This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 54%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAN%3C/text%3E%3C/svg%3E)
Hi.
I know already that this title sounds stupid but you must know my issue. After formatting and re-installing my OS and using multiple AV products I’ve came to a conclusion that I have a BIOS/UEFI rootkit or any complicated unheard of malware that infects firmware. It seems like it can evade detection and survive OS reinstallation. Flashing my BIOS/UEFI does not work since it’s peer virus on the OS will re-install its self onto my firmware again. I could just separate the components but I’m not a specialist.
I’ve had this malware for around 2 months and it was made my computer overpriced paper weight although my computer is still very much functional but I do not want to allow the hacker to make bitcoin out of me and steal my passwords. Keep in mind I’m still trying more advanced AV products that can scan for firmware malware. Replacing or wiping hardware is my last option.
I’m planning on taking advantage over my computer warranty so I can get it repaired or replaced. The main question that needs to be answered is that what hardware components need to be wiped or replaced in order to get rid of the malware. Make sure to mention all the components possible that can have a virus in it.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 81%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
How do you know your system is infected with malware?
Do you have sample of the file?
Do you know how you get infected?
In case it is hardware issue, you will need to check with your hardware manufacturer or even update your firmware.
I forgot to mention the Basis that I think I have malware. When ever I open Task Manager my cpu usage is at 40+ but drops immediately to a normal amount. I close it and open it again and the same thing happens. Keep in mind all my updates have been installed and I’m 15 minutes into my OS. Another main reason is that Using Malwarebytes anti-rootkit on safe mode does detect infected files but can’t remediate them. Kaspersky (free), Norton, windows defender and ESET have not detected anything.
How do I know I got infected?
I attempted to download pirated software. Anyways Norton initially blocked the download. I disabled my antivirus in order to install the huge file since false positives were a thing. I was just about to open my ‘software’ but it gave a fake error message saying the file was too big. I already knew that I was infected so I enabled my antivirus and did a full scan. Nothing was detected at all but norton symantec was going crazy.
I uninstalled Norton and used kaspersky. It detected malware on my system. Kaspersky was failing to remove them so my last option was to format and re-install my OS via usb
Most of the malware seemed like it was removed although I’m still having odd symptoms currently. I’m experimenting with new antivirus solutions right now. I did mention that I attempted to pirate software but I’m not asking for help on pirating software at all. Can you finally answer my question? What hardware components need to be wiped or replaced in order to get rid of the malware. Make sure to mention all the components possible that can have a virus in it.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 23%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Firstly using multiple AV make system slow and conflict.
I think you are indicating Firmware malware.
If that be the case then wiping your computer won't eliminate malware in firmware. After a clean install, you're replacing your operating system, but the firmware remains. The only way to get rid of a firmware virus is to reprogram or replace the chip that contains the firmware.
I forgot to mention that I did uninstall and use different AV programs. I don’t know which firmware needs to be replaced or reprogrammed. I did reinstall the BIOS but I’m still infected. The malware could infect other types of firmware that I don’t really know about. If I flash the BIOS will it remove malware classified to infect UEFI? I’m not strong in BIOS and UEFI. If I replace or reprogram the chip that contains my firmware can’t it’s peer virus on my OS reinfect my system?
I advise you to submit the link of infected file and download to:
https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site
This site could scan and analyze it and discover other malicious components.
In case you have any sample of files which you believe might be cause of infection, then submit them to:
https://www.microsoft.com/en-us/wdsi/filesubmission
You haven’t really answered my question. The corrupted file is gone. I formatted and reinstalled my OS although I’m still infected.
You mentioned about downloading them from a website, you may share the link which you download the infected file in the part I share about submit URL. To investigate what cause this issue, it is important to collect and analyze sample.
You may check with your device's manufacturer support in regard to firmware.
It’s a pirating website. Are you sure you want to see it? I don’t think you will but if you download the file that I downloaded you possibly need torrenting software unless you can get it directly. Please let me know if you want the link.
It seems the malware is related to hardware as wiping or formatting OS doesn't really help you.
It seems system is got infected with a bootkit is a malicious program designed to load as early as possible in the boot process. Bootkits are an advanced form of rootkit. They go even further, seeking to infect the master boot record or volume boot record, so it can act even before the loading of the machine's operating system.
It automatically scanned my system very quickly but it says that no malicious files have been detected. It also shows a couple of errors. I don’t think it managed to scan properly.
Seems so, as it's a free version
So what should I do? My device is going to be assessed (not repaired or replaced) by my computer’s service team. How are they even going to find the malware? You haven’t even answered my main question.
Hi there,
Hardware has nothing to do with malware and a simple reset by deleting all the files will resolve the malware infections. Also, make sure you are secured after the reset.
The Windows Malicious Software Removal Tool (MSRT) helps remove malicious software from computers.
Remove specific prevalent malware with Windows Malicious Software Removal Tool (KB890830)
How to prevent and remove viruses and other malware
----------------------------------------------------------------------------------------------------------------------------------------
--If the reply is helpful, please Upvote and Accept it as an answer–
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 95%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
