Featured Post

Best places to buy Kaspersky Anti-Virus in 2020 - Android Central

Best places to buy Kaspersky Anti-Virus in 2020 - Android CentralBest places to buy Kaspersky Anti-Virus in 2020 - Android CentralAntivirus Software Market Pin-Point Analyses of Industry Competition Dynamics to Offer You a Competitive Edge - 3rd Watch NewsAntivirus Software Market Research with Covid-19 after Effects - Apsters NewsAntivirus Software Market Scope by Trends, Opportunities to Expand Significantly by 2026 - Jewish Life NewsBest places to buy Kaspersky Anti-Virus in 2020 - Android CentralPosted: 28 Apr 2020 12:00 AM PDTKaspersky Anti-Virus is one of the best computer protection programs around, and has been thoroughly tested by several third-party labs and in our own in-house tests, too. The best place to purchase a copy of Kaspersky Anti-Virus is from Kaspersky itself. However, you can often find deals through other vendors. The trick is finding a trustworthy one, so you don't accidentally purchase and download malware instead of a legitimate copy of Kaspersky. Here a…

Very concerned I have a LoJax style UEFI Boot/Rootkit Issue - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Hi all,

I have been fighting for the last 2 weeks trying to get around a major security issue I have.

It started when my Windows 10 install seemed to become corrupted. After that things got worse and worse.

My main PC wouldn't boot, and the windows recovery couldn't help at all (mainly because I have found out its a fake version of the recovery enviroment provided by the virus / bootkit / rootkit), and it just destroyed my installation further.

My main machine no-longer recognises my main boot HDD.  I cannot boot into windows 10.

It seems that the bootkit takes control even before entering the BIOS. I have flashed the Dual BIOS 3 times to no avail.

Trying to boot up rescue CD's is useless as the main HDD isn't recognised, and even if they do boot up they are in Linux mode (seems to be controlled by the bootkit). Although..... I did manage to hotplug my HDD half way through booting Bitdefender's rescue CD and it somehow recognised it - I ran a scan and it found trojans and removed them - but the virus definitions are out of date as I cannot get online to update them.

The virus seems to control every single element of the machine as soon as I press the power on switch.

I looked in the BIOS tools on Hiren's boot cd (I can only seem to get boot Cd's to load when using legacy mode and not UEFI mode - probably so that I cannot see the HDD and try to clean them using these tools) and it mentioned a plug and play BIOS being in use.

Everything is locked down if I boot using the Linux tool Parted Magic (I think?) from Hiren's CD - root is controlling everything. I have tried to change permissions but no-matter what I try root is king.

I've tried running virus scans in linux but most of the files are protected by root and cannot be scanned.

If I boot into mini windows XP the dreaded X: drive appears. It seems that rescue CD's are somewhat being controlled by this virus too. The owner of all files is LSASETUPDOMAIN ADMIN, and I noticed before my windows 10 install died that a load of registry entries had been setup for new users {S0-xxxxxxx etc.

I have no internet - I'm using a close family member's PC to write this.

It looks like a whole set of drivers and virtualised networks have been setup - intel bridge adapters and NIC's i've never seen have been setup. Mac address 00:00:00:00:00:00 is the main culprit and the host files have a redirect from to localhost as a loopback. In Linix the connected IP list shows listening to a shed load of ports (869,39726,6000,22,23,47064). Mask and broadcast address has these ports open - 7 echo, 13 daytime, 22 ssh, 23 telnet, 37 time, 111 rcpbind, 6000 x11.

The routing table in my sky router shows:

destination                                                          mask                     gateway                                                                          46.xxxxxxx.1




(same ip as gateway above but 0 on end)                                               

224.xxxxxxx                                                        224.xxxxxxxxx

My router IP is

Everything is locked down and I have very little control.

It has spread to two Windows 10 laptops doing the exact same thing. And worryingly the IP address is showing on my iphone as a discoverable network - it's been acting very strange and I'm worried it may have a jailbroken iOS installed on it via this whole virus hell which is within our home network. My iphone has these ports open after scanning localhost with Fing 1080 socks, 1083 anasoft licence manager, 8021 ftp-proxy.

PLEASE PLEASE can someone help. I have no idea what to do from here. Is it time for a new motherboard? Can this virus exist in the firmware of other PCI devices too? I'm so lost I have no idea what to do.

I will provide anything you need (providing I can actually get it due to the whole system lockdown!)

Many thanks in advance for anyone who can try and help me.


Edited by jpmad4it, Today, 04:57 AM.



Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US