Ran_ISR 0 Posted June 6, 2020 Share Posted June 6, 2020 Hi everyone! Recently I encountered a deadly and very persistent virus. It disabled my operating system (Windows 10) almost completely, no matter what I did (including in safe mode and with no internet), while opening countless times Microsoft's support/help page in my internet browsers. I succeeded (barely..) to reinstall Windows (without formatting the drive), but Windows couldn't launch.. Then, after doing a low level format to both my main drive and my SSD drive, I tried to install Windows - both Windows 10 and Windows 7, but no matter what I did, Windows Setup stop responding (can't click or type anything) after a while. Moreover, my Bios was also infected! When I opened it, the BIOS "help" window opened many times (similar to what happened in Windows) and I needed to close it again and again. So I downloaded an updated Bios in a different PC and used a flash drive to update the Bios (which solved this specific problem). After that I also tried to remove the virus by doing a factory reset to my BIOS (I short the CMOS jumper and as well as removed the battery and returned it after a minute). All that still didn't work... The virus is still there making Windows (10 and 7) setup non responsive. I also ran Kaspersky Rescue Disk. No threats were detected. Before the scan it could only find "clock skew" (since I did factory reset to my BIOS). After the scan was completed the Kaspersky's interface stop responding, exactly as in any other interfaces (Windows 7/10 setup and Windows itself before I did the format). What happens is that after a while I can move the mouse but not click on anything, and most of the times the keyboard also stop doing anything as well. Meanwhile, the hard disk and the SSD drive are both disconnected, as well as the internet, so the problem is probably with the BIOS.. One last thing - I managed to backup some of my data before doing the format. Using a flash drive I transferred my data to my laptop. I fear it might got this infection as well. It hasn't shown the same symptoms yet, but sometimes it shows a strange error that it can't recognize a usb connection (while nothing is connected). Clearly the virus did some heavy damage. I'll be happy if you can help me deal with this very unfortunate situation.. My spec: Gigabyte GA-H97M-D3H LGA 1150 Intel Core i5 4690 3.5 Ghz G. Skill Ares 2X4 GB DDR3 1600 Mhz PC3-12800 Mhz EVGA GTX750Ti Superclocked 2GB GDDR5 Western Digital Caviar Black 1TB Corsair Force LS 120 GB SSD Link to comment Share on other sites More sharing options...
Administrators Marcos 5,158 Posted June 6, 2020 Administrators Share Posted June 6, 2020 BIOS was unlikely attacked by malware, let alone you have to move a hw jumper in order to write into it. Link to comment Share on other sites More sharing options...
itman 1,718 Posted June 6, 2020 Share Posted June 6, 2020 (edited) 1 hour ago, Ran_ISR said: Then, after doing a low level format to both my main drive and my SSD drive, I tried to install Windows - both Windows 10 and Windows 7, but no matter what I did, Windows Setup stop responding (can't click or type anything) after a while. Refer to this TechNet article: https://answers.microsoft.com/en-us/windows/forum/windows_10-update/windows-10-clean-install-on-a-formatted-blank-hard/82017ca0-fae3-4239-96fe-5d3bf6479ad0 Note the comment that the boot-able media needs to be created using Win 10 Media Creation Tool: Quote Use only the Media Creation Tool to create the flash stick installer. No need to use Rufus which can only complicate a fully automated process using MCT. Also since you stated you performed a low-level drive. I assume that the installation drive is presently in an uninitialized state; i.e. no partitions formatted etc.. The Win 10 setup program runs a very long time in this situation and it appears nothing is going on and perhaps the installation is hung. It is not. The installer is instead creating its required partition and formatting it. On a 1TB drive, that is going to take a very long time. Also my understanding in regards to SSD drives are they should never be low level formatted. You may have damaged that drive. You need to download Cosair's drive diagnostic software and verify the drive has no issues. If you are trying to reinstall Win 10 on this drive, the aforementioned might be the problem. As far as your Win 7 reinstall, search the web. I would forget it since it's not supported anymore. Edited June 6, 2020 by itman Link to comment Share on other sites More sharing options...
