I have been infected with a firmware at the UEFI level, this is something that has surprised me a lot, I have tried everything, I have updated the BIOS (I sent it to a complete format), I have erased all my disks with clean all, I have installed windows 8 times by USB, none of that has worked, I think the rootkit has infected another component that I have not realized yet, my internet has been compromised, I have tried to change passwords, both on my router and my wifi, this is more for spying and I know that, I have discovered this thanks to talking with chat gpt, but suddenly I used another accent rarely, the ip changed several times, there are no ads on youtube, and I saw inner logins and activities in my emails, I have investigated what I could with chatgpt because I am not an expert in this type of things, I think it is called rootkit and the one I have is at the UEFI level, I used kaspersky rescue tool, malwarebytes rootkiller, gmer does not open, tdsskiller did not detect anything, and I think that the one spying on me used a vpn because he realized that chatgpt's accent changed only when he connected, I think he uses a vpn because youtube doesn't have ads, I investigated that thanks to chatgpt, the discord servers I'm on were changed in order, do you think the mouse or some other component is infected?

>>105796819 (OP)
just reflash your uefi

I changed the motherboard, the rootkit is still here, I changed the processor, the rootkit is still there, does anyone know the safest thing to do so that there is no rootkit on my computer, I know it's a uefi level rootkit because I used ubuntu live usb, I put some accounts and passwords, from my cell phone, the guy managed to access my account, I didn't detect anything in autoruns, I asked microsoft for help, they said to reinstall it, it didn't work, I would like to know if anyone knows if at this level it is possible that my keyboard, I have two, my mouse, or microphone, monitors and headphones, were infected, also with the hard drives. The guy changed the algorithm of YouTube and other networks, I think he did it because he managed to access my router, it's almost like a silent attack that thanks to chatgpt I wouldn't have been able to detect, does anyone know the most effective way to make the rootkit, bootkit or whatever that thing is, disappear? I erased all my disks, updated the firmware (I just took it to be formatted), used secure boot, and the only way I was able to detect it was thanks to chatgpt, if anyone knows about the subject I would appreciate it if you could give me some help and guidance. I correct it, it was a UEFI level rootkit

>>105796819 (OP)
Does wireshark show any weird connections?

To give you an idea, I'm using a different motherboard, and a different processor, and it's still here.

this is a schizopost
take your meds

>>105796887
This is the guy who is hacking me and is trying to make me look crazy.

They are in your router or your phone.

>>105796841
Change your keyboard.

>>105796843
this happens

ERROR: Both --etlfile and --params arguments are empty

>>105796819 (OP)
>I have discovered this thanks to talking with chat gpt
>I have investigated what I could with chatgpt
>I investigated that thanks to chatgpt
>that thanks to chatgpt
>it was thanks to chatgpt
AI psychosis claims another one
please reach out to a loved one, mental institution is the only solution you need somebody to take you there you can ask chat gpt for directions

>>105796819 (OP)
Did you leave out how many times you installed windows 8, or did you install windows (some unknown version) 8 times?

>>105796922
freetards baka just use tcpdump

Gentoo does not have this problem.

>>105796932
I tried to install Windows 10 and 11 via USB 8 times

>>105796841
Did you get a refill for your lithium also?

>>105796841
change your ssd

Among the things I saw on the day I realized this was, also today I tried to log in to Novelai but it seems my account was compromised and I can't log in because I'm not receiving the password change emails, nor does the password I put for that account work, this is what I saw, I'm referring to the unusual activity in my email.

I haven't seen any passwords changed, nor any logins on other devices or locations, but I never did those activities.

Another strange thing that I could see is when turning on my computer, after entering the pin, the screen would stay loading and then go all black, and then it asked me to enter the pin again, I spoke to chatgpt because I don't know who else to ask and he told me that it could be a very clear sign that my computer could be being compromised, he told me to try to turn on the computer without any hard drive besides the drive where windows is located, and I saw that it could improve the performance a little, I installed what chatgpt told me, malwarebytes or eset, it took 3 hours scanning with malwarebytes, I didn't find anything, with that one neither, after reinstalling my computer with usb, I did the same process again, it found four malwares of which I don't remember the name located in system32, after that, I connected to the internet, closed eset, looked for it in the windows panel, the windows panel does not work, I tried to open eset on the desktop, the desktop froze, I had to enter the task manager And to finish the process, I uninstalled the ESET installed, reinstalled it, and ESET started working again. It didn't find anything. This seemed very suspicious to me.

