www.bleepingcomputer.com
Open in
urlscan Pro
104.20.59.209
Public Scan
Submitted URL: https://www.bleepingcomputer.com/forums/t/764675/bootkit-on-asus-laptop/#entry5293553
Effective URL: https://www.bleepingcomputer.com/forums/t/764675/bootkit-on-asus-laptop/
Submission: On December 13 via api from US — Scanned from DE
Effective URL: https://www.bleepingcomputer.com/forums/t/764675/bootkit-on-asus-laptop/
Submission: On December 13 via api from US — Scanned from DE
Form analysis 3 forms found in the DOM
POST https://www.bleepingcomputer.com/forums/index.php?app=core&module=search&do=search&fromMainBar=1
<form action="https://www.bleepingcomputer.com/forums/index.php?app=core&module=search&do=search&fromMainBar=1" method="post" id="search-box">
<fieldset>
<label for="main_search" class="hide">Search</label>
<a href="https://www.bleepingcomputer.com/forums/index.php?app=core&module=search&search_in=forums" title="Advanced Search" accesskey="4" rel="search" id="adv_search" class="right">Advanced</a>
<span id="search_wrap" class="right">
<input type="text" id="main_search" name="search_term" class="" size="17" tabindex="100" placeholder="Search...">
<span class="choice ipbmenu clickable" id="search_options" style="">This topic</span>
<ul id="search_options_menucontent" class="ipbmenu_content ipsPad" style="display: none; position: absolute; z-index: 9999;">
<li class="title" style="z-index: 10000;"><strong style="z-index: 10000;">Search section:</strong></li>
<li class="special" style="z-index: 10000;">
<label for="s_topic" title="This topic" style="z-index: 10000;">
<input type="radio" name="search_app" value="forums:topic:764675" class="input_radio" id="s_topic" checked="checked" style="z-index: 10000;"><strong style="z-index: 10000;">This topic</strong>
</label>
</li>
<li class="app" style="z-index: 10000;"><label for="s_forums" title="Forums" style="z-index: 10000;"><input type="radio" name="search_app" class="input_radio" id="s_forums" value="forums" style="z-index: 10000;">Forums</label></li>
<li class="app" style="z-index: 10000;"><label for="s_members" title="Members" style="z-index: 10000;"><input type="radio" name="search_app" class="input_radio" id="s_members" value="members" style="z-index: 10000;">Members</label></li>
<li class="app" style="z-index: 10000;"><label for="s_core" title="Help Files" style="z-index: 10000;"><input type="radio" name="search_app" class="input_radio" id="s_core" value="core" style="z-index: 10000;">Help Files</label></li>
<li class="app" style="z-index: 10000;">
<label for="s_calendar" title="Calendar" style="z-index: 10000;">
<input type="radio" name="search_app" class="input_radio" id="s_calendar" value="calendar" style="z-index: 10000;">Calendar </label>
</li>
</ul>
<input aria-label="Search the forum" type="submit" class="submit_input clickable" value="">
</span>
</fieldset>
</form>POST https://www.bleepingcomputer.com/forums/index.php?
