• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Possible hardware persistent malware

EntropicLocal

New Member
Joined
Jan 26, 2021
Messages
9 (0.28/day)
Hi, roughly 2 years ago someone decided to get very very upset online with me, this person knew my exact hardware and what software I ran. Roughly a couple months ago I suspect a file I had received was a rootkit from them; however I have no real way of telling. However I am not comfortable with just formatting my drives, as I know this user would've thought about that already. I am thinking of the worst possible outcome where all infectable hardware is infected.

How would I go about completely nuking every single piece of hardware I have to start fresh and make sure nothing is compromised?

Thank you.
 
Joined
Jan 24, 2021
Messages
31 (0.91/day)
System Name Gaming Workstation
Processor AMD Ryzen 1800X @ 3.6 GHz
Motherboard ASUS Crosshair VI Hero (AMD X370 Chipset)
Cooling CoolerMaster Hyper 212 Black Edition (2 Fans)
Memory G.Skill Trident Z F4-4000C19-GTZSW - 32GB (2X16GB) - 3200MHz @ 14-14-14-14-28-42-etc.
Video Card(s) Zotac Nvidia 1080 Ti AMP Extreme Edition @ 1645 Core & 5400 Memory Clocks
Storage Samsung 840 PRO 250GB SSD + Western Digital WD3000FYYZ 3TB HDD
Display(s) LG27UD68P - LG 27" 4K Monitor @ 3200 X 1800
Case CoolerMaster 690-III Mid-Tower Case
Audio Device(s) RealTek ALC1220 Onboard Sound with Headphones
Power Supply Antec 1500 HCP (1500W)
Mouse Logitech G402
Keyboard Logitech K120 (Temporary)
Software Windows 10 Pro 64-bit
Usually most hardware will not be infected except for your data storage devices. You can run a free online rootkit remover such as MalwareBytes and others. Those should be able to clean out your connected storage devices including your boot drive. After these are cleaned up, you can run the installed version of a good anti-rootkit / anti-virus software for your USB drives, etc.
 

EntropicLocal

New Member
Joined
Jan 26, 2021
Messages
9 (0.28/day)
Usually most hardware will not be infected except for your data storage devices. You can run a free online rootkit remover such as MalwareBytes and others. Those should be able to clean out your connected storage devices including your boot drive. After these are cleaned up, you can run the installed version of a good anti-rootkit / anti-virus software for your USB drives, etc.
I want to just wipe my pc out entirely, just to be safe as there's nothing I dont have backed up regardless. I'm just concerned about bios malware persisting after I format these drives.
 
Joined
Jan 24, 2021
Messages
31 (0.91/day)
System Name Gaming Workstation
Processor AMD Ryzen 1800X @ 3.6 GHz
Motherboard ASUS Crosshair VI Hero (AMD X370 Chipset)
Cooling CoolerMaster Hyper 212 Black Edition (2 Fans)
Memory G.Skill Trident Z F4-4000C19-GTZSW - 32GB (2X16GB) - 3200MHz @ 14-14-14-14-28-42-etc.
Video Card(s) Zotac Nvidia 1080 Ti AMP Extreme Edition @ 1645 Core & 5400 Memory Clocks
Storage Samsung 840 PRO 250GB SSD + Western Digital WD3000FYYZ 3TB HDD
Display(s) LG27UD68P - LG 27" 4K Monitor @ 3200 X 1800
Case CoolerMaster 690-III Mid-Tower Case
Audio Device(s) RealTek ALC1220 Onboard Sound with Headphones
Power Supply Antec 1500 HCP (1500W)
Mouse Logitech G402
Keyboard Logitech K120 (Temporary)
Software Windows 10 Pro 64-bit
From what limited knowledge I have, I don't think a virus or malware can get into your BIOS without specific hardware level access. It shouldn't be able to get into your BIOS under normal circumstances. Have you got any indication that it has corrupted your motherboard or graphics card BIOSes? Otherwise, I don't feel that that issue should be a concern.
 