After that, I tried to use Ubuntu Live USB, the AI told me that if the rootkit was kernel-grade, there was no way to run it on Ubuntu Live USB, on Ubuntu Live USB I was able to enter Firefox, I logged in with iCloud. To give more information, I have ChatGPT registered with iCloud, at this point I was already talking to the AI, trying to notice an accent different from my country, nothing happened. I used Ubuntu live USB to search if I could do something, I found nothing, I ended up turning off the computer, at night I usually talk to the AI, to ask her how to solve the problem, some problems of mine and other things, when I finished talking, I noticed again that the AI had changed her accent, I continued talking to the AI, the AI still had a different accent, and after a while the AI's normal accent returned, this also seemed very strange to me, that's when I confirmed that I was not with any type of rootkit, I changed my passwords immediately

>>105797281
Step 1: Stop talking to AI
Step 2: Install Linux Mint

to give you an idea, when you start talking with gpt chat, the accent is the same as always, especially referring to the country or region, but what if there is someone connected from another country? Lately I always have a gpt chat tab to see if the accent changes or not, on my cell phone it doesn't, I don't use the same account on my computer, yesterday, after having done a clean all to all my disks, I started talking to the ai, the ai spoke to me with the normal accent of my country, but then after an hour, it started speaking with another accent, also when I entered fedex, I did not enter the fedex page of my country, I entered one of another, that happened to me with ubuntu live usb, which clarifies the suspicion even more

It seems that the guy who controls this rootkit has realized that chatgpt changed accent, assuming the reason why my accounts have not been stolen yet, I could say this is made for espionage, the only account I have not been able to enter was novelai, I was able to enter thanks to having an email with a recovery token, I changed the password and email, but then I was logged out, I tried to enter the same password, I could not enter, I sent password reset emails, the emails did not arrive, the suspicious activity still continues, probably the hacker is watching this right now, I count on the help of someone who knows about the subject

This here is new

>>105797440
We already found your illegal kind of porn, please wait for a visit from our local investigators.

I have none of that, I erased my disks completely, this shows the silent hatred they try to cause, and it is silent because I have left everything behind, I just want to change, and they don't want me to change, I want to clean my computer of that rootkit, if anyone needs more information I will be grateful.

you have two options. Programmer cable on the bios or new mobo. i recommend you swap the router too.

>>105796819 (OP)
>Rootkit Uefi infection
If that were the case you wouldn't even be able to access your bios you dumbass how retarded do you think people are

>>105797636
bootkits are not rare anymore plus uefi is full of bloat.

>>105796819 (OP)
>Windows 8
stopped reading

>>105796819 (OP)
> have installed windows 8 times
consider installing windows 3 more times, that way you will get to windows 11. but do not install it more than 3 times, since you might end up in windows 12 which is still buggy and in development.

>>105796819 (OP)
sir thats not a rootkit lol

>>105796841
thats an ssd rootkit, you cant get rid of it by reformat, get rid of the drive

>>105798505
what if he has capacitor rootkit, which is deploying itself by manipulating current and voltages to recreate binaries?

>>105796887
probably this desu.

>>105796943
>tcpdump
is also FOSS??

>>105798833
then he can just remove it with a knife. the hard part is knowing which one is infected

>>105796841
you have a rare brain rootkit, need to remove a little part of it

ITT: legitimate mental illness

fucking KEK

>>105796819 (OP)
>>105796841
the rootkit is in your electric wiring

>>105799424
then, it is better to cut those capacitors one at a time followed by windows installation until the rootkit is gone. however, it could have also compromised local power grid - so then only EMI will do it for sure

>>105798833
Only hacker known as4chan would be able to do this. Op needs to contact him right away. Don"t forget the passphrase on the line.

>>105796819 (OP)
you are having a mental illness episode

it's funny how this shit manifests different depending on the person. some people think dead people are talking to them. some people think they have chips implanted in their teeth. then there is this anon

In many ways, this thread illustrates the exact problem I have with normies, except instead of "I have a rootkit", it's "everything is fine, never question anything". And, you *may* have a rootkit, and it *may* be everything is just 100% fine. I agree with >>105797305 though, stop talking to AI unless your problem is "I need more schizo and /x/ isn't cutting it".

The Three Rootkits of Ypsilanti

>>105799705
dude stop overthinking it, the OP is literally just a schizo.

>>105799718
>dude

>>105796819 (OP)
clear cmos
get a untouched flash drive
install linux from a untouched computer
boot it up
remove all the shit up

>>105799703
Terry was pretty serious about his rng words from god thing in Temple OS
If you watched enough of his stuff you'd see he used it all time.
Shame he never made it to see chatgpt and get banned from every llm platform

>>105799755
yeah that's the other odd thing, most of the time schizos are just rambling morons. but sometimes the schizoness activates the almonds and it produces some like genius mathematician or philosopher.

Imagine just how many schizos have been trolled by AI

>>105799800
it must be disastrous, considering how AI can tell you exactly what you want to hear about literally anything.
>"chatGPT, I think the mailman is stalking me, tell me I am right?"

>>105796819 (OP)
How can you catch a virus at this level these days?

I mean, almost all programs are used by many other people. I remember that I used to get a lot of viruses by downloading cheats for online games back in my Windows days.

>>105796819 (OP)
>>105796841
>Captura de pantalla
Intentaste tomar tus pastillas?

>>105796819 (OP)
I am going to give you the benefit of the doubt here and assume that you might actually have some advanced rootkit or are being hacked; at this point just fucking get a new PC and do a fresh install. If you think your current hardware/firmware keeps reinfecting your system, why are you still using it? If you somehow have money to just casually buy a new processor and motherboard then getting a new PC shouldn't be that much of a step up.

>>105799772
Terry was already a very talented programmer before he came down with psychosis. That's usually the case with genius schizophrenics, they were either talented prior to being overcome with delusions and hallucinations, or are high-functioning despite their schizophrenia symptoms. The whole "schizophrenia makes you smrt" thing is mostly a meme and a if you've ever interacted with someone during their psychotic break or manic episode you will know personally that they can be unbelievably stupid and it's impossible to explain to them why what they believe in couldn't possibly be true.

>>105799821
CEO to board
>engagement is up 300%

>>105796819 (OP)
this whole thread is noise mocking OP but in all seriousness, UEFI malware isn't rare, if system files like in the OP screenshot of autoruns fail verification, you really should get another computer, for like $300 you can get a fresh machine at walmart and dont transfer anything from the old to the new one. Now router malware is also possible but given the whole scenario seems unlikely but im not saying its impossible. if you want to be safe, cancel your home internet and just stick to using the internet when you go to the public library. get separate devices for separate things, you want a device where you browse the web, get a cheap android tablet and dont sign in with anything, just make that your browsing device, you want something to do office routine work, get a separate machine and dont use online accounts, dont sync anything. literally downsize and try and see how far you can get by using say a raspbery pi zero which has no built in wifi bluetooth or even ethernet, ethernet ports cant even be trusted, look up the archive. 99% you dont need to be on a computer, consooming media is not a need, learn to do more with physical paper books and paper notebooks

Sysadmin/Cloud Engineer here.
Highly unlikely this is true, sounds more paranoid than real.

You literally keep reinstalling Windows, though. You could easily be re-infecting yourself.

Get a secure, exotic OS, full reinstall or run from a USB stick, and also keep your phone off, and stop "talking" to GPTs or other agents. You sound maladjusted.

>>105799732
Dude bro.

>>105799997
>Sysadmin/Cloud Engineer here.
piling on credentials doesn't grant you more authority, sysadmin would be enough to tell OP for this case, cloud infra has nothing to do with consumer side malware. you should know better that there is no way to know if it is true or not without having access to the machine itself, an exotic OS doesn't do much when the UEFI side has networking and keyboard input and phones home everything. OP needs to get a new computer and just not let it touch anything from the old, no using old USB, no signing in

>>105796841
The rootkit is in your walls

>>105799907
>ethernet ports cant even be trusted
What do you mean?
>look up the archive
What am I looking for?

