Processors
Processors (Intel® Core™, Intel® Xeon®, etc); processor utilities and programs (Intel® Processor Identification Utility, Intel® Extreme Tuning Utility, Intel® Easy Streaming Wizard, etc.)
Announcements
The Intel sign-in experience is changing in February to support enhanced security controls. If you sign in, click here for more information.
12775 Discussions

Need help identifying bug that is broadcasting from 'Intelcor_' and then taking over my computer

M1904trading
Beginner
432 Views

Hi,

I'll keep this relatively laconic as I'm finding this topic is off-putting when I go into detail. But, I believe I've got a pretty either extremely expensive, if not extremely complex bug I'm dealing with.

How this is relevant to this forum is that It broadcasts from 'Intelcor_xx:xx:x' on my network before hijacking my internet from me.

This same bug seems to be operating from a VM, breaks the TPM, and then either already has, or somehow takes the secure boot keys, and then proceeds to essentially mesh itself into my digital identity. At current it has disabled Safing's Portmaster, Wireshark, and even my wifi hardware and ethernet ports. It's incredibly unsettling. This is all from the perspective of someone who has had to learn these intricacies over the past several weeks. I am wholly out of my depth.

I'm on a work machine currently so can not upload collateral with this original post. But will be able to shortly after. I only have screenshots currently as the USB is at home.

My pertinent question is about the broadcast though. Why would 'Intelcor_' pop up on Wireshark as the last ARP broadcast before I'm forcefully taken offline?

Set up:

Intel Core i9 12900k
MSI Z690 Unify 
Corsair Vengeance 5600mhz DDR5 Ram x32gb (2x16)
EVGA Nvidia 3060 TI
EVGA Nvidia 2060 KO Ultra
EVGA P3 850 Platinum power supply.
Crucial P5 1tb NVMe drive
Western Digital Black 500gb NVMe x2
TeamGroup Cardera 1tb NVMe
Samsung 512gb NVMe
Crucial BX500 1tb SSD x2
Seagate 8tb HDD
Western Digital Blue 1tb SSD
I run this as a workstation with five monitors. Let me know if I need to go in depth about the peripherals as well. 
 
Thanks in advance,
Andrew

0 Kudos
1 Reply
n_scott_pearson
Super User Retired Employee
373 Views

This mess sounds more like a virus (malware) attack.
...S

Reply