Joined
Feb 6, 2018
Messages
34 (0.03/day)
Up to my knowledge, hardware level infections need specific bypass/exploits and direct access to hardware itself (read in person). Unless you were running your PC without any security or antivirus it is pretty hard to do over file deployment.
At most the MBR (masterboot record) and system volume information on each drive may be corrupted. Using scans by malwarebytes, Kaspersky free, and Sophos Home (which has same level protection as their corporate one damm good ransomware and antivirus protection) I believe you should be fine. Just in case keep Sophos home installed. Also, you can format and reinstall windows for that added peace.
 
Joined
Jan 5, 2006
Messages
11,203 (2.03/day)
System Name Desktop / Laptop
Processor Intel i7 6700K @ 4.5GHz (1.270 V) / Intel i3 7100U
Motherboard Asus Z170 Pro Gaming / HP 83A3 (U3E1)
Cooling Noctua NH-U12A 2 fans + Thermal Grizzly Kryonaut + 5 case fans / Fan
Memory 16GB DDR4 Corsair Vengeance LPX 3000MHz CL15 / 8GB DDR4 HyperX CL13
Video Card(s) MSI RTX 2070 Super Gaming X Trio / Intel HD620
Storage Samsung 970 Evo 500GB + Samsung 850 Pro 512GB + Samsung 860 Evo 1TB x2 / Samsung 256GB M.2 SSD
Display(s) 23.8" Dell S2417DG 165Hz G-Sync 1440p + 21.5" LG 22MP67VQ IPS 60Hz 1080p / 14" 1080p IPS Glossy
Case Be quiet! Silent Base 600 - Window / HP Pavilion
Audio Device(s) SupremeFX Onboard / Realtek onboard + B&O speaker system
Power Supply Seasonic Focus Plus Gold 750W / Powerbrick
Mouse Logitech MX Anywhere 2 Laser wireless / Logitech M330 wireless
Keyboard RAPOO E9270P Black 5GHz wireless / HP backlit
Software Windows 10 / Windows 10
I do remember this thread though:
 

EntropicLocal

New Member
Joined
Jan 26, 2021
Messages
9 (0.28/day)
I do remember this thread though:
That is whats somewhat concerning me, I just want someone to help me on how I would flash my bios and format the drives to make sure everything is gone
 
Joined
Dec 14, 2013
Messages
1,768 (0.67/day)
Location
Alabama
Processor Ryzen 2700X
Motherboard X470 Tachi Ultimate
Cooling Scythe Big Shuriken 3
Memory C.R.S.
Video Card(s) Radeon VII
Software Win 7
Benchmark Scores Never high enough
Up to my knowledge, hardware level infections need specific bypass/exploits and direct access to hardware itself (read in person). Unless you were running your PC without any security or antivirus it is pretty hard to do over file deployment.
At most the MBR (masterboot record) and system volume information on each drive may be corrupted. Using scans by malwarebytes, Kaspersky free, and Sophos Home (which has same level protection as their corporate one damm good ransomware and antivirus protection) I believe you should be fine. Just in case keep Sophos home installed. Also, you can format and reinstall windows for that added peace.
From what limited knowledge I have, I don't think a virus or malware can get into your BIOS without specific hardware level access. It shouldn't be able to get into your BIOS under normal circumstances. Have you got any indication that it has corrupted your motherboard or graphics card BIOSes? Otherwise, I don't feel that that issue should be a concern.

The only thing that bothers me here is, for example Win 10 upon installation will write a bit of code to the BIOS for checking to see if the board has been changed making the install "Invalid", requiring reactivation of the OS.
An exploit based on that could well manipulate the board's BIOS and I can promise you those that create malware have already thought of that along with other angles of access that's possible to use. I do agree, that would be a specific type of exploit but it's still possible and a real threat because of that.

Malware really doesn't have to be based on hiding within the drive itself, it can be anywhere in the system inside of a piece (BIOS chip for example) that holds info for system operation.
Remember other things like a GPU has these chips too and are a possible target and you can force a flash of these using the flashing software under normal circumstances too.