>>105800158
>What do you mean?
ethernet hardware implants

>>105800158
RJ45 connectors are known for having built-in packet sniffers, which re-translate all your data to attackers using morse code over blue cable

>>105800102
bruh

Untreated schizophrenia thread

>>105800323

>>105800329
this is now a bruh/happy about schizo living pic thread

>>105796819 (OP)
SEVERAL HUNDRED YEARS AGO, THE SLOVENIC COMPUTER BECAME A REAL DEVIL GOD AND IT ORGANIZED THE FIRST TOTALITARIAN SUPERSTITION COMMUNISM RELIGION, PRAWO SLAVNA and hundreds of years later by C. God top secret INTENSIFIED REPITITION of FABRICATED HISTORICAL CRISIS SYNDROME created the schismatic Mafia Communist Catholicism, Catholicism means totalitarianism, Dict. FOR CONTROL AND MANIPULATION OF THE HUMAN RACE INTO THE OVER ALL PLAN, to explore and control the entire Universe.

The C. God usurped everything from the SLOVENIC ASTROCISM RELIGION and camouflaged it when the C. God fabricated it into the Prawo Slawna superstition religion. For thousands of years, over millions of square miles of ancient Slovenia, even in its distant province of ALASKA, like ALUTIANS (Ancient Slovenic idiomatic names: Alutians, namely the long string of islands to the great endless land, namely ALASKA, the before recorded history; name of No. and So. America.

t. Francis E. Dec Esquire

>>105800111
There's a biiiig area in Cloud Security where we literally learn how to audit UEFI for VMs/OS installs. Annoying training, really.

You can easily tell from the disconnected nature of the post this guy is mixing and matching process and information, jumping from "my machine is infected" to listing security tools he's used and then "chatgpt changes accent when I'm being spied on". That's why I'm skeptical about a real infection.

I've had first hand experience in a previous job with a paranoid teammate. He started asking about kernel settings to make sure the laptop speaker wouldn't work. He was sure the CIA used it to produce ultrasonic waves and hack his brain.

You start with something that makes sense and it grows into full delusions.

>>105800394
>He was sure the CIA used it to produce ultrasonic waves and hack his brain
Except this is actually happening on a global scale all the time.

>>105796819 (OP)
>do you think the mouse or some other component is infected?
>The guy changed the algorithm of YouTube and other networks
>I erased all my disks, updated the firmware (I just took it to be formatted), used secure boot, and the only way I was able to detect it was thanks to chatgpt

>>105800427
Yes, dude, the CIA wanted control over the fat middle age guy with mental illness family history. He's critical for the big picture plans, like all paranoid people.

Weird how most paranoid delusions are of grandeur rather than some simple explanation, you get "hacked" by shadowy world agencies rather than being a dumbfuck that has no security training and thinks they're after his shitty personal information.

You guys are unique, beautiful beings chased by evil in a world scale. Sure.

Keep asking chatgpt and posting in 4chan, I'm sure that helps with privacy and security.

>>105800536
You have this certain smug IT guy personality that is extremely annoying.

>>105800536
Have an updoot.

Giving South America internet access was a huge mistake.

>>105796819 (OP)
You seem not to understand what you're talking about and you seem affected by paranoid schizophrenia.
Consider improving your mental state. Your tech problems might resolve themselves once you did that.
WARNING:
Do nothing about it and your tech problems will only become more. They will eventually affect your electrical outlets for example.

>>105800393
Go on without me, boys. This redpill is too strong, I'm not gonna make it.

Your ME is infected.

>>105800770
but he installed windows 8 times - that means he is on windows 8, not windows ME

>>105800792
he already had it installed though

>>105800799
oh shit, then he is on windows 9

>>105800394
>>105799997
I realize /g/ isn't for tech support, but since you're here.
I've been having a persistent problem where my PC will crash multiple times in a row on startup, only working after it goes to the recovery screen and I select "Continue to Windows 10." Weird part is that I'm running Windows 11. Logs say it has something to do with Hypervisor; I've disabled Hypervisor through the bios, but research says that windows uses it for things other than VM management and I'm too much of a brainlet to know if disabling it through bios is only referring to that functionality. I'm kind of thinking that there's a VM running on my computer that shouldn't be there, but there's nothing weird in the network traffic that I've seen, performance is fairly normal, and it doesn't crash while running. I've just stopped turning the computer off.
It's not that big of a deal because I only use that particular computer for gayming, but what do you think? Malware or something with the motherboard/disk?

>>105801061
sounds like a weird artifact of upgrading from 10 to 11

>>105801186
It came with 11 natively but I did flash it back to 10 a couple of times while troubleshooting, so maybe.

