Have you guys noticed a ton of "unsolved" cases popping up with users.
Here is a good example.
I have the same problem. The reason no tools, scans, rescue disks, rewriting the MBR, flashing the BIOS, flashing firmware, etc. will never detect or fix the problem. Even a wipe of something like Jetico BC Total Wipeout/hdparm, clearing all or almost all places where flash memory can hide will get rid of it. Even a new hard drive won't get rid of it. Anyone have some SPID tools and know assembly language, lol ?
The reason it never goes away because they are on a virtual machine.
If you look at a lot of these farbar reports etc. I just glanced over a few here...there is a lot of files that don't belong. Many of the files are old experimental files from MS or Intel/AMD.
As the posterabove mentions...it absolutely brute forces in via bluetooth and infects everything around it. It even got my camera.
I can tell pretty quickly when someone has it.
Does anyone have any experience with succesfully getting rid of a hypervisor/firmware/bootkit/BIOS type of exploit?
There is some research papers on the subject...but no one really lays out how to actually get rid of it. Especially if the VM the user is on restricts things like "blue chicken" or other VM detection tools from being run.
This is a new account. I have had paid help, people on this board, etc. no one knows how to get rid of it. Not sur if it is gov't based or what...
Any details or input is welcome.