Hardware replacement or wipe for sophisticated malware infection

Question

Hi.

I know already that this title sounds stupid but you must know my issue. After formatting and re-installing my OS and using multiple AV products I’ve came to a conclusion that I have a BIOS/UEFI rootkit or any complicated unheard of malware that infects firmware. It seems like it can evade detection and survive OS reinstallation. Flashing my BIOS/UEFI does not work since it’s peer virus on the OS will re-install its self onto my firmware again. I could just separate the components but I’m not a specialist.

I’ve had this malware for around 2 months and it was made my computer overpriced paper weight although my computer is still very much functional but I do not want to allow the hacker to make bitcoin out of me and steal my passwords. Keep in mind I’m still trying more advanced AV products that can scan for firmware malware. Replacing or wiping hardware is my last option.

I’m planning on taking advantage over my computer warranty so I can get it repaired or replaced. The main question that needs to be answered is that what hardware components need to be wiped or replaced in order to get rid of the malware. Make sure to mention all the components possible that can have a virus in it.

Answer 1

So I’m writing while scanning my computer with the Microsoft safety scanner that was listed on the website that you mentioned. I already used this tool before and guess what? Before It detected malicious files but couldn’t remove it. I doubt right now it won’t detect anything anyways since I did a fresh OS re-install and the only the persistent malware is left. I bet you didn’t read my body paragraph, didn’t you? You just read the title. I know malware isn’t related to hardware but in some cases you need to reflash or replace components.

For some reason a random command prompt just opened. Is that normal? I was scanning my computer. It’s detecting many malicious, I’m just waiting for it be stuck on one file like the older version.

I accidentally deleted my comment before. I think you can view it. I have nothing to hide.

Answer 2

I just read all these posts and I see and understand @Aaron Naser I myself have been dealing with this Malware/Virus. Almost been 4 months and I have tried almost everything. I know it's a R.A.T. virus with a network of people behind it. While using the Wireshark program I can see there is more than 255 at most at times, sometimes less, other computers connected to my network. It's deep in the kernel is why it's undetected by most AV. The ones I used they just took over so it was pointless to use again as it would just be spread around among different users connected. Some control the desktop, keylogging, downloads while others control bootloading, programs, etc etc. All do a little of this and a little of that to keep from deletion. It may look like nothing is there but believe me there is. Wrapping, masking it all what ever it is but they are there watching at all times, even as I write this. It's like right out of the movies haha people not believing you. I even had them rerouting my calls as I was pretty close to getting rid of it. Pretending to be my ISP and tell me my number did not exist, which clearly was not at all true. I've lost my old email and that too said it didn't exist but now it's part of a group and I can no longer access. I've changed the computer to home but it always goes back and says it's Enterprise/workgroup. Still stumped haha!! And it infects the phones. I have many more pics.