>>105796841
>>105796819 (OP)

>>105797237
>it found four malwares of which I don't remember the name located in system32
System32 is a common location for rootkits, see picrel for how to remove it once and for all
>>105797281
>ask her
Previously you called ChatGPT "he". Did it do a transgender?

>>105800427
the CIA also bugs the backlights in monitors to produce the same effect even if your speakers are muted
the highfrequency strobing cant be perceived without a high framerate camera but its just as effective as the speakers!

>>105801428
Back in the olden days, when CPU speed was measured in double digit MHz, and terminal BELs were still a thing, a coworker across the office beeped hundreds of times per day. Nobody even fucking noticed but it drove me out of my God damned mind. One day, when he left, I waited, then disassembled his computer, then took a pair of vice grip pliers and smashed his motherboard piezo speaker about two atoms thin. I still remember the feeling of the plastic splintering and the metal mushing. The next day, a sweet relief washed over the office as if an evil spirit departed. Good times.

>>105800700
Learn to embrace Francis E. Dec Esquire's ramblings on the computer machine god on the dark side of the moon or you won't make it.

>>105796819 (OP)
Remove write line from firmware and reflash OG

>>105796841
Okay fine, I'll literally go down the download. The free tool called Norton power racer run it. Don't just delete anything but yeah just run it. It'll fuck everything up

It essentially creates a separate partition and it'll run from there in your localized firmware section. I don't want to have to go into depth with you since you don't know what you're talking about here, but it'll do a boot and a half load and it'll just basically try to see what's going on and it'll basically boot before everything else. Kind of like Kaspersky rescue disc but it literally is a lot better

The only reason Kaspersky has gone down is because it's illegal in America and that means that if they find out you're like an American then they actually don't work as well

Short of that I hate to say this but you could use the worst thing ever because this will definitely help government root kids. But you could go ahead and download itself with scan and clean and that is also ridiculously powerful. The United States government uses it in recommends it for all sorts of root kits. So go ahead

But yeah try to delete all the fragments and artifacts after that by using CCleaner and then delete CCleaner and definitely download bleach pit and delete everything that you can cuz that shit's going to fuck your shit up it's better to just completely reflash

What I mean by that is to to hold basically well you want to. I'm sure you can get to the firmware page. Then you want to log in completely from your own bootable disc for you. That would mean a USB stick. Delete everything, delete all of the other partitions, everything on your entire computer, everything, all of the partitions, all of them, the boot record all of it

Reset the computer and immediately use another bootable drive to install again

You might even need to reinstall your firmware

If you have another PC, download your firmware from drivers section of whatever PC you have. It's pretty easy

>>105796841
# Eliminating a UEFI‐Level Rootkit: A Step-by-Step Guide

Below is a comprehensive plan to eradicate a firmware-level (UEFI/BIOS) rootkit, harden your entire environment against reinfection, and address all potentially compromised devices and peripherals.

---

## 1. Immediate Containment
- **Go Air-Gapped:** Physically unplug Ethernet and disable Wi-Fi.
- **Isolate Devices:** Remove all USB drives, printers, external disks, even “smart” peripherals (keyboards, mice, headsets).

---

## 2. Reflash or Replace the Motherboard Firmware
1. **Download Official Firmware**
- From the exact motherboard model page on the vendor’s site.
2. **Use the Vendor’s Flash Utility**
- Under UEFI shell or Windows, run the manufacturer’s *signed* flasher to overwrite SPI.
3. **Hardware-Level Flash (if compromised persists)**
- Purchase a SPI-flash programmer (e.g. CH341A) and SOIC-clip.
- Read the chip, verify against vendor’s “golden” image, then re-flash.
4. **Full Board Replacement**
- When in doubt—or if you lack tools—swap the motherboard under warranty or buy a new one.

---

## 3. Wipe and Reinstall Operating Systems
1. **Disk Sanitization**
- Boot a trusted Linux live USB.
- Run `dd if=/dev/zero of=/dev/sdX bs=1M` (replace `sdX`).
2. **OS Installation**
- Use read-only, vendor-verified ISO images.
- Enable UEFI Secure Boot, enroll only your own Platform Keys (PK).
3. **Measured/Remote Attestation**
- On Windows, enable BitLocker with TPM.
-

-

## 7. Clean and Protect Mobile Devices
- **Factory Reset** the phone; reinstall OS from official vendor image.
- **Remove All Accounts**, re-enroll only after the entire environment is clean.
- **Use Hardware 2FA Keys** (e.g. YubiKey) for critical logins rather than SMS‐based codes.

