Posted 01 June 2017 - 03:47 PM
Hi sorry for delay had to reinstall windows many times. I have a severe infection, some sort of rootkit which survives complete reinstalls of windows. I have secure wiped my ssd also still returns.
It has some sort of account folder in hidden recycle folder. Something like 5-1-12-1345667. Have found other folders which are hidden even with protected system folders shown cant see theses. Example $trash in c: there are other hidden $ folders.
Also in system volume information are hidden folders. They are named by really long string of numbers. Found a small hidden partition which should not be there.
No anti virus software detects it (I have tried at least 7). After a reboot any installed antivirus software is completely under the control of the malware. They no longer update but never report this fact to me. It injects its code into them and renders them useless. Found this out through the use of sysinternal tools.
It goes about setting up print servers and terminal service connections. All hidden ofc.
I usually run windows 10 but have fresh installed windows 7, 8, 32bit and 64bit secure wiped drive and disconnected from the the net but still returns.
I could go on and on about what this malware does but this will do for now. Any help will be greatly appreciated.