Question RAT Infection help

Status
Not open for further replies.

ilkay

Great
Nov 19, 2021
15
0
60
Well,someone hacked me few times.
I had to paid to pc service to remove the viruses.
And i knew from them what's the virus.
Here are the symphoms :
Someone just changed few times my Wifi password.
My mouse is moving at my desktop without i touch it.
Some of my files just disappear.
Also some of my games and browser just stop.
Few of my accounts were compromised etc etc.
Anyway i don't want to pay anymore to remove the virus.
I only tryed to reinstall my Manjaro linux and after this i done a slow level format,but the nasty RAT just remain.
Please post what information may be useful for you.
Thanks. :)
 

ilkay

Great
Nov 19, 2021
15
0
60
I noticed also that my phone is also infected.
And also remain after factory reset.
And offcource my Manjaro linux has been downloaded from the official site and installed with clean (non infected) flash drive.
 

ilkay

Great
Nov 19, 2021
15
0
60
Well i tryed to fix my pc with the following steps :
-From Windows 10 install disk i opened the cmd and typed :
1.bootrec /fixmbr
2.bootrec /fixboot
3.bootrec /scanos
4.bootrec /rebuildbcd

Also i flashed my BIOS.
But the virus is still remain.
Is there something wrong on what i do?
 

COLGeek

Cybernaut
Moderator
If you are performing full, clean installs using legit (safe) software sources, you should be fine afterward.

If you are re-installing questionable software, then you are likely reinfecting your systems.

Here is an additional guide (a bit dated) that may help you clean things up.

 

ilkay

Great
Nov 19, 2021
15
0
60
Yes,i done a full clean install.
And i think that i do something wrong.
I scanned my pc with Kaspesky boot cd and Eset boot anvivirus,but with no success.
Any help removing the virus will be hightly appreciated !
 

ilkay

Great
Nov 19, 2021
15
0
60
Yep,i changed the router password and set up a mac filtering + that i disabled the remote access.
I installed the usual programs steam,discord,games etc.
I never download torrents,always use the official sources from the software.
And i think some of my neighbours has hacked me.

Btw with this command (dd if=/dev/sda of=mbr.bin bs=512 count=1) from my terminal i was able to save the MBR at my desktop and scan it here is the results :


https://www.virustotal.com/gui/file/32b3cbc1647a863e268470adedc8b161765f3fef4d986ca5713600a8a29e210f

Now im starting to think that the virus may be UEFI rootkit.
What you can suggest me to do ?
 
Last edited:
Status
Not open for further replies.