Results 1 to 2 of 2
  1. #1
    ROG Member Array
    Join Date
    Apr 2018

    Need any help possible - MAJOR VIRUS - PLEASE READ - Crosshair IV MB

    Hey guys-
    I know this is going to sound crazy, but I have multiple people logged into my home network remotely. It appears this is some sort of Bios Rootkit. I can't figure out what to do and REALLY need help.

    So - if I put a USB drive or CD Drive in to boot - the system doesn't even have a chance to read it before there has been an identical partition made (virtually). This partition effectively replaces major drivers in whatever I am trying to boot and makes the tools useless.

    I have unplugged all internet access from my home, but somehow they can still get in (only thing I can think is somehow using 3/4g internet. My cellphone was sent into a boot loop and is also infected.

    All in all, we have 4 laptops with the virus, 3 tablets, 4 cell phones, and my brand new Ryzen build.

    This started shortly after a Windows 10 update a few weeks ago. Applications kept crashing, system was denying me access to files. I got quite upset and formatted the drive and ran a linux distro instead.

    While using Linux, I could see this moving into the bios, videocard, ram, pcie ports, etc. At this point - I just don't know what to do. Can anyone help me? I know it sounds crazy, but I swear this is happening. I've been building computers since I was 10 and am now late 30's - I can't figure it out.

    Thanks!! Also - if there is anywhere else I should post this, please let me know.

  2. #2
    TeamROG Moderator Array xeromist PC Specs
    xeromist PC Specs
    Laptop (Model)Dell Inspiron 15 7567
    MotherboardMSI x470 Gaming Plus
    ProcessorAMD 2600X
    Memory (part number)16GB Crucial Ballistix Elite 3600
    Graphics Card #1ASUS GTX 1080 Strix
    MonitorBenQ BL3200PT
    Storage #1Intel 600p NVMe
    CPU CoolerWraith
    Casecustom Antec 900
    Power SupplyCorsair HX1000
    Keyboard Logitech Orion Spark
    Mouse Logitech MX500
    Headset Plantronics 777 with Oregon Aero upgrade
    xeromist's Avatar
    Join Date
    Jul 2010

    For starters you should disable network connectivity between the devices & machines, not just the Internet connection. If you manage to disinfect one machine it will just get owned again if there is another infected machine on the network.

    If you have a persistent infection then any recovery media you create on these machines may be compromised as well. If you attempt to create any bootable media you should do it with a friend's PC or at work. I wouldn't reuse a flash drive you've already used at home on a friend's machine though. If it's as infectious as you indicate, that could be a bad idea. Alternatively you might need to take your main PC to a PC repair shop. They deal with virus cleaning all the time and they have clean boot disks preloaded with necessary tools.

    I'm also not sure what you mean that you could 'see' a virus moving into your various hardware components. Perhaps you could rephrase that in more detail because it makes you sound like you have delusions of being Neo.
    * Support disease research with Folding@Home *

    < < < Click the drop-down above my avatar for my PC specs!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts