Intel® Processors, Tools, and Utilities
14802 Discussions

Need help identifying bug that is broadcasting from 'Intelcor_' and then taking over my computer



I'll keep this relatively laconic as I'm finding this topic is off-putting when I go into detail. But, I believe I've got a pretty either extremely expensive, if not extremely complex bug I'm dealing with.

How this is relevant to this forum is that It broadcasts from 'Intelcor_xx:xx:x' on my network before hijacking my internet from me.

This same bug seems to be operating from a VM, breaks the TPM, and then either already has, or somehow takes the secure boot keys, and then proceeds to essentially mesh itself into my digital identity. At current it has disabled Safing's Portmaster, Wireshark, and even my wifi hardware and ethernet ports. It's incredibly unsettling. This is all from the perspective of someone who has had to learn these intricacies over the past several weeks. I am wholly out of my depth.

I'm on a work machine currently so can not upload collateral with this original post. But will be able to shortly after. I only have screenshots currently as the USB is at home.

My pertinent question is about the broadcast though. Why would 'Intelcor_' pop up on Wireshark as the last ARP broadcast before I'm forcefully taken offline?

Set up:

Intel Core i9 12900k
MSI Z690 Unify 
Corsair Vengeance 5600mhz DDR5 Ram x32gb (2x16)
EVGA Nvidia 3060 TI
EVGA Nvidia 2060 KO Ultra
EVGA P3 850 Platinum power supply.
Crucial P5 1tb NVMe drive
Western Digital Black 500gb NVMe x2
TeamGroup Cardera 1tb NVMe
Samsung 512gb NVMe
Crucial BX500 1tb SSD x2
Seagate 8tb HDD
Western Digital Blue 1tb SSD
I run this as a workstation with five monitors. Let me know if I need to go in depth about the peripherals as well. 
Thanks in advance,

0 Kudos
1 Reply
Super User

This mess sounds more like a virus (malware) attack.

0 Kudos