New
#1
Malware installed a hidden virtual HD/OS on C: partition
I know this because I did a D-Ban wipe that left about 12 GB of the HDD unaccounted for. I forget which utility allowed me to see X: with a 12 GB VM ...I have never installed a VM or used the feature to mount a DVD, etc. My local tech said he got it off, but it was still there when I booted up with no internet cable.
-I was able to view all the folders in the bad OS, but not to open them all. Those that did open had numerous Powershell scripts, and some folder names appeared to be programs for redirection, rewriting BIOS, copying any CD/DVD you insert, taking over control of all USB functions, changing SATA HDDs to SCSI, keeping an extensive Roaming profile even though I disabled sync years ago, and tons more I can't remember.
-Although the malware shows me screens that look like I am changing settings, they revert immediately upon closing the dialogue box.
-There can be hundreds of users connected to dialup (even though I removed my phone modem card and uninstalled its drivers). Can't remember all the steps through Hades it took to get my broadband set up. I had to enter my TWC master e-mail account password, but the baddies already had it anyway.
-Regardless of the device with which, or location from which, I log onto TWC webmail, it immediately becomes infected. I bought a new laptop, and it got infected the second TWC activated my cable modem; the Remote System has rewritten its firmware. Of course, TWC no-customer-service can't help; it's not their fault for allowing a backdoor into their redirect to start with, right?
Is there any way to clean up this PC, guys?