With the right routine used they could also use that as an exploit and force the BIOS chip, where it's in the board, GPU or just anything else with a BIOS type chip to accept changes which would be the insertion of such malware code.

I'm not saying this is the case here, only that the possibility exists and guys that write this crap aren't dumb and would have considered a good deal of angles to use before deploying the malware.
Just ask our resident toad about such possibilities.

Speaking of such:
@R-T-B You wanna weigh in on this?
 
Joined
Jul 25, 2006
Messages
8,160 (1.53/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Hi, roughly 2 years ago someone decided to get very very upset online with me, this person knew my exact hardware and what software I ran.
Do you know this person personally? If not, then it is extremely unlikely they knew as much about your system as you fear. They probably just had a lucky guess based on some information you posted about your system before.

And just because and even if someone knows which motherboard, CPU, RAM, graphics solution, operating system and other programs you run, that IN NO WAY means they can access first your network, then your computer and then plant malware on your computer. That would be very challenging, even for a pro who is specifically and personally targeting you.

I am not saying it is impossible, but essentially, you would have to allow them access to your computer. This would have to be done by you clicking on an unsolicited link in an spam email they intentionally sent to you. Or they would have to be a next door neighbor or a stranger sitting in a car out front on your street pointing a directional antenna at your house AND you didn't change your wifi passphrase from the default. And note, that would only get them into your network, not your computer. Or they would need to physically connect via Ethernet cable to your network and hopefully you would notice a bad guy sitting in your house doing that. Or last, you left your computer unattended at a coffee shop and this person, who was following you around town, sat down at your computer when you went to the bathroom.

The most likely scenario, if it happened at all, is you fell victim to a "socially engineered" con that tricked you into clicking on an unsolicited link, letting the malware in. This is commonly done by the bad guy sending spam that looks like it came from a legitimate source, like your bank or Walmart, etc. They send it to millions of people, hoping someone will take the bait. The email will claim your account was some how messed up and you need to click some link. That link then infects your computer or asks you to provide your log-in credentials, passwords, account numbers, etc. That information is then sent back to the bad guys.

Even if you were tricked to click on such an unsolicited link, fully updated operating systems and anti-malware programs, and even current browsers are pretty good at blocking the malicious activity.

Sadly, you have not told us anything about this computer - such as the OS. Hopefully it is Windows 10 (or at least W7) and you keep it fully updated. And hopefully, you didn't disable Microsoft Defender (formally Windows Defender) and then didn't install a capable alternative security solution. And you keep your security solution fully updated AND you are not "click-happy" on unsolicited downloads, attachments, links and popups. And finally, you changed the default passwords and passphrases to your computer and network to something not obvious. If you did that, then I highly doubt a person you knew infected your computer. It is just not that simple.

I recommend you make sure your operating system and security are fully updated. Change your wifi passphrase, computer passwords, and passwords to your banks and other important sites. Use a password manager so you only have to remember the password to the password manager. Don't write passwords down.

Use a supplemental scanner to verify you (the user and ALWAYS weakest link in security), or your primary solution didn't let something slip by. I typically recommend Malwarebytes for that.
Roughly a couple months ago I suspect a file I had received was a rootkit from them;
Back to this. How did you receive it? Did you open and run it?
 
Joined
Aug 20, 2007
Messages
14,162 (2.87/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 2080 SUPER XC ULTRA
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
The only thing that bothers me here is, for example Win 10 upon installation will write a bit of code to the BIOS for checking to see if the board has been changed making the install "Invalid", requiring reactivation of the OS.
No, it just composes a hash of your hardware and checks it against a database. It does not write anything to uefi.

@R-T-B You wanna weigh in on this?
Not to be rude, but OP has his answer in the following question:

"Am I a high value target?"

If no, you are probably safe with a reinstall. If yes, burn it and start over, you probably have the money anyways and it'll be less stressful.
 