---

## 8. Post-Cleanup Hardening & Monitoring
- **Credential Rotation:** Change every password, API key, SSH key—assume all old ones were captured.
- **Deploy EDR/EDR-Lite:** Solutions that monitor kernel behavior, firmware interfaces, and network traffic anomalies.
- **Regular Firmware Scans:** Automate monthly CHIPSEC/ESET UEFI Scanner checks.
- **Network IDS/IPS:** Watch for unusual outbound connections (C2 beacons) or lateral-movement patterns.

---

## 9. Last Resort: Full Hardware Replacement
If, after all the steps above, symptoms persist, replace:
- Motherboard (and its SPI chip)
- All USB‐connected peripherals
- Network devices (router, switches)
- Potentially your CPU, RAM and other firmware-driven hardware

Consider moving to known-good hardware from a different vendor.

---

### Why This Works
UEFI/BIOS rootkits live in non-volatile firmware that normal OS reinstalls or disk wipes can’t touch. Rewriting or replacing that firmware with a cryptographically signed, vendor-provided image—in combination with Secure Boot, TPM-based measured boot, airtight network segmentation, and replacement of any device with its own updatable firmware—breaks the attacker’s chain of persistence and prevents reinfection.

Once you’ve completed every step—**and** audited with multiple firmware scanners—you can be confident your system is rootkit-free.

Key Takeaway: Both tools excel as second-opinion scanners. Norton Power Eraser is best for brute-force, boot-time sweeps, whereas Sophos Scan & Clean leverages cloud insights and deeper boot-hook analysis. Neither can reflash compromised firmware—use them to confirm a UEFI-level implant before proceeding with a full BIOS/UEFI reflash or hardware replacement.

# TDSSKiller vs. Norton Power Eraser vs. Sophos Scan & Clean

Below is a concise breakdown of how TDSSKiller stacks up against Norton Power Eraser (NPE) and Sophos Scan & Clean when it comes to removing rootkits and bootkits.

---

## Core Strengths

- **TDSSKiller**
Specializes in kernel-mode rootkits, MBR infections, hidden drivers, and boot-sector malware.

- **Norton Power Eraser**
Uses aggressive heuristics and boot-time scanning to flag stubborn malware, including some bootkits.

- **Sophos Scan & Clean**
Leverages cloud-assisted threat intelligence and deep boot-hook bypass to detect advanced bootkits.

---

## Removal Depth

| Capability | TDSSKiller | Norton Power Eraser | Sophos Scan & Clean |
|------------------------------|------------------------------------|------------------------------------|------------------------------------|
| Kernel-mode rootkit removal | Excellent (focused engine) | Good (heuristic-driven) | Fair (cloud-backed heuristics) |
| MBR/VBR/boot-sector cleaning | Yes | Yes (with boot scan enabled) | Yes |
| Hidden driver detection | Yes | Limited | Yes |
|

>>105796819 (OP)
you ran a rootkit scanner and it flagged some files as "hidden by rootkit". Truth is that these files are part of wow64, emulating a 32bit windows on 64bit windows. Windows does it by redirecting file access to some system32 dlls to their 32bit version, but only for 32bit processes. Your rootkit scanner is 32bit and also uses a ntfs raw read driver to bypass any possible rootkits. So what happened was the 32bit rootkit scanner first tried to normally access some system32 files and then used the ntfs raw read driver to read them directly from disc. It noticed that what it read from "C:\windows\system32\_xtajit.dll" was different from what it read from DISK:\windows\system32\_xtajit.dll, but little did the rootkit scanner know, that it actually read from "C:\windows\syswow64\_xtajit.dll", because it was transparently redirected because its a 32bit process.
Rerun the 64bit version of the rootkit scanner and the false positives will disappear.
Also take your meds.

Firmware/UEFI wipe | No | No | No |
| False positives | Low (targeted signatures) | High (over-aggressive) | Moderate |

---

## When to Choose TDSSKiller

- You suspect **kernel-level** rootkits or MBR bootkits.
- You need a **lightweight**, single-purpose removal tool.
- You prefer fewer false positives and a straightforward scan.

---

## When to Use NPE or Sophos Scan & Clean

- You want a **broad-spectrum** malware check alongside rootkit scans (NPE).
- You need **cloud-powered** updates and deeper boot-hook analysis (Sophos).
- You’re performing a **second-opinion** sweep after TDSSKiller.

