sparta 1 Posted February 13, 2019 Posted February 13, 2019 (edited) hi i have contacted in the past as well for this persistent infection in my windows 10 and windows 7 pc . i have seen that this virus malware etc comes when i connect to internet, even if i have installed alll known antiviruses. only outpost firewall detects it saying unsigned kernel mode driver is about to beinstalled i chose to deny but system still gets infected some how. here is how other antiviruses react to it. kaspersky- protection gets disabled altogether. usb scanner does not detect any thing malwarebytes- protection gets disabled, and even the chamleon is not able to get it working again. norton does not detect anything emsisoft detected download manager trying to download some malware with the original file being downloaded simultaneously. eset secuirty trial just gets disabled . tried all usb scanners as well avast avira kaspersky norton nothing found. tried rootkit scanners as well nothing found. the issue came on win 10 so formatted and installed win 7 but same issue on it as well. system becomes use less either the internet will not connect or if connected system cpu usage will be 100%. so installed ubuntu dual boot with windows and run the windows 7 in vmware in it. even on clean install in vmware it gets infected as the sytem goes online with any of the combinations of antivirus and firewalls (outpost or tinywall or comodo) All windows 7 and 10 systems were fully updated. Some one suggested that it is a network malware. Also some one stole my 50GB data when i was using my previous ISP. they did not do anything asked them to provide details of what was downlaoded they never reverted back so switched ISP. emsisoft is somehow not disabled but it does not detect anything either, i have now spyshelter, osarmor and voodoshield , tinywall no one detects anything or stops kernel mode driver install or from getting infected. when i check my ip in browser it one times said DOD united states. i checked it is department of defense usa?? am i part of some bot network? or has some one hijacked my ip i dont know. now i have to use snapshots in vmware machine as i go online it gets infected and i revert back to snapshot to get it working again. Also the vmware tools show error when it gets infected saying vmware tools are not installed. i ran sigverif in windows+r and it does not detect any unsigned driver. I think i have rootkit which comes from internet every time i connect even on a clean install pc. and then it some how by passes all the firewalls and downloads more malware which are undetected and make system unusable, taskmanager antivrius says you dont have access or file not found etc when run. Also when i log into gmail it says logged in from 1 more location that has same ip and browser as mine. pls help, Edited February 13, 2019 by sparta update
Administrators Marcos 5,449 Posted February 13, 2019 Administrators Posted February 13, 2019 Do you mean that you installed Windows from scratch, then installed ESET from an official download page and shortly after without doing anything or installing any dubious software ESET was disabled?
sparta 1 Posted February 13, 2019 Author Posted February 13, 2019 hi thanks for replying this is my past post I have used several software trials till date on clean installs but when i go online windows update etc is done or if i even download glasswire software to see connections as soon as i install a software the system gets infected as if the malware is in the ssytem always even after full format and reinstall. i think it comes from network. same happens when i am using the vmware virtual machines installed from scratch.
itman 1,801 Posted February 13, 2019 Posted February 13, 2019 There are advanced persistent threats that can survive a HDD reformat and OS reinstall. What needs to be done is a disk wipe utility capable of performing military grade wiping/reformatting on drive be used. On a large hard drive this could take days or even a week or more to complete. A simpler solution is just to replaced the hard drive with a new one. Prior to doing so, I would experiment with a borrowed or unused hard drive from another device. When the OS is installed and AV software installed and no infection reoccurs, you have your confirmation the old hard drive is the source. Also both your PCs are part of a larger local network, the malware could be resident on another device on the network.
Recommended Posts