EntropicLocal

New Member
Joined
Jan 26, 2021
Messages
9 (0.28/day)
No, it just composes a hash of your hardware and checks it against a database. It does not write anything to uefi.


Not to be rude, but OP has his answer in the following question:

"Am I a high value target?"

If no, you are probably safe with a reinstall. If yes, burn it and start over, you probably have the money anyways and it'll be less stressful.
I will flash my bios and format all the drives (I am using Windows 10), thank you for the help.
 
Joined
Dec 14, 2013
Messages
1,768 (0.67/day)
Location
Alabama
Processor Ryzen 2700X
Motherboard X470 Tachi Ultimate
Cooling Scythe Big Shuriken 3
Memory C.R.S.
Video Card(s) Radeon VII
Software Win 7
Benchmark Scores Never high enough
No, it just composes a hash of your hardware and checks it against a database. It does not write anything to uefi.


Not to be rude, but OP has his answer in the following question:

"Am I a high value target?"

If no, you are probably safe with a reinstall. If yes, burn it and start over, you probably have the money anyways and it'll be less stressful.
And that's why I asked for your input. :)
Good to know it doesn't actually write to the BIOS and that's a good thing.
 

EntropicLocal

New Member
Joined
Jan 26, 2021
Messages
9 (0.28/day)
I do have one last question if you fellas don't mind, can a USB stick with Windows get infected by another pc or by the same pc? Thanks.
 
Joined
Aug 20, 2007
Messages
14,162 (2.87/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 2080 SUPER XC ULTRA
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
In theory, yes. It's best to make the install usb on a known clean machine.
 
Joined
Jan 24, 2021
Messages
31 (0.91/day)
System Name Gaming Workstation
Processor AMD Ryzen 1800X @ 3.6 GHz
Motherboard ASUS Crosshair VI Hero (AMD X370 Chipset)
Cooling CoolerMaster Hyper 212 Black Edition (2 Fans)
Memory G.Skill Trident Z F4-4000C19-GTZSW - 32GB (2X16GB) - 3200MHz @ 14-14-14-14-28-42-etc.
Video Card(s) Zotac Nvidia 1080 Ti AMP Extreme Edition @ 1645 Core & 5400 Memory Clocks
Storage Samsung 840 PRO 250GB SSD + Western Digital WD3000FYYZ 3TB HDD
Display(s) LG27UD68P - LG 27" 4K Monitor @ 3200 X 1800
Case CoolerMaster 690-III Mid-Tower Case
Audio Device(s) RealTek ALC1220 Onboard Sound with Headphones
Power Supply Antec 1500 HCP (1500W)
Mouse Logitech G402
Keyboard Logitech K120 (Temporary)
Software Windows 10 Pro 64-bit
You can also make the install USB write protected, just to be sure it won't get the virus written onto it when you try to re-install the OS on the infected machine. There's a setting in the OS that does it, iirc. Please check for it on the clean machine after you make the install USB.
 
Joined
Aug 20, 2007
Messages
14,162 (2.87/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 2080 SUPER XC ULTRA
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
There's a setting in the OS that does it, iirc.
Not that I know of, and I would not trust a software write protect with a malware infested machine anyways.

Some sdcards and usb sticks have a hardware write protect switch though.
 
Joined
Jan 24, 2021
Messages
31 (0.91/day)
System Name Gaming Workstation
Processor AMD Ryzen 1800X @ 3.6 GHz
Motherboard ASUS Crosshair VI Hero (AMD X370 Chipset)
Cooling CoolerMaster Hyper 212 Black Edition (2 Fans)
Memory G.Skill Trident Z F4-4000C19-GTZSW - 32GB (2X16GB) - 3200MHz @ 14-14-14-14-28-42-etc.
Video Card(s) Zotac Nvidia 1080 Ti AMP Extreme Edition @ 1645 Core & 5400 Memory Clocks
Storage Samsung 840 PRO 250GB SSD + Western Digital WD3000FYYZ 3TB HDD
Display(s) LG27UD68P - LG 27" 4K Monitor @ 3200 X 1800
Case CoolerMaster 690-III Mid-Tower Case
Audio Device(s) RealTek ALC1220 Onboard Sound with Headphones
Power Supply Antec 1500 HCP (1500W)
Mouse Logitech G402
Keyboard Logitech K120 (Temporary)
Software Windows 10 Pro 64-bit
Valid point about not relying on a software lock.