<form id="modform" method="post" action="https://www.bleepingcomputer.com/forums/index.php?">
<input type="hidden" name="app" value="forums">
<input type="hidden" name="module" value="moderate">
<input type="hidden" name="section" value="moderate">
<input type="hidden" name="do" value="postchoice">
<input type="hidden" name="f" value="22">
<input type="hidden" name="t" value="764675">
<input type="hidden" name="auth_key" value="880ea6a14ea49e853634fbdc5015a024">
<input type="hidden" name="st" value="">
<input type="hidden" name="page" value="">
<input type="hidden" value="" name="selectedpidsJS" id="selectedpidsJS">
<input type="hidden" name="tact" id="tact" value="">
</form>POST https://www.bleepingcomputer.com/forums/index.php?app=core&module=global§ion=login&do=process
<form action="https://www.bleepingcomputer.com/forums/index.php?app=core&module=global&section=login&do=process" method="post" id="login">
<input type="hidden" name="auth_key" value="880ea6a14ea49e853634fbdc5015a024">
<input type="hidden" name="referer" value="https://www.bleepingcomputer.com/forums/t/764675/bootkit-on-asus-laptop/">
<h3>Sign In</h3>
<div class="ipsBox_notice">
<ul class="ipsList_inline">
<li>
<a href="https://www.bleepingcomputer.com/forums/index.php?app=core&module=global&section=login&serviceClick=twitter" class="ipsButton_secondary"><img src="https://www.bleepingcomputer.com/forums/public/style_images/master/loginmethods/twitter.png" alt="Twitter"> Use Twitter</a>
</li>
</ul>
</div>
<br>
<div class="ipsForm ipsForm_horizontal">
<fieldset>
<ul>
<li class="ipsField">
<div class="ipsField_content"> Need an account? <a href="https://www.bleepingcomputer.com/forums/index.php?app=core&module=global&section=register" title="Register now!">Register now!</a>
</div>
</li>
<li class="ipsField ipsField_primary">
<label for="ips_username" class="ipsField_title">Username</label>
<div class="ipsField_content">
<input id="ips_username" type="text" class="input_text" name="ips_username" size="30" tabindex="0">
</div>
</li>
<li class="ipsField ipsField_primary">
<label for="ips_password" class="ipsField_title">Forum Password</label>
<div class="ipsField_content">
<input id="ips_password" type="password" class="input_text" name="ips_password" size="30" tabindex="0"><br>
<a href="https://www.bleepingcomputer.com/forums/index.php?app=core&module=global&section=lostpass" title="Retrieve password">I've forgotten my password</a>
</div>
</li>
<li class="ipsField ipsField_checkbox">
<input type="checkbox" id="inline_remember" checked="checked" name="rememberMe" value="1" class="input_check" tabindex="0">
<div class="ipsField_content">
<label for="inline_remember">
<strong>Remember me</strong><br>
<span class="desc lighter">This is not recommended for shared computers</span>
</label>
</div>
</li>
<li class="ipsField ipsField_checkbox">
<input type="checkbox" id="inline_invisible" name="anonymous" value="1" class="input_check" tabindex="0">
<div class="ipsField_content">
<label for="inline_invisible">
<strong>Sign in anonymously</strong><br>
<span class="desc lighter">Don't add me to the active users list</span>
</label>
</div>
</li>
<li class="ipsPad_top ipsForm_center desc ipsType_smaller">
<a rel="nofollow" href="https://www.bleepingcomputer.com/forums/privacypolicy/">Privacy Policy</a>
</li>
</ul>
</fieldset>
<div class="ipsForm_submit ipsForm_center">
<input type="submit" class="ipsButton" value="Sign In" tabindex="0">
</div>
</div>
</form>Text Content
WE VALUE YOUR PRIVACY We and our partners store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning. You may click to consent to our and our partners’ processing as described above. Alternatively you may access more detailed information and change your preferences before consenting or to refuse consenting. Please note that some processing of your personal data may not require your consent, but you have a right to object to such processing. Your preferences will apply to this website only. You can change your preferences at any time by returning to this site or visit our privacy policy. MORE OPTIONSAGREE * Sign In * Create Account Search Advanced This topic * Search section: * This topic * Forums * Members * Help Files * Calendar * * View New Content * Forum Rules * BleepingComputer.com * Forums * Members * Tutorials * Startup List * Virus Removal * Downloads * Uninstall List * Welcome Guide * More 1. BleepingComputer.com 2. → Security 3. → Virus, Trojan, Spyware, and Malware Removal Help Javascript Disabled Detected You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality. Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Click here to Register a free account now! or read our Welcome Guide to learn how to use this site. Latest News: Ukraine arrests 51 for selling data of 300 million people in US, EU Featured Deal: Grab this VPN-protected Netgear privacy router at $54 off MSRP today BOOTKIT ON ASUS LAPTOP Started by rmisamit , Dec 05 2021 04:17 PM * This topic is locked 4 replies to this topic #1 RMISAMIT rmisamit * * Members * 2 posts * OFFLINE * Local time:08:41 PM Posted 05 December 2021 - 04:17 PM Hi I have been affected on bootkit/rootkit on my Windows laptop. I have tried system reset/reinstall/clean install/ Bios Update with EZ-Flash utility None of this works. Each time after a fresh install My system shows weird shortcuts in C when Hide OS files is disabled from view option. Various Net adapters show up in Devmgmt.msc Can this rootkit spread through Network as there is another asus laptop(my sis) on the network and few android phones. My phone also seems forked. What are these Network adapters and what about MS Root enum? Please find FRST logs as advised on other threads. ATTACHED FILES * FRST.txt 27.38KB 3 downloads * Addition.txt 15.9KB 3 downloads * devmgmt.jpg 52.64KB 0 downloads * AdwCleanerS00.txt 1.39KB 3 downloads * MBAM.txt 1.2KB 3 downloads * Screenshot 2021-12-06 024550.jpg 77.44KB 0 downloads * Back to top -------------------------------------------------------------------------------- BC ADBOT (LOGIN TO REMOVE) * * BleepingComputer.com * * Register to remove ads PLAY Top Articles Video Settings Full Screen About Connatix V142311 Read More Read More Read More Read More Read More Read More Ukraine arrests 51 for selling data of 300 millionpeople in US, EU 1/1 Skip Ad Continue watching after the ad Visit Advertiser website GO TO PAGE -------------------------------------------------------------------------------- #2 RMISAMIT rmisamit * Topic Starter * * Members * 2 posts * OFFLINE * Local time:08:41 PM Posted 05 December 2021 - 04:21 PM Why do I have a domain firewall if this is a personal computer? and I have attached Firewall config and Exploit protection settings in Zip. ATTACHED FILES * Firewall config and Exploit protection.zip 28.06KB 1 downloads * Back to top -------------------------------------------------------------------------------- #3 OH MY! Oh My! Adware and Spyware and Malware * * Malware Response Instructor * 48,569 posts * ONLINE * Gender:Male * Location:California * Local time:07:11 AM Posted 08 December 2021 - 09:05 AM Greetings rmisamit and to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum. My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary. If you would allow me to call you by your first name I would prefer to do that. =================================================== Ground Rules: * First, please keep in mind most of us at BleepingComputer volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us. * It is important to not run any tools or take any steps other than those I will provide for you. * Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know. * Please copy and paste all logs into your post unless otherwise requested. * When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections. * If you do not reply to your topic after 5 days I will assume it has been abandoned and I will close it. =================================================== Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and let me know. My purpose here will be to look for malware on your system and will not include addressing every issue or question you may have. In other words, if I determine your computer is clean it will be up to you to educate yourself about "strange" things your eyes may set upon as you dig into your system. Not recongnizing something or thinking it may be odd does not make it malware. Please run a new FRST scan and copy/paste both reports in your reply using multiple posts if necessary. Gary "Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God." The story * Back to top -------------------------------------------------------------------------------- #4 OH MY! Oh My! Adware and Spyware and Malware * * Malware Response Instructor * 48,569 posts * ONLINE * Gender:Male * Location:California * Local time:07:11 AM Posted 11 December 2021 - 08:37 AM Greetings, =================================================== Do You Still Need Help? It has been 3 days since my last post. * Do you still need help with this? * If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed. Gary "Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God." The story * Back to top -------------------------------------------------------------------------------- #5 OH MY! Oh My! Adware and Spyware and Malware * * Malware Response Instructor * 48,569 posts * ONLINE * Gender:Male * Location:California * Local time:07:11 AM Posted Today, 10:10 AM Due to the lack of feedback, this topic is now closed. In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you. Gary "Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God." The story * Back to top -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- Back to Virus, Trojan, Spyware, and Malware Removal Help * * * * * * * * * * 0 USER(S) ARE READING THIS TOPIC 0 members, 0 guests, 0 anonymous users Reply to quoted posts Clear 1. BleepingComputer.com 2. → Security 3. → Virus, Trojan, Spyware, and Malware Removal Help 4. Privacy Policy 5. Rules · * * Help Advertise | About Us | Terms of Use | Privacy Policy | Sitemap | Chat | RSS Feeds | Contact Us Tech Support Forums | Virus Removal Guides | Downloads | Tutorials | The Computer Glossary | Uninstall List | Startups | The File Database © 2004-2021 All Rights Reserved Bleeping Computer LLC . Site Changelog Community Forum Software by IP.Board SIGN IN * Use Twitter * Need an account? Register now! * Username * Forum Password I've forgotten my password * Remember me This is not recommended for shared computers * Sign in anonymously Don't add me to the active users list * Privacy Policy