Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Need help - aggressive virus or hack - Infected in April, been driving me crazy!

  • Please log in to reply
No replies to this topic

#1 pleasehelp2341


  • Members
  • 1 posts
  • Local time:11:08 AM

Posted Today, 12:56 PM

Please read this.  


I already know - this sounds absolutely insane - I would like to stress that I am in sound psychological mind, have no mental illness in my family, and am being genuine and honest, I just need help.  I'm 80% sure that I won't be able to post this message, but giving it a shot.  I've tried posting to the forum for months and haven't gotten anything to stick.  I will be as detailed as possible as I'm not sure I will be able to run a FRST or any other scan, nor am I sure it would be effective.


I have been living with an awful virus for going on 4 months.   I consider myself fairly technical, but I was totally wrong - this is way above my pay grade.  It started (or I noticed the virus) around the time I upgraded to 1GB internet.  I also upgraded to a new fancy GB router and Modem as well as around the same time built a new Ryzen desktop.  I haven't been able to take advantage of the internet speed because I don't have full bandwidth capable to me and my hardware is all restricted by whatever the virus is.




Massive redirect:

It doesn't matter what site I go to, what browser I use, I can't get accurate web access.  All of the sites I go to appear to have a tracking element in the URL or html of the site.  I haven't been able to shake this, but what it does is makes any site I go to not official. Any program I download is compromised - nothing passesmd5 or sha checks.


Retains programs: 

If I do try to install something (say MalwareBytes) - the program doesn't work properly and uses massive resources.    When I determine that once again the program is corrupted and uninstall, I will see the same program in taskmanager a month later using a big chunk of resources.  It seems to retain installers and executables.


Encryption Keys:

This virus/hack/rootkit - whatever it is would really like me to send encryption keys into the computer.  I can only assume that it will steal them and completely lock me out of the system.  It has tried to get me to install PK/PGP keys multiple times and continually pushes information pertaining to them.



Certificates for most major companies are fraudulent.  I can't explain how, but it appears the whateveryoucallit bug can recreate certificates almost at will and put them onto the computer. I haven't figured it out yet, but strongly suspect that they do this with tracing of your web traffic.  Once again - have no clue how - but believe this is the case.



I cannot eliminate the virus.  I have formatted my PC at least 20 times, tried manually deleting the boot sector with low level utilities, tried putting in a new HDD, replaced Ram and used a different video card.  I am not sure where this is hiding, or if I am just missing something obvious, but it can't have many places to hide that I haven't tried cleaning.



It appears that drivers and firmware may be a source of infection.  In Windows and Linux, drivers are not what they should be.  Upon installation of a new piece of hardware, the drivers are downgraded to junk.  Monitors will be reduced to generic, same with HDD's, USB Drives, DVD drives, USB Hubs, etc.  Another thing - I'm not sure if this means anything to anyone, but I keep seeing "extensible" drivers all over the place, and they are installed onto my PC.  One coming to mind is Intel USB Extensible Driver 1.0, but my motherboard does not use Intel anywhere except the modem.  I can't get rid of them.



In Linux, the error logs claim that my machine is running as a virtual machine.  Additionally, there appears to be a ranking system in place, almost like a videogame.  I know it sounds crazy, but it seems like people get a certain amount of points depending if I click on something and what I do next.  


Devices and OS:

This is extremely persistent - It will operate on Linux and Windows, but appears to have been written on Linux.  The second I introduce a new computer to my network, it becomes infected.  I've gone through 4 laptops, 1 PC, 2 Android Cell phones, and my TV has become rooted in the process and most likely compromised.  I know it sounds crazy - I get it - you don't have to believe me - but if anyone does - please reach out!


Anyway - does anyone have any clue what this is?  I have more examples of things that have occurred but don't think this will ever make it to anyone so will wrap it up here.  Please don't just reply to do a FRST - I will try again, but like I said I don't think I will be able to.  Willing to wipe the system and start from scratch or whatever else you can think of to fix the above - any help is appreciated!



BC AdBot (Login to Remove)


3 user(s) are reading this topic

0 members, 3 guests, 0 anonymous users