Posted 29 August 2017 - 02:28 PM
First, thank you for all your efforts. For 3 years I have been fighting an infection that MSFT level 2 techs (remote/in store) and Apple techs (same) have been unable to diagnose much less repair. Symptoms are: new machines are infected by the time setup is completed. Very few A/V programs able to detect Norton, MBAM, Kaspersky, Vipre, Comodo all claim machines clean. Spy bot actually detected, as did hit man pro, and a few others but were unable to delete infects hosts files, registry keys, programs because infection- RAT, I believe- gives infected files NT permissions while changing any owner admin accounts to standard. I have tried disabling remote access but machines infected before I can get that far. I have tried VPN and static ip but remote simply bypasses. Since this seems to be result of an infected network as well as infected machines (+ no admin perms. That would allow net user, sfc chkdsk options but can't. Windows Defender allows access to connection settings- most settings that would help show as grayed out in GUI- I have tried creating rules that should block packets/streams from unidentified IP address. Tracert shows " up address unavailable
I could add quite a bit but probably more efficient for you t request specific info. Open to any outside of box options, e.g. Removing wireless cards and running thru Xytel USG 20W router, or any other suggestions you may have. If further equipment purchase necessary, (I believe Cisco now has business routers that offer far better security than isp router offers. I have never encountered anything as close to AI as this RAT. Capable of deleting text from screen, assessing software for threats and changing extension to .htm or .jpg on some of downloads from your site ( originally .exe)
Would be forever grateful if you were able to help me fix problem BTW almost no services available in safe mode - restarting in services.msc prompts error message. I have to very setting re. Remote access turned off but those essential to infection frayed out.