I had one instance where someone I knew had sent me a write protected USB stick, and when I had asked, I remembered being told there is some way to do it in the OS. But, I guess I'm wrong. I did check with a USB stick on my system and there does not seem to be any way to lock it. May be some additional software or app he used.

I didn't know that SDCards and USB sticks come with hardware locks! Useful info :)
 
Joined
Mar 26, 2010
Messages
9,000 (2.26/day)
Location
Jakarta, Indonesia
System Name micropage7
Processor Intel Xeon X3470
Motherboard Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156)
Cooling Enermax ETS-T40F
Memory Samsung 8.00GB Dual-Channel DDR3
Video Card(s) NVIDIA Quadro FX 1800
Storage V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB
Display(s) Samsung 21 inch LCD Wide Screen
Case Icute Super 18
Audio Device(s) Auzentech X-Fi Forte
Power Supply Silverstone 600 Watt
Mouse Logitech G502
Keyboard Sades Excalibur + Taihao keycaps
Software Win 7 64-bit
Benchmark Scores Classified
I do have one last question if you fellas don't mind, can a USB stick with Windows get infected by another pc or by the same pc? Thanks.
yea, since most usb drive have no write protect lock to protect it from something like malware, that's one reason i still burn some in dvd
 
Joined
Sep 16, 2018
Messages
1,290 (1.44/day)
Location
Winnipeg, Canada
System Name Street Meat
Processor AMD R5 3600XT
Motherboard Asus ROG Strix B550-F Gaming
Cooling Thermalright Le Grand Macho RT + TY143 + TFX
Memory 16GB G.Skill Trident Z Royal 3200 C14
Video Card(s) EVGA GTX 980 Classified 3988
Storage WD SN750 1TB+500GB, 2x Intel 545s 256, WD1TB Black, 1TB Toshiba
Display(s) 22" Sammy, 55" Hisense
Case Fractal Design Meshify C TG, White
Audio Device(s) NAD, Mission, Monitor Audio
Power Supply CM Silent Pro M2 850
Mouse Zowie EC2 Evo
Keyboard Logitech 910
Software Yes
Benchmark Scores Some numbers
I know this might sound crazy but..

In 2002 I knew a guy, we drank together and took a sheet metal fabrication course together. He was hardcore. He hid stuff in university recycle bins, all kinds of stuff. He told me so much stuff I still have no clue what he was talking about. Like dark web shit before there even was a dark web. He got me a working copy of a really high end Cad/Cam software that was used to start a business (now the owner pays btw), anything I wanted. Anything. He was a member of some prominent groups. They supplied him with hardware.. he didn't have a job.. but ate good food and had nicer clothes. He showed me what he used to do but I wasn't into computers back then so I don't know what he was doing exactly. Anyways, one day he was freaking out saying the CIA wanted to talk to him and that they were coming, and he wanted me to hold on to a hard drive.. I said no way.. of course.. lol.. so it got hidden in a cubby somewhere in the rooming house he was in. I could have sworn he was full of shit, but the panic was genuine. We had a couple of beers that night, and that was the last time I saw him. We were supposed to go for a bike ride the next day. Looking back it is still some pretty crazy shit, I don't even know if I believe it even still.. But I haven't seen him since 2002, he just vanished. None of our mutual friends have heard from him either. He didn't complete the course with me. I do know his family owned some kind of computer business, and he had been around them since he was young.. he was a very smart guy. But you wouldn't know it to look at him..

Your panic reminded me of his panic..
 

EntropicLocal

New Member
Joined
Jan 26, 2021
Messages
9 (0.28/day)
I know this might sound crazy but..

