Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit/Bootkit, survive system wipe, mouse and keyboard problems


  • Please log in to reply
9 replies to this topic

#1 Smietaneq

Smietaneq

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 08 June 2016 - 05:40 PM

roblem: It seems like FilterKeys will be activated all time and on all OS in HD, it starts in windows XP, then in Ubuntu (in Ubuntu work fine during first 2-3 reboots, in them all evrything works well first 10 mins, then Utilty shows error) and now in windows 7 lite.
When i try to write its like i will pressing Shift all the time, when i activate caps lock letters ar smal but insed of numbers i still have sings (!"· etc...),in accessibility options filterkeys are disable, in windows registry during first time it vas set on 2 (ON all time) then i change it to 0(OFF) and it didnt change, they i try again and value 0 statys, but didnt work.
Keyboard and mouse are PS/2, i check USB keyboard and mouse but they have the same problem.
Try to reinstal controlers but didnt work
In Live USB system all work normaly. 
Also i try few antyviruses (Malavarebytes, Avast, SpyHunter, Reghunter(383 shows but cannot delete them, manually too cause permission denied)Kaspersky etc...)
29774 detections in RootkitRevealer, but when i lunch it, windows pops detection of interactive services (not sure if i translate it good), so i canot save the log.
Now iam using Ubuntu 1
4.04, currently its sems ok, but iam prety sure that in five reboots this iusse will show up again.
Iam not sure if it will be helpful but hear is the link from my old topic
http://www.bleepingcomputer.com/forums/t/61619/rootkitbootkit-survive-system-wipe-mouse-and-keyboard-problems/

 


Edited by Chris Cosgrove, 08 June 2016 - 06:14 PM.
Moved from Linux to 'Am I infected?'


BC AdBot (Login to Remove)

 


#2 Smietaneq

Smietaneq
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 08 June 2016 - 08:40 PM

Noooooo pleas .......
I alredy posted on this forum, then on Virus,Trojan, Spyware, and Malvare Removal Logs, there send me on Linux.



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:11 PM

Posted 09 June 2016 - 09:51 AM

Moved back to Linux
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 pcpunk

pcpunk

  • Members
  • 5,664 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:03:11 PM

Posted 09 June 2016 - 12:50 PM

This is not the same user as you, can you confirm that this was you?

http://www.bleepingcomputer.com/forums/t/61619/rootkitbootkit-survive-system-wipe-mouse-and-keyboard-problems/


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#5 pcpunk

pcpunk

  • Members
  • 5,664 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:03:11 PM

Posted 09 June 2016 - 12:54 PM

I think this is the Thread you wanted to include

http://www.bleepingcomputer.com/forums/t/614138/keyboard-and-mouse-problems-in-all-os-at-the-same-hd/

 

Here is a quote from the last post of the  "Virus, Trojan, Spyware, and Malware Removal Logs" Thread.

 

"I will say however that if your computer still has problems after you install Linux, then your issues are most likely hardware related."

 

 

If Linux works from the USB then this might be the Hard Drive failing so you should look into that.  Maybe run the USB again for a while and see if any issues persist, If they don't then go to the Hardware Section and ask for help.

http://www.bleepingcomputer.com/forums/f/7/internal-hardware/

 

It seems that you still have infections also but I'm not sure?


Edited by pcpunk, 09 June 2016 - 03:38 PM.

sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#6 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:05:11 AM

Posted 09 June 2016 - 04:26 PM

windows 7 lite

Windows 7 Lite is not a Microsoft developed or affiliated product.  Did you get it from some torrent site? If there is a infection of some sort this is where it came from.
 
We cant help you with this because its a pirated product. You will need to remove it and install a genuine Microsoft product.
 
Forum Rules.

No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user. This would also mean encouraging the use or continued use of pirated software is not permitted, and subject to the same consequences.

http://www.bleepingcomputer.com/forum-rules/
 


If Linux works from the USB then this might be the Hard Drive failing so you should look into that

 

 

 

You have an option for both without the need to install anything else:

Checking your RAM (MemTest)

Simply boot your LiveCD, LiveDVD or LiveUSB and on the first menu you will see the option for Checking you Memory RAM:

eExE1.png

This is most likely the BEST app to check your memory. Simply wait until the first line that says PASS gets to 100% (The one that says 4% on the image below). It will repeat itself but with one pass should be enough:

ynSCF.jpg

If you do have a bad memory, you will get at least one RED row on the bottom half of the app. If you get at least one, then you have some serious Memory problems. In the image below, the user has MANY memory problems and should immediately change the RAM:

DZeEy.jpg

I suggest to test each memory individually if you do find a memory error. This way you will know which memory slot is the culprit and can simply change that one.

Checking you HDD or SDD

In the LiveCD, LiveDVD or LiveUSB and without any additional installation you have the Disk application. Simply open Dash and type disk, you will see the "Disk Utility" app:

w9yq6.jpg

Open it and it will look something like this:

FqyTQ.png

Now select your HDD or SDD and then select the Gear icons to the right. From that menu select the SMART option:

cHFDm.png

Here you can see the state of the disk, Temperature, Powered on time and any errors it has, any FAILS it has and you can even check it for problems with the Start Self-Test button below:

C2I5C.png

http://askubuntu.com/questions/317241/can-i-use-ubuntu-to-diagnose-hard-drive-or-ram-problems-in-windows

 

Edit

Fix link
 


Edited by NickAu, 09 June 2016 - 04:55 PM.

Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#7 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,230 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:05:11 AM

Posted 09 June 2016 - 05:10 PM

There's probably a hidden partition that keeps reinfecting your system. I suggest you use your Linux installation using GParted to delete all partitions that are related to pirated Windows or unknown/hidden.

 

You may then have to rebuild GRUB for normal booting.

 

TsVk!



#8 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:05:11 AM

Posted 09 June 2016 - 05:18 PM

 

I suggest you use your Linux installation using GParted to delete all partitions that are related to pirated Windows or unknown/hidden.

+1, format the hdd using Gparted, Then re install a legit copy of Windows followed by Linux.

 

Or just install Linux.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#9 Smietaneq

Smietaneq
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 09 June 2016 - 05:40 PM

Hi, sorry for make u wait, and thanks for move this thread.

No Its not mine.
Memtest runded from LiveUSB after 1 pass didnt show any errors, In smart data &self-test it show no errors, but i start self test now excedente 



Edit:
Update after Self-test Extended, still shows disk is ok 


Edited by Smietaneq, 09 June 2016 - 06:44 PM.


#10 Smietaneq

Smietaneq
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 09 June 2016 - 05:49 PM

I use DBAN (Darik`s Boot and Nuke) its a tool to make and mid level reformat, takes me 4 hours, then i use gparted to make my disk NTFS, and instal Ilegal windows 7, in windows instalation procces FilterKeys popup adn the keyboard iusses continue, after that mAL_rEm018, try to help me but whit illegal windows he cant, so then i make an thread hear, if it was an hardware problem, whit linux based system why the problem shows after few reboots?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users