Jump to content

Recommended Posts

Hi! So I’ve been trying to deal with this myself for over a week now-I’m a complete noob but I’ve been just trying everything I can. I am at my wits end and don’t know what to do anymore.. I’ve flashed my UEFI from a non-writeable disk, installed Windows from the same, and I still think I’m infected. Maybe I’m paranoid at this point, but the behavior doesn’t seem normal to me. I’m afraid to even boot up the PC right now. I know this seems insane but I’m worried I have like a GPU crypto miner Trojan that’s stored in its’ vBios or something…I just don’t know what else it could be to keep getting onto a clean UEFI & OS install. I’ve replaced my SSD and DDR4. I’ve activated OpenDNS secure DNS on my network (after factory resetting both the modem and router). The only things left are the CPU and GPU, I think? I know that’s rare but I just am at a loss…I really need help. My PC has literally nothing on it except for Windows 10 right now, so what should my next step be? Can someone just like take over from here and tell me what to do? Haha. Please let me know what kind of log files and all that you need from me. Thanks so much for your time in advance!

Link to post
Share on other sites

Hello @nicholena and :welcome::

While you are waiting for the next qualified/approved malware removal expert helper to weigh in on your topic, and even though you may have run the following Malwarebytes utility, or its subsets, please carefully follow these instructions:

  1. Download the Malwarebytes Support Tool.
  2. In your Downloads folder, open the mb-support-x.x.x.xxx.exe file.
  3. In the User Account Control (UAC) pop-up window, click Yes to continue the installation.
  4. Run the MBST Support Tool.
  5. In the left navigation pane of the Malwarebytes Support Tool, click Advanced.
  6. In the Advanced Options, click only Gather Logs. A status diagram displays the tool is Getting logs from your computer.  WARNING: Do Not click the Repair System under Advanced unless requested to by a Malwarebytes support agent or authorized helper.
  7. A zip file named mbst-grab-results.zip will be saved to the Public desktop, please attach that file in your next reply to this topic. Please do NOT copy and paste.

For the short time between when you post the diagnostic logs, and when your helper weighs in, please take no further self-directed remedial actions that will invalidate the diagnostic logs you will have posted.

Thank you.

Link to post
Share on other sites

Hello. If you have Windows in SAFE Mode with NETWORKING then stick with that.

Use the Network troubleshooter

  1. Open the Windows Settings app.

  2. Go to Update & Security, and select Troubleshoot. 

  3. Click on Internet Connections.

  4. Go to Run the Troubleshooter.

  5. Follow further on-screen instructions and let the process finish.

  6. Restart your PC.

Link to post
Share on other sites

Still stay in Safe Mode with Networking. Study this help article at Tenforums https://www.tenforums.com/tutorials/3520-connect-wireless-network-windows-10-a.html

I would recommend doing OPTION TWO.

Please as much as possible stay calm. Do not rush. Also know that this is not like a live chat room. And know that I have many other cases that are active. And that I am a volunteer here. My next reply opportunity may be very late in the evening, or even perhaps, not like until tomorrow.

Edited by Maurice Naggar
Link to post
Share on other sites

okay, it’s the same issue with the wifi drivers, windows has not loaded them in safe mode, so i would have to exit safe mode and boot normally to connect to the internet at all. i’ll do this- i’ll go to a friend’s and download the programs on their pc, then use a usb to run them? would that work?

Link to post
Share on other sites

Using a clean USB-flash-thumb drive to shuttle tools from 1 working computer to the other is a great way.

At your friend's, please also download and save ADWCLEANER.exe  https://www.bleepingcomputer.com/download/adwcleaner/

also get and save FRST64.exe   ( the 64-bit) to the USB from https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool//dl/82/

Then arrange to copy them to the Desktop of your problem-machine. Let me know after that is done.

CAUTION: Honestly I am not a believer in vBios or BIOS or firmware infections / corruptions. I ignore any such assertions. I use known proven trusted security tools to look for malicious malware. Also, if this machine ONLY just has the Windows O S and nothing else worth having, then let me know. I will then provide the directions for a fresh new CLEAN operating system install from ground zero. 

Edited by Maurice Naggar
added notes
Link to post
Share on other sites

will do, totally understand! and i know, i just don’t know what else to think haha. maybe a boot sector root kit but i don’t know how since i replaced the entire SSD, haha.

 

yes, it has absolutely nothing on it, i’ve wiped it a million times. this is a fresh install as of literally yesterday lol, only thing it has is sophos (my uncle is a network admin guy and he installed it from disk, doesn’t seem to have helped though, plus it wont even scan in safe mode either at the moment..)

 

i’m off to get those programs, i’ll report back soon!

Link to post
Share on other sites

27 minutes ago, nicholena said:

yes, it has absolutely nothing on it, i’ve wiped it a million times. this is a fresh install as of literally yesterday 

Then one must remark, that there was a zig instead of a zag. That is to say, the sequence of steps to do a real CLEAN O S setup somewhere went ASTRAY.  Here is how to do a CLEAN O S setup.

Please ensure you've done a CLEAN install of Windows properly which includes removing ALL partitions from the installation drive.

Clean Install Windows 10 & 11 (2023)
https://answers.microsoft.com/en-us/windows/forum/all/clean-install-windows-10-11-2023/1c426bdf-79b1-4d42-be93-17378d93e587

Edited by Maurice Naggar
Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.