full image - Repost: LotL Malware and how to remove it questions (from Reddit.com, LotL Malware and how to remove it questions)
Mining:
Exchanges:
Donations:
So, a black hat hacker picked the lock to my apartment, jacked into my router and installed something the router manufacturer themselves can't figure out. Stole a 32GB SO-DIMM, leaving his own behind as a taunt, too. Yes, I reported this to the authorities. The person that did this was once a friend. He left his cat here. I still take care of her to this day. I caught him running code on my router when I woke up the morning he was supposed to leave. He had stayed two nights with his girlfriend to "visit the cat". Yes, I was that gullible. He sold me a server I never used, fully preparing to use it without permission and when I saw what was on it after the incident and how he had set it up I realized it and did not deploy it. I still have it to this day. I treated this person with respect and decency and helped him and his cat when no one would and this is the thanks I have gotten for it. This is specific and very obviously targeted. My security cams are always erased after a break in. I have not yet deployed the CCTV system I have for several reasons but will soon if I do not find a new place. I have been planning on moving for a while and am still in search of a new place.The "virus" "worm" "rootkit" "malware" "trojan" (It has the hallmarks of all of them) is a "live off the land" type. It is not detected by ANY security software found online and slowly infects EVERYTHING on the network. Every time I replace the router and clean it up I find myself back at square one over the course of a few days to weeks. No matter what I do I keep finding my PCs doing things I do not want which includes driving up my electric bill. I need this to stop permanently.I have zero reason for people to be harassing me. I do not drink, smoke, or do drugs. I do not do anything illegal or anything that would cause this type of monitoring by my own government but I have purchased a plethora of computer products from China, which would be my first guess if I didn't know who was doing this. No, I do not know how to find this person as he lives out of cars and motels, screws people over for places to live and is a general drain on anyone that he knows. I would suspect if I could find a picture I could get this going. This person is a sociopath with warrants for hacking in Florida, as it turns out.This all said, these programs, if the PC is left on and idle or I'm not monitoring Task Manager to close them, will launch other programs and processes in an attempt to run VMs. Each one seems to be for something different and they are layered within each other like Matryoshka dolls. They try to mine bitcoin of various types, operate a botnet, use my email to send emails and of course look at and spy on everything I do. I need help in both the identification of and the removal of this "virus". I had taken several screenshots of this running and found them all deleted when I went to type this which tells me someone is actively involved, it's not just code running amok.The apps appear as windows processes usually stacked into something that is turned off. Like Widgets, Search, different host "experience" apps and so on.Note that no matter how many times I close these "shell" programs they pop up as the same or new ones. Over and over. I have done too much research and have had too many problems to believe these are "normal" windows processes and should be left alone and be ok. The longer I leave them the worse it gets until the machine finally turns the display off and I have to force shutdown. My desktops, laptops and miniPCs are doing this, it's not just one machine so it has become glaringly and jarringly obvious to me. For a small time my gaming rig did not have this malware on it after a router reset but due to my inability at the time to identify this situation I did not realize that it would eventually fall as well.The OSes running are Windows 11, Android, iOS, and macOS. The only machines not infected are the Apple products. There are multiple desktops, laptops, MiniPCs, Tablets and Smart Phones in this situation.Any helpful information, advice and or speculation is welcome. Please do not tell me it's all ok, that everything is fine or that nothing is wrong or out of the ordinary. Nor tell me I need mental help or the sort. If you have nothing nice to say or anything important to add to the conversation, please do not. It leads me to believe you are either naive, a black hat or supporter putting up the "wall of black" I see with so many comments, or genuinely have no idea what you are talking about. I wish I had the time to dive into every sarcastic answer but I do not, I need real help. I did have screenshots but all you are looking at are windows processes mis-reporting what they do so they look benign. They are far from it.Thank you for the time it took to read this and any replies you may give.
Social Media Icons