Ran_ISR 0 Posted June 7, 2020 Author Share Posted June 7, 2020 Thank you for the reply! Please note, as I mentioned, the system stop responding (in the exact same way - UI stop responding after a while) even when I run Kaspersky Rescue disk's interface with both drives disconnected.. So how can it be that the problem derives from Windows/hard drives? Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted June 7, 2020 Most Valued Members Share Posted June 7, 2020 I believe if you would format your disks , and completely reinstall Windows then you will be fine , but as you describe I believe you have a hardware error more than a virus , you could try to boot up a linux live environment and see if your computer acts up with it or not. Link to comment Share on other sites More sharing options...
itman 1,718 Posted June 7, 2020 Share Posted June 7, 2020 9 hours ago, Ran_ISR said: Please note, as I mentioned, the system stop responding (in the exact same way - UI stop responding after a while) even when I run Kaspersky Rescue disk's interface with both drives disconnected.. So how can it be that the problem derives from Windows/hard drives? The whole purpose of the Rescue disk is to scan your existing internal disk drives for malware. It can't do so because the disks are in effect non-functional since they haven't been formatted. The end result is the Rescue disk "hangs" when trying to scan those drives. Link to comment Share on other sites More sharing options...
ESET Moderators Aryeh Goretsky 385 Posted June 8, 2020 ESET Moderators Share Posted June 8, 2020 Hello, Given the age of that hardware (motherboard, CPU and GPU from 2014, SSD from 2013, etc.) are you 100% certain that you are not dealing with a hardware fault? I had a system which had the same type of problem with suddenly freezing at random times in random applications, and it turned out the power supply unit had begun to fail and was no longer delivering power inside its specifications. After I replaced the PSU, everything started working again as normal. Regards, Aryeh Goretsky Link to comment Share on other sites More sharing options...
Ran_ISR 0 Posted June 8, 2020 Author Share Posted June 8, 2020 12 minutes ago, Aryeh Goretsky said: Hello, Given the age of that hardware (motherboard, CPU and GPU from 2014, SSD from 2013, etc.) are you 100% certain that you are not dealing with a hardware fault? I had a system which had the same type of problem with suddenly freezing at random times in random applications, and it turned out the power supply unit had begun to fail and was no longer delivering power inside its specifications. After I replaced the PSU, everything started working again as normal. Regards, Aryeh Goretsky You may be right.. I clearly had a virus before I formatted the drive, since Windows started to behave in a very suspicious way - opening "help" windows countless times, especially when I disconnected the internet (suspicious..), making it almost impossible to operate anything. I could barely rescue the data I had there. At the same time I couldn't run any anti virus software back then.. On the other hand, the system started to be non responsive (can't click or use the keyboard) several months before this behavior occured (and now it's much more severe). It's possible those two symptoms are unrelated. If now I only have a hardware issue, the problem is that I don't know what will fix it - PSU? Memory? The Motherboard? Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted June 10, 2020 Most Valued Members Share Posted June 10, 2020 On 6/8/2020 at 1:35 PM, Ran_ISR said: You may be right.. I clearly had a virus before I formatted the drive, since Windows started to behave in a very suspicious way - opening "help" windows countless times, especially when I disconnected the internet (suspicious..), making it almost impossible to operate anything. I could barely rescue the data I had there. At the same time I couldn't run any anti virus software back then.. On the other hand, the system started to be non responsive (can't click or use the keyboard) several months before this behavior occured (and now it's much more severe). It's possible those two symptoms are unrelated. If now I only have a hardware issue, the problem is that I don't know what will fix it - PSU? Memory? The Motherboard? You just need to follow the trouble till you reach it , like you need to test things , you disconnected your drives and yet still your PC still hanged up? then you might need to look another where PSU power , memory cards (RAM) , etc whatever But I doubt it's a virus , because it sounds more likely an hardware failure. Link to comment Share on other sites More sharing options...
Recommended Posts