New
#1
Make secure USB stick for malware offline repair
I have one of those baddies that takes over remotely by making your PC part of a domain and taking over SYSTEM and Trusted Installer. It also installs a hidden OS on the HDD, which DBAN didn't erase. I actually booted to it after the wipe, but couldn't get any credentials/user account to allow me to use/change anything.
A clean W7 install isn't a real install - it's a "spoof" version laid over their OS. If you try too many security/hardening settings changes, it locks you out of more and more access by graying out options. It loads its own versions of drivers, and I can't update even with offline mfgr. versions.
Here's Device Manager view By Connection:
DevMgr.1.PNG
DevMgr2.PNG
DevMgr3.PNG
Downloading various scan/fix tools to the desktop as recommended really doesn't work, because SYSTEM already has a spoof version it loads instead of the new file - all scans take about 6-30 seconds for a 250GB HDD. So...
Is there a way to make an absolutely secure USB stick on a clean PC with versions of these programs that run offline? A way that guarantees this malware can't hide on the USB stick?
Thanks, UberGoober