

[MrLitschel]

UEFI virus' have been almost unheard of for over 5 years because of advances in system firmware protection. Unless your system is extremely old, it is highly unlikely that you have would been specifically targeted.

As per ex-bubblehead question - Which specific release and specific site did you download the Linux ISO from?