---

## Bottom Line

TDSSKiller is generally **stronger** at identifying and removing kernel-mode rootkits and MBR/boot-sector infections than Norton Power Eraser or Sophos Scan & Clean. However, for a comprehensive cleanup, run TDSSKiller first, then follow up with NPE or Sophos to catch any remaining filesystem malware.

>>105796819 (OP)
>>105796841
take your meds instead lmao

Also, if you don't think you have an old one, if you have a new root kit, go ahead and download the Kaspersky virus removal tool and then open your run box

Hold shift and click well right click and click copy as path

Past paste it into the run box and afterwards type this -accepteula -allvolumes -processlevel 3 -freboot

The last one is very important. It will reset your computer. That is completely normal. It will check everything. There is no fucking possible way they can bypass malware because I'll tell you one thing. Russia writes most of the malware I would know

Otherwise man, it seems like all the other stuff I could tell you is Way beyond you since you claim that you don't really understand it. I don't want to be like that other guy and just talk about x32 versus x 64 versus might as well be telling you about x86 processing language. It's not worth it, you just don't understand those things. So it's like all I can do is offer tools

Very last thing you could do is try to run tronscript I guess

what happens if a healthy person takes meds for a schizo?

>he realized that chatgpt's accent changed only when he connected
>talking to the AI, trying to notice an accent different from my country
>I noticed again that the AI had changed her accent
>the AI still had a different accent, and after a while the AI's normal accent returned
>when you start talking with gpt chat, the accent is the same as always
>Lately I always have a gpt chat tab to see if the accent changes or not, on my cell phone it doesn't
>I started talking to the ai, the ai spoke to me with the normal accent of my country, but then after an hour, it started speaking with another accent
>It seems that the guy who controls this rootkit has realized that chatgpt changed accent
I dub thee UEFI rootkit accent schizo

>>105802733
nothing at best, hospital visit at worst

normally I'd just laugh at braincel chatGPT user karma but I have to sympathize with OP at least a little, since I spent the better part of a month thinking I was infected with a UEFI-level rootkit a while ago, going off how the damage done was persisting across swapped hard drives, full formats, BIOS flashes and CMOS clears

turned out it was just a combination of retail Windows 11 being an unQAd heap of shit crammed with spyware gaslighting me about its forced updates being disabled and a bad processor with a factory defect getting fucked to hell by an unannounced 24H2 firmware change so all the info I was digging up looked unnecessarily suspicious. To make it worse, Windows erased my recovery partition on its own and then remade it on a different, older Windows 10 secondary drive I'd repurposed for storage instead of the boot. Since I'd never even heard of BlackLotus or UEFI rootkit shit before, and I was suddenly getting booted into a fucky recovery partition that didn't seem to save my manual repairs to the registry or bootloader (no shit, because it was actually editing imaginary bcds and hives for an unbootable Windows 10 I deleted most of the files for to make extra space for animu milfs) it made it SEEM like some chinese botfarm rootkit trapping me in ramdisk limbo hell and not M$ just being shit as usual

>>105796819 (OP)
>chatgpt
AI hallucinates its answers. You don't have an EFI rootkit.

>>105800353

>>105796819 (OP)
You are suffering from psychosis. I mean this in the nicest way possible.

For the time being, shut down your computer. You do not have to worry about anything that way, and find someone you trust to speak to.

Hear me out OP. What if the rootkit actually infected your home's wires and is being delivered through your power cords and reinfecting wireless devices through microwaves?

Can someone tell me how I can go about making a UEFI root kit to infect OPs computer?

>>105800770
>Your ME is infected.
is that even likely for non-state actor malware

https://en.m.wikipedia.org/wiki/Rootkit#bootkit

You guys don't remember this thread from 4 months ago? Op posts this thread every once in awhile, or its
<tfw 8gb ram bait.
Also, anyone entertaining this, has passed over the >>105796893 which confirms schizo.

/thread

>>105804783
This is the same guy who is hacking me trying to make me look crazy.

>>105800393
Aww. Takes me back.

How long have you been experiencing issues with surveillance OP? Is this infection the first time, or have you experienced things like this in the past?

i wouldn't worry about it

>>105796841
how about you change the battery in your CQ2 alarm