In 2002 I knew a guy, we drank together and took a sheet metal fabrication course together. He was hardcore. He hid stuff in university recycle bins, all kinds of stuff. He told me so much stuff I still have no clue what he was talking about. Like dark web shit before there even was a dark web. He got me a working copy of a really high end Cad/Cam software that was used to start a business (now the owner pays btw), anything I wanted. Anything. He was a member of some prominent groups. They supplied him with hardware.. he didn't have a job.. but ate good food and had nicer clothes. He showed me what he used to do but I wasn't into computers back then so I don't know what he was doing exactly. Anyways, one day he was freaking out saying the CIA wanted to talk to him and that they were coming, and he wanted me to hold on to a hard drive.. I said no way.. of course.. lol.. so it got hidden in a cubby somewhere in the rooming house he was in. I could have sworn he was full of shit, but the panic was genuine. We had a couple of beers that night, and that was the last time I saw him. We were supposed to go for a bike ride the next day. Looking back it is still some pretty crazy shit, I don't even know if I believe it even still.. But I haven't seen him since 2002, he just vanished. None of our mutual friends have heard from him either. He didn't complete the course with me. I do know his family owned some kind of computer business, and he had been around them since he was young.. he was a very smart guy. But you wouldn't know it to look at him..

Your panic reminded me of his panic..
Very sorry that had to happen to you
 
Joined
Oct 24, 2004
Messages
1,294 (0.22/day)
System Name Seriously ?
Processor Core i7 4790K @ 4.4Ghz
Motherboard MSI Z97 Gaming 5
Cooling Alpenföhne Broken 120 + 2 huge coolermaster chassis fans
Memory 2x8GB DDR3 2133Mhz Crucial Ballistix
Video Card(s) Gigabyte Geforce RTX 2070
Storage 1x Kingston SA400 128GB / 1x Crucial CT1050MX300 1TB / 1x Sandisk SSD Plus 1TB
Display(s) 40" Samsung UE40ES5500
Case Cooler Master HAF932
Audio Device(s) onboard realtek audio
Power Supply Corsair AX1200
Mouse Microsoft intellimouse optical
Keyboard Logitech K270
Software Windows 10 Pro
Benchmark Scores https://valid.x86.fr/vmb641
Would wireshark or glasswire help me detect if the malware is still present?

Thanks

If you know what your are looking for (ie: unknow traffic, unknow ports, unknow services) then yes.

Otherwise, it's very unlikely that those tools will be of any help
 

EntropicLocal

New Member
Joined
Jan 26, 2021
Messages
9 (0.28/day)
Would anyone here be able to analyse a wireshark or glasswire log to determine such a thing?
 
Joined
Nov 25, 2020
Messages
67 (0.71/day)
System Name ChinaVirus
Processor Intel Xeon E5 2620 v3 @ 2599.39 MHz
Motherboard Huananzhi X99-F8
Cooling Cooler Master MasterAir MA410P, Fans Corsair AF120
Memory 16Gb (2x8) Micron Technology 8192 MB (DDR4-2400) - P/N: 18ASF1G72PZ-2G3B1
Video Card(s) AMD Sapphire TOXIC R9 280X OC
Storage SSD NVMe 250Gb (KINGSTON SA2000M8250G); HD 1Tb (Seagate ST1000LM024 HN-M101MBB);SSD 1TB KingDian
Display(s) Samsung 7.2 inches (18.3 cm) / 1280 x 720 pixels @ 23-60 Hz
Case Mymax Full Tower Horus black
Audio Device(s) -
Power Supply Cougar Gx 800W 80Plus Gold
Mouse -
Keyboard -
Software Microsoft Windows 10 (10.0) Enterprise LTSB 64-bit
Benchmark Scores https://valid.x86.fr/k9amvl https://gpuscore.top/furmark/show.php?id=212229
That is whats somewhat concerning me, I just want someone to help me on how I would flash my bios and format the drives to make sure everything is gone
Only thing I can say to you is to be very very careful when you flash your mobo or gpu bios, any power loss or power spikes and your components are done.
 
Top